Jump to content

User behavior analytics

From Wikipedia, the free encyclopedia

This is an old revision of this page, as edited by Bibamad (talk | contribs) at 15:22, 5 May 2023 (Difference with EDR). The present address (URL) is a permanent link to this revision, which may differ significantly from the current revision.

User behavior analytics (UBA) or User and Entity Behavior Analytics (UEBA),[1] is the concept of analyzing the behavior of users, subjects, visitors, etc. for a specific purpose[2]. Il allows cybersecurity tools to build a profil of each individual's normal activity, by looking at patterns of human behavior, and then highlighting deviations from that profile (or anomalies) that may indicate a potential compromise.[3][4][5]

Purpose of UBA

The purpose of UBA According to Johna Till Johnson from Nemertes Research, Security systems provide so much information that it's tough to uncover information that truly indicates a potential for a real attack. Analytics tools help make sense of the vast amount of data that SIEM, IDS/IPS, system logs, and other tools gather. UBA tools use a specialized type of security analytics that focuses on the behavior of systems and the people using them. UBA technology first evolved in the field of marketing, to help companies understand and predict consumer-buying patterns. But as it turns out, UBA can be extraordinarily useful in the security context too."[6]

Distinction between UBA and UEBA

The term UEBA was coined by Gartner in 2015. UEBA goes beyond analyzing only user behavior data it also combines user behavior data with behavior data from entities. UEBA tracks the activity of devices, applications, servers and data. EBA systems produce more data and provide more complex reporting options than UBA systems.[1]

Difference with EDR

UEBA Tools differ from Endpoint detection and response (EDR) capabilities in that UEBA is an analytic focus on the user whereas EDR has an analytic focus on the endpoint.[3]

See also

References

  1. ^ a b "What is User (and Entity) Behavior Analytics (UBA or UEBA)?". Security. Retrieved 2023-05-05.
  2. ^ Mike Chapple, James Michael Stewart, Darril Gibson (June 2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (9th ed.). Wiley. p. 49. ISBN 978-1-119-78623-8.{{cite book}}: CS1 maint: multiple names: authors list (link) CS1 maint: year (link)
  3. ^ a b Mike Chapple, James Michael Stewart, Darril Gibson (June 2021). (ISC)2 CISSP Certified Information Systems Security Professional Official Study Guide (9th ed.). Wiley. p. 1009. ISBN 978-1-119-78623-8.{{cite book}}: CS1 maint: multiple names: authors list (link) CS1 maint: year (link)
  4. ^ Market Guide for User Behavior Analytics
  5. ^ The hunt for data analytics: Is your SIEM on the endangered list?
  6. ^ User behavioral analytics tools can thwart security attacks
Retrieved from "https://en.wikipedia.org/enwiki/w/index.php?title=User_behavior_analytics&oldid=1153319236"