UEBA

Home / UEBA

What is UEBA?

UEBA is the process of profiling/baselining user-related host/network/application activities for detecting suspicious/malicious behavior and intrusions by identifying meaningful anomalies or deviations from “normal” patterns of behavior.

This feature is state of the art, and constitutes the gold-standard contemporary approach to unearthing elusive and potentially catastrophic insider threats that go unnoticed by traditional SIEM solutions.

A must-have tool! Why you need UEBA:

The cyber-threat landscape is evolving. The volume, velocity, complexity and sophistication of attacks are consistently becoming more advanced, and they very often bypass conventional/traditional security defenses.

UEBA focuses on detecting insider threats, such as compromised employees, or employees who may attempt to steal sensitive data, perform fraudulent attempts and carry out targeted attacks.

In an era when insider threats pose tremendous risk to organizations, User & Entity Behavior Analysis (UEBA) is, now more than ever, a must-have tool that helps organizations to timely detect and respond to intrusions before it is too late.

UEBA helps you save the day!

The ClearSkies™ SaaS NG SIEM capitalizes on the User & Entity Behavior Analysis (UEBA) behavioral and predictive analytic capabilities, which are integrally complemented by ClearSkies™ NG Endpoint Detection & Response (EDR).

The SIEM utilizes supervised and unsupervised Machine Learning (ML) and Artificial Intelligence (AI) modeling for continuous re-baselining of users’ and entities’ relationship behavior towards the effective detection of abnormal behavior.

Deviations from any user’s normal behavior are analyzed to identify what caused this behavioral change, triggering an alert for further investigation before it is too late.

Behavioral Analysis Moods

Behavioral Analysis Moods indicate how the Agent categorizes activities into suspicious and/or malicious, and what “Actions” will be triggered for each. They are assigned to each user based on strategic organizational security objectives and risk appetite. The Behavioral Analysis are described below:

Relaxed

Overview:

This “Mood” adopts a lenient approach to the behavioral analysis for log and event data collected, where the “Actions” applied are for informative purposes only.

Response actions:

“Monitor and Alert” activities categorized as suspicious and/or malicious.

Neutral

Overview:

This “Mood” adopts a moderate approach to the behavioral analysis of the Agent for the log and event data collected, where the “Actions” applied are less restrictive.

Response actions:

“Monitor and Alert” activities categorized as suspicious, and “Alert, Block and/or Quarantine” activities categorized as malicious.

Aggressive

Overview:

This “Mood” adopts a strict approach to the behavioral analysis of the Agent for the log and event data collected, where the “Actions” applied are restrictive.

Response actions:

“Alert and Block” activities categorized as suspicious, and “Alert, Block and/or Quarantine” activities categorized as malicious.

UEBA helps you save the day towards the detection of suspicious and/or malicious activity, which would otherwise go unnoticed by traditional security defenses.

Want to try out ClearSkies™ SaaS NG SIEM?

This is how you proceed:

1. Talk to one of our specialists now

2. Get up and running in no time, hassle-free

3. Strengthen your organization’s security posture

Talk to an Expert Now!

What's new

31 Jul14:49pm

ClearSkies™ NG Endpoint Detection & Response (EDR) Agent Version 6.3

29 Apr11:10am

ClearSkies™ SaaS NG SIEM now available on Microsoft Azure Marketplace

Go to News

Privacy Overview

This website uses cookies to improve your experience while you navigate through the website. Out of these cookies, the cookies that are categorized as necessary are stored on your browser as they are essential for the working of basic functionalities of the website. We also use third-party cookies that help us analyze and understand how you use this website. These cookies will be stored in your browser only with your consent.

You will also have the option to opt-out of these cookies should you want to. But opting out of some of these cookies may have an effect on your browsing experience as per the descriptions elucidated against the respective categories below.

Privacy Overview

Necessary

Always Enabled

Necessary cookies are absolutely essential for the website to function properly. This category only includes cookies that ensures basic functionalities and security features of the website. These cookies do not store any personal information.

Cookie	Description
viewed_cookie_policy	The cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.

Analytics

Analytics cookies help us understand how our visitors interact with the website. It helps us understand the number of visitors, where the visitors are coming from, and the pages they navigate. The cookies collect this data and are reported anonymously.

Cookie	Description
_dc_gtm_UA-110097014-1
_ga	This cookie is installed by Google Analytics. The cookie is used to calculate visitor, session, camapign data and keep track of site usage for the site's analytics report. The cookies store information anonymously and assigns a randoly generated number to identify unique visitors.
_gcl_au	Used by Google AdSense for experimenting with advertisement efficiency across websites using their services.
_gid	This cookie is installed by Google Analytics. The cookie is used to store information of how visitors use a website and helps in creating an analytics report of how the wbsite is doing. The data collected including the number visitors, the source where they have come from, and the pages viisted in an anonymous form.
GPS	This cookie is set by Youtube and registers a unique ID for tracking users based on their geographical location

Advertisement cookies help us provide our visitors with relevant ads and marketing campaigns.

Cookie	Description
_fbp	This cookie is set by Facebook to deliver advertisement when they are on Facebook or a digital platform powered by Facebook advertising after visiting this website.
fr	The cookie is set by Facebook to show relevant advertisments to the users and measure and improve the advertisements. The cookie also tracks the behavior of the user across the web on sites that have Facebook pixel or Facebook social plugin.
IDE	Used by Google DoubleClick and stores information about how the user uses the website and any other advertisement before visiting the website. This is used to present users with ads that are relevant to them according to the user profile.
test_cookie	This cookie is set by doubleclick.net. The purpose of the cookie is to determine if the users' browser supports cookies.
VISITOR_INFO1_LIVE	This cookie is set by Youtube. Used to track the information of the embedded YouTube videos on a website.
YSC	This cookies is set by Youtube and is used to track the views of embedded videos.

Save & Accept