Access your Pro+ Content below.
User behavior analytics leads the security analytics charge
This article is part of the Information Security magazine issue of December 2017, Vol. 19, No. 10
Security analytics may hold promise. The reality is a ways off. One area ahead of the curve, however, is tracking inside-user behavior. User behavior analytics (UBA) relies on statistical modeling, machine learning and data science to identify patterns of behavior and compare them against other human or machine activities. These technologies develop normal versus abnormal behavior profiles by collecting information on users' activities across IP addresses, accounts and devices. Unlike signature-based threat technologies, user behavior analytics creates a baseline for each individual user and then uses categorical, numerical and contextual information to identify anomalies and flag risky behavior. User and entity behavior analytics, or UEBA, also looks at machine activities -- individuals, devices, assets and applications. User behavior analytics is not new. The failure to thwart insider threats (compromised credentials and data), innovations from startups and a growing need to store and sift through massive amounts of enterprise...
Access this PRO+ Content for Free!
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Features in this issue
Will no longer playing by the rules help companies find insider threats? As user and entity behavior analytics gets closer to SIEM tools, enterprises take notice.
Serving the technology needs of the property and casualty insurance industry means keeping a weathered eye on risk profiles, enterprise software and emerging threats.
GPS has been extraordinarily reliable, but there's a growing chorus of experts who say it's time to assess GPS security and consider protective strategies.
Columns in this issue
Information security technologies embrace user behavior analytics, and the trend is expected to continue. Should CISOs consider a standalone UBA component?
When he left the NSA, Burnham helped build the security education and research programs at the Georgia Institute of Technology and other universities. What did he learn?