user and entity behavior analytics (UEBA)

GPTKB entity

Statements (49)
Predicate Object
gptkbp:instanceOf cybersecurity technology
gptkbp:abbreviation UEBA
gptkbp:analyzes user behavior
entity behavior
gptkbp:category threat detection
security monitoring
gptkbp:component gptkb:security_information_and_event_management_(SIEM)
gptkbp:contrastsWith user behavior analytics (UBA)
gptkbp:detects security threats
policy violations
anomalous behavior
gptkbp:firstAppearance 2015s
gptkbp:focusesOn risk scoring
deviations from baseline
patterns of behavior
gptkbp:goal improve threat detection
reduce false positives
identify risky behavior
https://www.w3.org/2000/01/rdf-schema#label user and entity behavior analytics (UEBA)
gptkbp:includes entity analytics
gptkbp:marketedAs gptkb:IBM
gptkb:Microsoft
gptkb:Splunk
gptkb:Exabeam
gptkb:LogRhythm
gptkb:Securonix
gptkbp:monitors users
applications
devices
network traffic
gptkbp:output alerts
incident reports
risk scores
gptkbp:relatedTo gptkb:SOAR
security analytics
threat intelligence
SIEM
gptkbp:requires data collection
data integration
data normalization
gptkbp:standardizedBy gptkb:Gartner
gptkbp:usedFor detecting advanced persistent threats
detecting compromised accounts
detecting insider threats
gptkbp:uses gptkb:machine_learning
statistical analysis
big data analytics
gptkbp:bfsParent gptkb:Azure_Sentinel
gptkbp:bfsLayer 6