Actu
ManageEngine Introduces User and Entity Behavior Analytics in its SIEM Solution
March 2019 by Marc Jacob
ManageEngine announced that it has introduced user and entity behavior analytics (UEBA) into its SIEM solution, Log360. With score-based risk assessment, threat corroboration, anomaly detection powered by machine learning, and other new capabilities, the Log360 UEBA add-on helps security professionals identify, qualify, and investigate internal threats and anomalies by extracting more information from logs for better context.
According to Verizon’s 2018 Data Breach Investigations Report, over a quarter of the 53,308 cyberattacks in 2017 involved insiders. Insider threats can be particularly difficult to detect with conventional threat detection systems, as it’s hard to spot the signs of someone using their legitimate access to data for nefarious purposes, and both vulnerabilities and exploits are unknown. UEBA delivers more robust and accurate threat detection by using machine learning to set a baseline of a user’s normal activity, and then flag any deviations from that baseline.
Highlights of Log360 UEBA
Log360 UEBA monitors user activity captured in logs to identify behavioral changes. User activities that would otherwise go unnoticed are flagged, reducing the time it takes to detect and respond to threats. The highlights of Log360 UEBA include:
? Anomaly detection: Spots deviant user and entity behavior such as logons at unusual hours, excessive logon failures, and file deletions from a host that is not generally used by a particular user.
? Score-based risk assessment: Generates a risk score for each user and entity based on how dangerous their behavior is, helping security admins determine which threats merit investigation.
? Threat corroboration: Identifies indicators of compromise and indicators of attack, exposing major threats including insider threats, account compromise, and data exfiltration.
Pricing and Availability
The Log360 UEBA add-on is available immediately and is priced at $495.
