A majority of IT teams use Virtual Private Network (VPN) connections as a method to grant remote users access to corporate resources from outside the company’s network. A VPN connection provides employees flexibility by allowing them to work on the go and helps to increase productivity.
Since VPN connections are fully encrypted, they are secure and therefore their content is not always inspected. However, VPN offers an entry point for attackers to use existing credentials and remotely connect into a corporate network. With the release of version 1.8, Advanced Threat Analytics (ATA) now detects when and where credentials are being used via VPN and integrates that data into your investigation. Capturing and analyzing the origin of VPN connections increases your chances of identifying where and how attackers are leveraging stolen credentials in your network.
With this release, the network user’s profile page now includes information from VPN connections, such as the IP addresses and locations from where these connections originate:
Read more at Source - https://cloudblogs.microsoft.com/enterprisemobility/2018/01/04/why-its-important-to-integrate-your-vpn-with-microsoft-advanced-threat-analytics/
0 comments:
Post a Comment