User behavior analytics

User Behavior Analytics ("UBA") as defined by Gartner, is a cybersecurity process about detection of insider threats, targeted attacks, and financial fraud. UBA solutions look at patterns of human behavior, and then apply algorithms and statistical analysis to detect meaningful anomalies from those patterns - anomalies that indicate potential threats.'[1][2] Instead of tracking devices or security events, UBA tracks a system's users.[3]

The problem UBA responds to, as described by Nemertes Research CEO Johna Till Johnson, is that "Security systems provide so much information that it's tough to uncover information that truly indicates a potential for real attack. Analytics tools help make sense of the vast amount of data that SIEM, IDS/IPS, system logs, and other tools gather. UBA tools use a specialized type of security analytics that focuses on the behavior of systems and the people using them. UBA technology first evolved in the field of marketing, to help companies understand and predict consumer-buying patterns. But as it turns out, UBA can be extraordinarily useful in the security context too." [4]

References

  1. The Rise of User Behavior Analytics
  2. Market Guide for User Behavior Analytics
  3. The hunt for data analytics: Is your SIEM on the endangered list?
  4. User behavioral analytics tools can thwart security attacks
This article is issued from Wikipedia - version of the Wednesday, November 11, 2015. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.