Inside the Lab: User and Entity Behavior Analytics
Members of our team have been studying existing technologies being applied in our customer environments for what is known today as User and Entity Behavior Analytics (UEBA).
We have been engaged in examining the current sate of the market and studying the benefits and features claimed by new entrants into the market place. Legacy SEIM solutions are hanging out their UEBA shingles as the attention to tools that help detect insider threats, data ex-filtration, compromised user credentials and even hardware garner more and more attention.
Why all the fuss you ask? Well, for years now the cyber industry has been and still is one that looks at threats in part in a historical context to detect a malicious event that already occurred or could still be occurring. So now the buzz is all about algorithms and machine learning and how to apply them to detect a cyber threat in real time.
Our aim is to understand what our customers already have that can be leveraged and whether adding yet another tool to the mix is worth the investment. A number of our customers have the best software engineering talent and computing infrastructure in the world, so it is hard to impress them.
We love these types of projects as it allows us to help shape the discussion on future technologies and architectures that help our customers stay ahead of an ever changing threat landscape.