UEBA (User and Entity Behavior Analytics)

User and Entity Behavior Analytics (EUBA) is a comprehensive cybersecurity process that protects a company s IT infrastructure. It uses machine learning and advanced algorithms for tracking all users, entities, and events in the system to detect anomalies and suspicious activities that might compromise data security.

Hackers are everywhere, breaking into firewalls and accessing protected data. Not only do they send malware and virus-infected emails, but they also infiltrate a company s security system by conniving with, coercing, or bribing an employee. Globally, the annual cost of cybercrime, which involves hacking, data theft, sabotage, abuse, and security breach, is predicted to hit $6 trillion by 2021.

UEBA is an extension of an earlier User Behavior Analytics (UBA). This cybersecurity process employs statistical analytics powered by artificial intelligence and machine learning to monitor user activities and behavior and keep a record of reports and logs. It establishes a user s normal patterns, identifies deviations, and sends alerts when potential security threats are detected.

Benefits of UEBA

If hackers get into a company s IT infrastructure, UEBA provides the following advantages:

  • It detects insider threats, compromised accounts, brute-force attacks, changes in user permissions, creation of super users, unauthorized privilege escalation, and breach of protected data.
  • It signals an alarm as soon as anomalies are detected, which allows the company s IT department to minimize the damage.
  • It helps mitigate threats, prevent data theft, and reduce vulnerability to cyberattacks.
  • It complements the existing security tracking system and enhances a company s overall IT security posture.

How UEBA works

UEBA focuses on insider threats employees with access to the system compromised due to stolen usernames and passwords or those conspiring with outsiders to carry out data breaches. It uses risk-scoring techniques and deep learning to track user behavior and detect anomalies over time.

It analyzes all users, entities, and events to determine what can be considered normal behavior. Stealing security information from employees might be easier to do, but mimicking the person s behavior in the network is harder. A sudden increase in the file size of sensitive information downloaded daily, for example, triggers an alarm. UEBA quickly detects complex attacks and breaches across the system.

Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Top Articles

The Complete List of 1500+ Common Text Abbreviations & Acronyms

From A3 to ZZZ we list 1,559 SMS, online chat, and text abbreviations to help you translate and understand today's texting lingo. Includes Top...

Windows Operating System History & Versions

The Windows operating system (Windows OS) refers to a family of operating systems developed by Microsoft Corporation. We look at the history of Windows...

How to Create a Website Shortcut on Your Desktop

Website Shortcut on Your Desktop reviewed by Web Webster   This Webopedia guide will show you how to create a website shortcut on your desktop using...

Generations of Computers (1st to 5th)

Reviewed by Web Webster Learn about each of the 5 generations of computers and major technology developments that have led to the computing devices that...

Pardot

What is Pardot? Pardot is a B2B marketing automation (MA) solution by Salesforce that...

Veeam

Veeam Software is a global vendor...

Akamai

Akamai Technologies is a global web technology company specializing in content...