What is Advanced Threat Analytics?

Padlock and cybersecurity graphic

Security has become a key topic for CIO’s and IT directors and recent publicised security breaches, such as the Ashley Maddison hack, have upped the ante. While security has firmly been an IT issue in the past, it has now become a business-wide issue.

Organisations are now having to protect themselves against the growing regularity and severity of threats, which could ultimately cause a loss of customers and damage organisation reputation.

Many organisations fear the potential of a strategic external security breach but internal controls and user issues, such as weak passwords, are often overlooked and these can often make up a large proportion of the security threats.

Advanced Threat Analytics

In 2014, Microsoft acquired a business called Aorato and built upon its security technology to release Advanced Threat Analytics (ATA). ATA is built to improve threat detection and help identify any potential threats as early as possible to help build a stronger defence against cyber security threats. ATA works by gaining a clear image of your typical network activities and then uses machine learning and analysis to quickly spot any anomalies or weaknesses, which helps to overcome and limit any potential issues caused by users.

What does it do?

Evaluate: Once installed, ATA uses deep packet inspection technology to analyse your network

Learn: ATA then automatically starts profiling the behaviour of users and devices to produce an Organisational Security Graph, which is used as a baseline reference and continually evolves through machine learning.

Discover: ATA will then constantly run on your network in the background looking for any suspicious or abnormal behaviour.

Alert: If anything is ever detected then ATA alerts administrators and produces an attack timeline with recommendations and a simple report to help IT staff pinpoint the threat and act quickly.


  • Quicker threat detection with behavioural analysis
  • 24/7 threat detection that is always running
  • Continually adapt to threats through machine learning
  • Only alerts administrators when required
  • Provides clear and simple-to-understand reports
  • Provides recommendations for next steps


ATA is available through Microsoft volume licensing so you will need to speak to a Microsoft licensing specialist, such as ourselves, to advise on the best licensing option and price for your organisation.

For more information about Microsoft Advanced Threat Analytics you can visit the website here, or we would recommend the TechNet library for more technical information and detail here.

About us

We are Microsoft Gold Partners and have been since 2007. We specialise in Microsoft technology and help our clients gain the most robust yet cost effective solutions through our Microsoft licensing expertise: contact us today to see how we can help you.

Join our Mailing List

Receive our latest technology news and updates straight to your inbox once a month. We will not share your data and you may unsubscribe at any time.