I don't think many people here speak or understand German.
http://www.microsoft.com/en-us/evalcenter/evaluate-microsoft-advanced-threat-analytics
This is more focused on companies than home users since you need a domain controller:
Microsoft Advanced Threat Analytics (ATA) provides a simple and fast way to understand what is happening within your network by identifying suspicious users and device activity with built-in intelligence and providing clear and relevant threat information on a simple attack timeline.
Microsoft Advanced Threat Analytics detects:
- Abnormal behavior:
- Behavioral Analytics leverages Machine Learning to uncover questionable activities and abnormal behavior.
- Malicious attacks:
- Diagnostic engine detects known attacks almost as instantly as they occur.
- Security issues and risks:
- Leveraging world-class security researchers’ work, ATA identifies known security issues and risks.
How it works
ATA leverages deep packet inspection technology, as well as information from additional data-sources (SIEM and Active Directory), to build an organizational security graph and detect advanced attacks in near real time.
The diagnostic engine continuously learns the behavior of organizational entities (users, devices, and resources) and adjusts itself to reflect the changes in your rapidly-evolving enterprise. As the attacker tactics get more sophisticated, Microsoft Advanced Threat Analytics helps you to keep up with continuously-learning behavioral analytics.
After detection, Microsoft Advanced Threat Analytics provides clear and relevant information on a simple attack timeline, so you can reduce the noise and focus on what is important fast. Attack timeline not only gives you the power of perspective on the “who, what, when, and how” of your enterprise, but also recommendations for investigation and remediation.
