Free Trial
Price Quote

Secure InfoSolutions - Info Security Blog

Market Guide for User and Entity Behavior Analytics

Market Guide for User and Entity Behavior Analytics

UEBA successfully detects malicious and abusive activity that otherwise goes unnoticed, and effectively consolidates and prioritizes security alerts sent from other systems.

Key Findings

  • The user and entity behavior analytics (UEBA) market grew substantially in 2015; UEBA vendors grew their customer base, market consolidation began, and Gartner client interest in UEBA and security analytics increased.
  • Enterprises successfully use UEBA to detect malicious and abusive behavior that otherwise went unnoticed by existing security monitoring systems, such as SIEM and DLP.


Chief information officers, chief information security officers and security managers should:

  • Use UEBA to detect insider threats and external hackers, and choose vendors with solutions that align with your use cases, for example, security monitoring or data exfiltration.
  • Integrate UEBA with existing security applications by feeding UEBA systems with logs and data the existing security applications already collect. Incorporate network and endpoint data for visibility into activity not available in logs.
  • Do not discount the need to investigate individuals who have low risk scores in UEBA systems.
  • Operationalize UEBA by sending alerts to security orchestration, ticketing and workflow systems.
  • Favor UEBA vendors who profile multiple entities including users and their peer groups, and devices, and who use machine learning to detect anomalies. These features enable more accurate detection of malicious or abusive users.

View the full article at


to receive updates on products and security industry news.

[dc_social_feed id="657" style="dark"]

© 2016 Secure InfoSolutions, LLC. All rights reserved.
Terms of Service
Privacy Policy