Access your Pro+ Content below.
The tug of war between user behavior analysis and SIEM
This article is part of the Information Security magazine issue of December 2017, Vol. 19, No. 10
User behavior analytics got a second look in 2015, when new ways to tackle an old problem entered the market. Security companies explored leaps in data science and machine learning to develop standalone UBA components that offered advanced analytics to track human and machine behavior in near real time. Two years later, user behavior analysis features appeared in a range of information security technologies, and the trend is expected to continue. In this issue, we look at the tug of war between user behavior analysis -- sometimes called user and entity behavior analytics -- and SIEM. "In the short term, better UEBA vendors do deliver incremental value over SIEM to large organizations, as long they are comfortable with some tuning and model customization," said Anton Chuvakin, a research vice president and analyst at Gartner. "Expect deeper analytics to appear in data loss prevention, cloud access security brokers -- it's already present in many CASB tools -- and not just SIEM." For many enterprises, risk management beyond ...
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Will no longer playing by the rules help companies find insider threats? As user and entity behavior analytics gets closer to SIEM tools, enterprises take notice.
Serving the technology needs of the property and casualty insurance industry means keeping a weathered eye on risk profiles, enterprise software and emerging threats.
GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies.
Columns in this issue
Information security technologies embrace user behavior analytics, and the trend is expected to continue. Should CISOs consider a standalone UBA component?
When he left the NSA, Burnham helped build the security education and research programs at the Georgia Institute of Technology and other universities. What did he learn?