user and entity behavior analytics (UEBA)
GPTKB entity
Statements (49)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybersecurity technology
|
gptkbp:abbreviation |
UEBA
|
gptkbp:analyzes |
user behavior
entity behavior |
gptkbp:category |
threat detection
security monitoring |
gptkbp:component |
gptkb:security_information_and_event_management_(SIEM)
|
gptkbp:contrastsWith |
user behavior analytics (UBA)
|
gptkbp:detects |
security threats
policy violations anomalous behavior |
gptkbp:firstAppearance |
2015s
|
gptkbp:focusesOn |
risk scoring
deviations from baseline patterns of behavior |
gptkbp:goal |
improve threat detection
reduce false positives identify risky behavior |
https://www.w3.org/2000/01/rdf-schema#label |
user and entity behavior analytics (UEBA)
|
gptkbp:includes |
entity analytics
|
gptkbp:marketedAs |
gptkb:IBM
gptkb:Microsoft gptkb:Splunk gptkb:Exabeam gptkb:LogRhythm gptkb:Securonix |
gptkbp:monitors |
users
applications devices network traffic |
gptkbp:output |
alerts
incident reports risk scores |
gptkbp:relatedTo |
gptkb:SOAR
security analytics threat intelligence SIEM |
gptkbp:requires |
data collection
data integration data normalization |
gptkbp:standardizedBy |
gptkb:Gartner
|
gptkbp:usedFor |
detecting advanced persistent threats
detecting compromised accounts detecting insider threats |
gptkbp:uses |
gptkb:machine_learning
statistical analysis big data analytics |
gptkbp:bfsParent |
gptkb:Azure_Sentinel
|
gptkbp:bfsLayer |
6
|