UEBA: When "E" Doesn't Stand for "Easy" - Exabeam

UEBA: When “E” Doesn’t Stand for “Easy”

Published
September 28, 2016

Author
admin

Three-letter acronyms are easy to remember and pronounce – adding more letters usually just adds friction. When Gartner renamed the User Behavior Analytics market from UBA to UEBA (i.e. User and Entity BA), it made the term more clunky but even more relevant. Most organizations understand the threat posed by user insiders, whether malicious or compromised. However, many don’t yet see the risks from “insider” machines, or as Gartner calls them, entities.

While we are years away from a server deciding to go rogue and steal data on its own, machine takeover by hackers is already well underway. At a recent customer site, our research team applied our analytics platform to network traffic and found a variety of ugly attacks underway. These included DNS tunneling and rogue authentication requests to directory servers. The interesting thing is that this customer had a sophisticated security team and already had leading network security products in place. However, none of these products caught the attacks; only Exabeam detected them. That’s tough news for CISOs who’ve spent millions to deploy sandboxing and next-gen security systems. However, the reality is that the “E” part of UEBA requires attention.

We recently announced Exabeam 3.0, which includes a new elastic (i.e. multi-node scalable) architecture and features designed for new analytics on network traffic. Essentially, it’s the next generation of UEBA architecture, designed to support 10x more data. Exabeam 3.0 is especially well suited for cloud deployments, where you might spin up or spin down nodes as needed, without bothering with hardware appliances. Drop us a line at info@exabeam.com if you’d like to learn more – there’s a reason why Exabeam is the #1 most deployed UEBA product in the world.

Recent UEBA Articles

Insider Threat Examples: 3 Famous Cases and 4 Preventive Measures

Read More

An Outcome-based Approach to Use Cases: Solving for Lateral Movement

Read More

What Is an Insider Threat? Understand the Problem and Discover 4 Defensive Strategies

Read More

Using Advanced Analytics to Detect and Stop Threats [White Paper]

Read More

Understanding Insider Threat Detection Tools

Read More



Recent Information Security Articles

7 Detection Tips for the Log4j2 Vulnerability

Read More

New CISO? 5 Things to Achieve In Your First 90 Days

Read More

5 Security Questions to Consider this Holiday Season

Read More

Our Customers Have Spoken: Exabeam named a 2021 Gartner Peer Insights™ Customers’ Choice for SIEM

Read More

What Is XDR? Transforming Threat Detection and Response

Read More