user and entity behavior analytics (UEBA)
GPTKB entity
Statements (49)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity technology
|
| gptkbp:abbreviation |
UEBA
|
| gptkbp:analyzes |
user behavior
entity behavior |
| gptkbp:category |
threat detection
security monitoring |
| gptkbp:component |
gptkb:security_information_and_event_management_(SIEM)
|
| gptkbp:contrastsWith |
user behavior analytics (UBA)
|
| gptkbp:detects |
security threats
policy violations anomalous behavior |
| gptkbp:firstAppearance |
2015s
|
| gptkbp:focusesOn |
risk scoring
deviations from baseline patterns of behavior |
| gptkbp:goal |
improve threat detection
reduce false positives identify risky behavior |
| https://www.w3.org/2000/01/rdf-schema#label |
user and entity behavior analytics (UEBA)
|
| gptkbp:includes |
entity analytics
|
| gptkbp:marketedAs |
gptkb:IBM
gptkb:Microsoft gptkb:Splunk gptkb:Exabeam gptkb:LogRhythm gptkb:Securonix |
| gptkbp:monitors |
users
applications devices network traffic |
| gptkbp:output |
alerts
incident reports risk scores |
| gptkbp:relatedTo |
gptkb:SOAR
security analytics threat intelligence SIEM |
| gptkbp:requires |
data collection
data integration data normalization |
| gptkbp:standardizedBy |
gptkb:Gartner
|
| gptkbp:usedFor |
detecting advanced persistent threats
detecting compromised accounts detecting insider threats |
| gptkbp:uses |
gptkb:machine_learning
statistical analysis big data analytics |
| gptkbp:bfsParent |
gptkb:Azure_Sentinel
|
| gptkbp:bfsLayer |
6
|