UEBA (User and Entity Behavior Analytics)

User and Entity Behavior Analytics (EUBA) is a comprehensive cybersecurity process that protects a company s IT infrastructure. It uses machine learning and advanced algorithms for tracking all users, entities, and events in the system to detect anomalies and suspicious activities that might compromise data security.

Hackers are everywhere, breaking into firewalls and accessing protected data. Not only do they send malware and virus-infected emails, but they also infiltrate a company s security system by conniving with, coercing, or bribing an employee. Globally, the annual cost of cybercrime, which involves hacking, data theft, sabotage, abuse, and security breach, is predicted to hit $6 trillion by 2021.

UEBA is an extension of an earlier User Behavior Analytics (UBA). This cybersecurity process employs statistical analytics powered by artificial intelligence and machine learning to monitor user activities and behavior and keep a record of reports and logs. It establishes a user s normal patterns, identifies deviations, and sends alerts when potential security threats are detected.

Benefits of UEBA

If hackers get into a company s IT infrastructure, UEBA provides the following advantages:

  • It detects insider threats, compromised accounts, brute-force attacks, changes in user permissions, creation of super users, unauthorized privilege escalation, and breach of protected data.
  • It signals an alarm as soon as anomalies are detected, which allows the company s IT department to minimize the damage.
  • It helps mitigate threats, prevent data theft, and reduce vulnerability to cyberattacks.
  • It complements the existing security tracking system and enhances a company s overall IT security posture.

How UEBA works

UEBA focuses on insider threats employees with access to the system compromised due to stolen usernames and passwords or those conspiring with outsiders to carry out data breaches. It uses risk-scoring techniques and deep learning to track user behavior and detect anomalies over time.

It analyzes all users, entities, and events to determine what can be considered normal behavior. Stealing security information from employees might be easier to do, but mimicking the person s behavior in the network is harder. A sudden increase in the file size of sensitive information downloaded daily, for example, triggers an alarm. UEBA quickly detects complex attacks and breaches across the system.

Webopedia Staff
Webopedia Staff
Since 1995, more than 100 tech experts and researchers have kept Webopedia’s definitions, articles, and study guides up to date. For more information on current editorial staff, please visit our About page.

Related Articles

Photo Editing Software

Photo editing software is used to manipulate or enhance digital images. This category of software ranges from basic apps, which are able to apply...

SOHO Business Solutions: Free Email Marketing Services

Just like big businesses, SOHO (small office/home office) owners can leverage email marketing systems to communicate with customers, partners and employees. Just like big businesses,...

Fintech

Fintech, also known as "financial technology," is a term used to describe companies that use innovative technology to create more efficient, transparent, and cost-effective...

Cyber Security

Cyber security is the practice of protecting computer systems, networks, and data by using a variety of different strategies and tools. Many large companies...

ScalaHosting

ScalaHosting is a leading managed hosting provider that offers secure, scalable, and affordable...

HRIS

Human resources information system (HRIS) solutions help businesses manage multiple facets of their...

Best Managed Service Providers...

In today's business world, managed services are more critical than ever. They can...