User Behavior Analytics (UBA) solutions are the applications of advancements in Data science and Machine learning to tackle the current challenges in cyber security. UBA solutions captures data from myriad of sources both in structured and un-structured format such as Network flow/Packet data, Logs from Host and other security solutions, logs from Active directory, Email metadata, News sources/Articles and data from HR systems and apply Machine learning to detect any anomalous or suspicious behavior inside your enterprise network.
UBA solutions learns from the data being fed to it and builds normal operating profiles for users and entities (groups, hosts, applications) over a period of time. It then compare users actions on a continuous basis with these profiles to detect any abnormal actions and behaviour. These baseline profiles or normal operating profiles are dynamic in nature and changes itself automatically to better suit the user and entities normal behavior or to take into account any roles-changes inside the organization.
UBA solutions uses both basic (Rules based and statistical models) and more advance (supervised and unsupervised machine learning) analytics to build these profiles. Lets look at the Key Use Cases of User Behavior Analytics program:
Do let me know if you want us to add or modify any of the listed key use cases.
Check out the User Behavior Analytics market within FireCompass to get more information on these markets.