Skip to main content

Webinar

25 User Behavior Analytics that Indicate Malicious Insider or Compromised Account

Recorded
Air Date: September 20, 2016

SpeakerRandy Franklin SmithCTOLOGbinder

To catch malicious and compromised insiders, you can’t wait around for an unambiguous smoking gun to materialize in your SIEM. You must actively engage in threat hunting and leverage user and entity behavior analytics (UEBA) to identify anomalies in your data logs.

In this training, we will dive into UEBA and show you:

  • What 25 behaviors indicate compromise or malice
  • What you can do with most SIEMs and what requires a UEBA solution
  • How to enrich event data with identity information from AD and HR
2017