XcellSecure SM | Azure Advanced Threat Protection

Detect & Investigate Advanced attacks on-premises & in the Cloud
Identify suspicious user & device with both known-technique detection & behavioral analytics

Buy Now Schedule Demo Take Tour Play Video
MicrosoftTeams-image (57)

Azure Advanced Threat Protection

Detect and investigate advanced attacks on-premises and in the cloud

Get real-time security at enterprise scale

With Azure Advanced Threat Protection, the power and scale of the cloud help you safeguard against threats which are increasing in frequency, severity and sophistication. Detect and investigate security incidents across your enterprise with a cloud-based security solution that supports the most demanding security analytics workloads.

Stay focused on what is
important

Get a clear, efficient and convenient feed that surfaces the right issues on a simple attack timeline. Gain powerful perspective on what is happening throughout your enterprise and get detailed information for next steps. Pivot to Windows Defender Advanced Threat Protection to remediate malicious attacks.

Detect threats
quickly

zure Advanced Threat Protection monitors user, device and resource behaviours and detects anomalies right away. Using built-in adaptive intelligence, you gain fast insight into advanced threats both on-premises and in the cloud.>

Key Features

Identify suspicious user and device activity with both known-technique detection and behavioural analytics
View clear attack information on a simple timeline for fast triage
Analyse threat intelligence from the cloud and on-premises
Monitor multiple entry points through integration with Windows Defender Advanced Threat Protection
Protect user identities and credentials stored in Active Directory

Key Benefits

Azure ATP components

Azure ATP consists of the following components:

1. Azure ATP portal

The Azure ATP portal allows creation of your Azure ATP instance, displays the data received from Azure ATP sensors, and enables you to monitor, manage, and investigate threats in your network environment.

2. Azure ATP sensor

Azure ATP sensors are installed directly on your domain controllers. The sensor directly monitors domain controller traffic, without the need for a dedicated server, or configuration of port mirroring.

3. Azure ATP cloud service

Azure ATP cloud service runs on Azure infrastructure and is currently deployed in the US, Europe, and Asia. Azure ATP cloud service is connected to Microsoft's intelligent security graph.

This section describes how the flow of Azure ATP's network and event capturing works, and drills down to describe the functionality of the main components: the Azure ATP portal, Azure ATP sensor, and Azure ATP cloud service.

Installed directly on your domain controllers, the Azure ATP sensor accesses the event logs it requires directly from the domain controller. After the logs and network traffic are parsed by the sensor, Azure ATP sends only the parsed information to the Azure ATP cloud service (only a percentage of the logs are sent).

AZURE ATP Architecture

architeture-Azure-ATp

Why Trust Azure Advanced Threat Protection

  • Microsoft invests more than USD 1 billion annually on cybersecurity research and development.
  • We employ more than 3,500 security experts completely dedicated to your data security and privacy.
  • Azure has compliance certifications than any other cloud provider. View the comprehensive list.
talk to our cloud expert

Azure Advanced Threat Protection - WHAT OUR CUSTOMERS HAVE TO SAY?

Most powerful portal to manage SIEM data. Great for log processing and graphical representation of lateral movement of the environment.

-Aadi Acharya

Email is one of the most pervasive and powerful forms of communication in today's working environment - we rely heavily on emails to do business and to communicate with colleagues, collaborators, and customers.

-Fiyaz Babu

ATP helps me to be safe from all above problems. It completely scans email and web files which I like most. It also protect from scams and fishing. It's installation cost is cheap also.

- Ekbal Arya

FREQUENTLY ASKED QUESTIONS

Microsoft Defender for Identity (formerly Azure Advanced Threat Protection, also known as Azure ATP) is a cloud-based security solution that leverages your on-premises Active Directory signals to identify, detect, and investigate advanced threats, compromised identities, and malicious insider actions directed at your organization.

Defender for Identity enables SecOp analysts and security professionals struggling to detect advanced attacks in hybrid environments to:

  • Monitor users, entity behavior, and activities with learning-based analytics
  • Protect user identities and credentials stored in Active Directory
  • Identify and investigate suspicious user activities and advanced attacks throughout the kill chain
  • Provide clear incident information on a simple timeline for fast triage

Advanced threat protection (ATP) refers to a category of security solutions that defend against sophisticated malware or hacking-based attacks targeting sensitive data. Advanced threat protection solutions can be available as software or as managed services.

DDoS Protection Standard is natively integrated into the Azure platform and includes configuration through the Azure portal and PowerShell when you create a DDoS Protection Plan and enable DDoS Standard on a virtual network.

Azure Firewall is a managed, cloud-based network security service that protects your Azure Virtual Network resources. It's a fully stateful firewall as a service with built-in high availability and unrestricted cloud scalability. ... The service is fully integrated with Azure Monitor for logging and analytics.

Azure Advanced Threat Protection can be found in the Admin centers section of the main Office 365 admin portal, or by visiting portal.atp.azure.com.

Microsoft Threat Protection (MTP) is an integrated, cross-domain threat detection and response solution. It provides organizations with the ability to prevent, detect, investigate. and remediate sophisticated cross-domain attacks within their Microsoft 365 environments.

AZURE ADVANCED THREAT PROTECTION RESOURCES

Web Hosting

Shared Web Hosting

Shared hosting is a type of web hosting where a single physical server hosts multiple sites. Many users utilize the resources on a single server, which keeps the costs low. Users each get a section of a server in which they can host their website files.

GPU cloud-1

GPU Cloud

The cloud built for Machine Learning. Super powerful GPU-backed VMs in the cloud. The easiest way to get started with Machine Learning, Artificial Intelligence

Dedicated GPU Cloud

Dedicated GPU Cloud

Accelerate your machine learning and deep learning workloads with Tesla V100 and Nvidia T4 based GPU instances.