UEBA - User and Entity Behavior Analytics
Hadoop
N/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliable
Clouds
N/AN/AN/AN/A
  • Yes
N/A
  • Yes
N/AN/AN/AN/AN/AN/AN/A
  • Yes
  • Yes
N/A
  • Yes
  • Yes
N/A
On-premises software
AvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliable
Advanced Analytics
AvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliableN/A
Incident Response
AvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliable
Machine Learning
AvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
Licensing model all based on identity
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
  • Only HP UEBA
  • Yes
N/AN/AN/A
  • Yes
N/A
Deep Learning
N/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
Visibility into users via reports and dashboards
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
Near real-time alerts
AvaliableN/AAvaliableAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliable
Forensic Tools
AvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
Customizable notification
AvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliable
Role based reports
N/AAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/A
Threat Intelligence reports
N/AN/AAvaliableAvaliableAvaliableN/AN/AN/AAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliableN/AN/AAvaliable
Technologies integration
  • SIEM
  • IAM
  • DLP
  • SIEM
  • IAM
  • DLP
N/AN/A
  • SIEM
N/AN/A
  • IAM
  • DLP
  • SIEM
  • SIEM
  • DLP
  • SIEM
  • IAM
  • SIEM
    • SIEM
    • SIEM
    • IAM
    • SIEM
    • IAM
    • DLP
    N/A
    • SIEM
    • IAM
    • DLP
    • SIEM
    • IAM
    • DLP
    • SIEM
    Log collection from SaaS apps
    N/AN/AN/AN/AAvaliableN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliableAvaliable
    Logs and User context data from Active directory
    AvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
    Logs from endpoint security solutions
    AvaliableAvaliableAvaliableN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliable
    Network flow/Packet data
    AvaliableAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliable
    Unstructured contextual data
    N/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliable
    Log collection from OS, apps, services
    AvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
    Meta data from electronic communications
    N/AN/AN/AN/AAvaliableN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AAvaliableN/AN/AAvaliableAvaliable
    Statistical models
    N/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AN/AAvaliableAvaliable
    Modelling based rules and signatures
    N/AN/AAvaliableN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableN/AAvaliableN/AN/AAvaliableAvaliableN/A
    Catching users with anomaly behavior on start by baselining model на старте
    N/AN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AAvaliableN/A
    System adaptation to user's dynamic role changes
    AvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AN/AN/AAvaliableAvaliable
    UEBA - User and Entity Behavior Analytics
    Hadoop
    Clouds
    On-premises software
    Advanced Analytics
    Incident Response
    Machine Learning
    Licensing model all based on identity
    Deep Learning
    Visibility into users via reports and dashboards
    Near real-time alerts
    Forensic Tools
    Customizable notification
    Role based reports
    Threat Intelligence reports
    Technologies integration
    Log collection from SaaS apps
    Logs and User context data from Active directory
    Logs from endpoint security solutions
    Network flow/Packet data
    Unstructured contextual data
    Log collection from OS, apps, services
    Meta data from electronic communications
    Statistical models
    Modelling based rules and signatures
    Catching users with anomaly behavior on start by baselining model на старте
    System adaptation to user's dynamic role changes