UEBA - User and Entity Behavior Analytics
Hadoop
N/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliable
Clouds
N/AN/AN/AN/A
  • Yes
N/A
  • Yes
N/AN/AN/AN/AN/AN/A
  • Yes
  • Yes
N/A
  • Yes
N/A
On-premises software
AvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Advanced Analytics
AvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableN/A
Incident Response
AvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Machine Learning
AvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Licensing model all based on identity
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
  • Only HP UEBA
  • Yes
N/AN/A
  • Yes
N/A
Deep Learning
N/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
Visibility into users via reports and dashboards
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
Near real-time alerts
AvaliableN/AAvaliableAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Forensic Tools
AvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Customizable notification
AvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliable
Role based reports
N/AAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/A
Threat Intelligence reports
N/AN/AAvaliableAvaliableAvaliableN/AN/AN/AAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliable
Technologies integration
  • SIEM
  • IAM
  • DLP
  • SIEM
  • IAM
  • DLP
N/AN/A
  • SIEM
N/AN/A
  • IAM
  • DLP
  • SIEM
  • SIEM
  • DLP
  • SIEM
  • IAM
  • SIEM
  • SIEM
  • SIEM
  • IAM
  • SIEM
  • IAM
  • DLP
N/A
  • SIEM
  • IAM
  • DLP
  • SIEM
Log collection from SaaS apps
N/AN/AN/AN/AAvaliableN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliable
Logs and User context data from Active directory
AvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Logs from endpoint security solutions
AvaliableAvaliableAvaliableN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliable
Network flow/Packet data
AvaliableAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliable
Unstructured contextual data
N/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliable
Log collection from OS, apps, services
AvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Meta data from electronic communications
N/AN/AN/AN/AAvaliableN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AAvaliableN/AAvaliableAvaliable
Statistical models
N/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableN/AAvaliableAvaliable
Modelling based rules and signatures
N/AN/AAvaliableN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableN/AAvaliableN/AN/AAvaliableN/A
Catching users with anomaly behavior on start by baselining model на старте
N/AN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/A
System adaptation to user's dynamic role changes
AvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AN/AAvaliableAvaliable
UEBA - User and Entity Behavior Analytics
Hadoop
Clouds
On-premises software
Advanced Analytics
Incident Response
Machine Learning
Licensing model all based on identity
Deep Learning
Visibility into users via reports and dashboards
Near real-time alerts
Forensic Tools
Customizable notification
Role based reports
Threat Intelligence reports
Technologies integration
Log collection from SaaS apps
Logs and User context data from Active directory
Logs from endpoint security solutions
Network flow/Packet data
Unstructured contextual data
Log collection from OS, apps, services
Meta data from electronic communications
Statistical models
Modelling based rules and signatures
Catching users with anomaly behavior on start by baselining model на старте
System adaptation to user's dynamic role changes