User behavior analytics: Difference between revisions
Reverted 1 edit by Skhanna786 (talk): Rv COI / citespam |
Levismells (talk | contribs) i just added some things Tags: Reverted Visual edit Newcomer task Newcomer task: copyedit |
||
| Line 1: | Line 1: | ||
User and entity behavior analytics (UEBA), also known as user behavior analytics (UBA), is '''the process of gathering insight into the network events that users generate every day'''. Once collected and analyzed, it can be used to detect the use of compromised credentials , lateral movement, and other malicious behavior.{{Advert|date=April 2021}} |
|||
{{Advert|date=April 2021}} |
|||
'''User behavior analytics''' ('''UBA''') is a [[cybersecurity]] process about [[threat detection|detection of insider threats]], targeted attacks, and [[financial fraud]] that tracks a system's users. UBA looks at patterns of [[human behavior]], and then analyzes them to detect anomalies that indicate potential threats.<ref>[https://www.gartner.com/doc/2831117/market-guide-user-behavior-analytics Market Guide for User Behavior Analytics<!-- Bot generated title -->]</ref><ref>[http://searchsecurity.techtarget.com/feature/The-hunt-for-data-analytics-Is-your-SIEM-on-the-endangered-list The hunt for data analytics: Is your SIEM on the endangered list?<!-- Bot generated title -->]</ref> [[Big data]] platforms like [[Apache Hadoop]] are increasing UBA functionality by allowing them to analyze [[petabyte]]s worth of data to detect [[insider threat]]s and [[advanced persistent threat]]s.<ref>{{Cite journal|last=Ahlm|first=Eric|last2=Litan|first2=Avivah|date=26 April 2016|title=Market Trends: User and Entity Behavior Analytics Expand Their Market Reach|url=https://www.gartner.com/doc/reprints?id=1-370BP2V&ct=160518&st=sb|journal=Gartner|access-date=15 July 2016}}</ref><ref>{{Cite web|url=http://www.cloudera.com/solutions/cybersecurity.html|title=Cybersecurity at petabyte scale|access-date=15 July 2016}}</ref> |
'''User behavior analytics''' ('''UBA''') is a [[cybersecurity]] process about [[threat detection|detection of insider threats]], targeted attacks, and [[financial fraud]] that tracks a system's users. UBA looks at patterns of [[human behavior]], and then analyzes them to detect anomalies that indicate potential threats.<ref>[https://www.gartner.com/doc/2831117/market-guide-user-behavior-analytics Market Guide for User Behavior Analytics<!-- Bot generated title -->]</ref><ref>[http://searchsecurity.techtarget.com/feature/The-hunt-for-data-analytics-Is-your-SIEM-on-the-endangered-list The hunt for data analytics: Is your SIEM on the endangered list?<!-- Bot generated title -->]</ref> [[Big data]] platforms like [[Apache Hadoop]] are increasing UBA functionality by allowing them to analyze [[petabyte]]s worth of data to detect [[insider threat]]s and [[advanced persistent threat]]s.<ref>{{Cite journal|last=Ahlm|first=Eric|last2=Litan|first2=Avivah|date=26 April 2016|title=Market Trends: User and Entity Behavior Analytics Expand Their Market Reach|url=https://www.gartner.com/doc/reprints?id=1-370BP2V&ct=160518&st=sb|journal=Gartner|access-date=15 July 2016}}</ref><ref>{{Cite web|url=http://www.cloudera.com/solutions/cybersecurity.html|title=Cybersecurity at petabyte scale|access-date=15 July 2016}}</ref> |
||
Revision as of 16:55, 4 April 2022
User and entity behavior analytics (UEBA), also known as user behavior analytics (UBA), is the process of gathering insight into the network events that users generate every day. Once collected and analyzed, it can be used to detect the use of compromised credentials , lateral movement, and other malicious behavior.
 | This article contains promotional content. (April 2021) |
User behavior analytics (UBA) is a cybersecurity process about detection of insider threats, targeted attacks, and financial fraud that tracks a system's users. UBA looks at patterns of human behavior, and then analyzes them to detect anomalies that indicate potential threats.[1][2] Big data platforms like Apache Hadoop are increasing UBA functionality by allowing them to analyze petabytes worth of data to detect insider threats and advanced persistent threats.[3][4]
Purpose
UBA's purpose, according to Johna Till Johnson of Nemertes Research, is that "Security systems provide so much information that it's tough to uncover information that truly indicates a potential for real attack. Analytics tools help make sense of the vast amount of data that SIEM, IDS/IPS, system logs, and other tools gather. UBA tools use a specialized type of security analytics that focuses on the behavior of systems and the people using them. UBA technology first evolved in the field of marketing, to help companies understand and predict consumer-buying patterns. But as it turns out, UBA can be extraordinarily useful in the security context too."[5]
See also
References
- ^ Market Guide for User Behavior Analytics
- ^ The hunt for data analytics: Is your SIEM on the endangered list?
- ^ Ahlm, Eric; Litan, Avivah (26 April 2016). "Market Trends: User and Entity Behavior Analytics Expand Their Market Reach". Gartner. Retrieved 15 July 2016.
- ^ "Cybersecurity at petabyte scale". Retrieved 15 July 2016.
- ^ User behavioral analytics tools can thwart security attacks