What is UEBA?

A user entity and behavior analytics (UEBA) solution uses algorithms and machine learning to detect anomalies in the behavior of corporate users as well as the network routers, servers, and endpoints. UEBA incorporates insider risk, privileged account monitoring, and monitoring for compromised accounts. When applied correctly, it finds deviations from normal user and entity behavior that could indicate intentional or unintentional misuse of data.

For example, a user suddenly logs into a payment system he’s never used before and sets up a new payment account in a country the company doesn’t do business with. Next, large sums of money start transferring into that account. Together, those behaviors indicate a potential issue that will require further investigation.

In Netenrich

Today, traditional implementations of UEBA track behavior on an attribute — but only if the attribute is associated with an entity or user, for example, an IP address/machine or a user/account. By contrast, the Resolution Intelligence Cloud™ platform offers a new and innovative approach to behavioral analytics — think UEBA + a whole lot more.

The platform can track behavior for an attribute at any level — environment, user, IP, machine, account, etc. — to provide a comprehensive view of the security landscape. This holistic approach helps ensure that no suspicious activity goes unnoticed, providing organizations with the visibility and insights needed to effectively protect their digital assets. Moreover, Netenrich’s innovation development approach toward more proactive defense is one of the four main elements of an automated moving target defense (AMTD) model, which ultimately, is designed to make a threat actor’s job more difficult and more costly.