Skip to main content


UBA, UEBA, & SIEM: Security Management Terms Defined

This blog post seeks to define and explain some common acronyms involved in today’s security management landscape. What is UBA?   UBA stands for User Behavior Analytics and it’s an analytics led threat detection technology. UBA uses machine learning and data science to gain an understanding of how users (humans) within an environment typically behave, then to find risky, anomalous activity that deviates from their normal behavior and may be indicative of a threat. How[…]

Topics: SECURITY, Uncategorized

Ransomworm: Don’t Cry – Act.


In July last year, we released our research report on the Anatomy of a Ransomware attack in which we looked into both the financial model of ransomware and then detection as it unfolds. Due to the recent WannaCry ransomware craze, we think it’s time to revisit. When we addressed ransomware last year, we made a significant comment about the ever-evolving nature of malicious software. We predicted that in the near future (evidently now) ransomware will move[…]

Topics: data science, ransomware, SECURITY, SIEM, Uncategorized

Breaking Down Barriers To Effective Cyber Defense with UEBA

Recently, the CyberEdge Group released its 2017 Cyberthreat Defense Report, a survey of 1,100 IT security professionals on topics ranging from cyber-attack trends and security investment, to tool effectiveness and security best practices. Of course there were a lot of interesting findings in this year’s report, however the part that really caught my eye was the chart on “top barriers to establishing an effective cyber threat defense”. As part of the report, respondents were asked[…]

Topics: Uncategorized

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]


Exabeam Announces First Ever Scholarship Competition

Exabeam College Scholarship

As part of our commitment to the future fight against cyber-crime, we are excited to announce details related to our first ever college scholarship essay contest. The contest, which is now open to applicants, offers a top prize of $1,000 to legal U.S. residents who are currently enrolled as a full-time student at any accredited college or university in the United States. In addition, all applicants are required to carry a minimum cumulative GPA of[…]

Topics: Uncategorized

Finding a Security Unicorn

A recent post on is unlikely to surprise anyone who’s been paying attention to the cybersecurity job market. According to a new Cybersecurity Ventures report, the unemployment rate for cybersecurity jobs is currently zero. On average, there are two open jobs available for every candidate, with over 1 million open IT security positions. Companies are making it worse by trying to hire security unicorns: analysts with skillsets so broad that no person has them[…]

Topics: SECURITY, Uncategorized

Who do I belong to? Dynamic Peer Analysis for UEBA Explained

In user and entity behavior analytics (UEBA), a security alert is best viewed in context as discussed in my past webinar. A user’s peer groups provide useful context to identify and calibrate that user’s alerts. If a user does something unusual on the network, such as logging on to a server or accessing an application for the first time, we may reduce or amplify the risk score of this activity depending on whether the peers[…]

Topics: data science, SECURITY, Uncategorized

Exabeam User and Entity Behavior Analytics Solution Certified with HP ArcSight

Introduction: Today we are excited to add HP ArcSight Enterprise Security Management to our list of supported SIEM solutions. ArcSight customers can now use Exabeam user behavior analytics to rapidly detect attacks that have evaded traditional signature and rule-based security solutions and accelerate incident response. So what does this mean for ArcSight customers? This certification enables ArcSight customers to enhance their existing investment and infrastructure by leveraging machine learning and data analytics to find compromised[…]

Topics: Uncategorized

A Day in the Life of an Exabeamer

Life in any start-up is bound to be wildly different one day to the next. The things you thought were important in the morning are obsolete by lunch. You’ve gone from editing a data sheet to writing new parsers to designing a product feature in the space of four hours. At Exabeam, however, there are two constants from day to day – energy, and the ceaseless grinding of the espresso machine that is the soundtrack[…]

Topics: Uncategorized

Ted Plumis: Why I Joined Exabeam - a User Behavior Analytics Company

I’m excited to be writing my first blog to our partner community here at Exabeam. I am thrilled to be on board and the activities with our partners in my first few weeks have exceeded my expectations. As I meet with our business partners and resellers, I’m repeatedly asked one question at the beginning of every meeting, “Ted, what was it about Exabeam that made you want to work for the company?”     First and[…]

Topics: Uncategorized