UEBA (User and Entity Behavior Analytics)

User and Entity Behavior Analytics (EUBA) is a comprehensive cybersecurity process that protects a company s IT infrastructure. It uses machine learning and advanced algorithms for tracking all users, entities, and events in the system to detect anomalies and suspicious activities that might compromise data security.

Hackers are everywhere, breaking into firewalls and accessing protected data. Not only do they send malware and virus-infected emails, but they also infiltrate a company s security system by conniving with, coercing, or bribing an employee. Globally, the annual cost of cybercrime, which involves hacking, data theft, sabotage, abuse, and security breach, is predicted to hit $6 trillion by 2021.

UEBA is an extension of an earlier User Behavior Analytics (UBA). This cybersecurity process employs statistical analytics powered by artificial intelligence and machine learning to monitor user activities and behavior and keep a record of reports and logs. It establishes a user s normal patterns, identifies deviations, and sends alerts when potential security threats are detected.

Benefits of UEBA

If hackers get into a company s IT infrastructure, UEBA provides the following advantages:

  • It detects insider threats, compromised accounts, brute-force attacks, changes in user permissions, creation of super users, unauthorized privilege escalation, and breach of protected data.
  • It signals an alarm as soon as anomalies are detected, which allows the company s IT department to minimize the damage.
  • It helps mitigate threats, prevent data theft, and reduce vulnerability to cyberattacks.
  • It complements the existing security tracking system and enhances a company s overall IT security posture.

How UEBA works

UEBA focuses on insider threats employees with access to the system compromised due to stolen usernames and passwords or those conspiring with outsiders to carry out data breaches. It uses risk-scoring techniques and deep learning to track user behavior and detect anomalies over time.

It analyzes all users, entities, and events to determine what can be considered normal behavior. Stealing security information from employees might be easier to do, but mimicking the person s behavior in the network is harder. A sudden increase in the file size of sensitive information downloaded daily, for example, triggers an alarm. UEBA quickly detects complex attacks and breaches across the system.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.
Get the Free Newsletter
Subscribe to Daily Tech Insider for top news, trends & analysis
This email address is invalid.

Related Articles

Virtual Private Network (VPN)

A virtual private network (VPN) encrypts a device's Internet access through a secure server. It is most frequently used for remote employees accessing a...

Gantt Chart

A Gantt chart is a type of bar chart that illustrates a project schedule and shows the dependency between tasks and the current schedule...

Input Sanitization

Input sanitization is a cybersecurity measure of checking, cleaning, and filtering data inputs from users, APIs, and web services of any unwanted characters and...

IT Asset Management Software

IT asset management software (ITAM software) is an application for organizing, recording, and tracking all of an organization s hardware and software assets throughout...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...