UEBA - User and Entity Behavior Analytics
Hadoop
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AAvaliableAvaliable
Clouds
N/AN/AN/AN/AN/A
  • Yes
N/A
  • Yes
N/AN/AN/AN/AN/A
  • Yes
  • Yes
N/A
  • Yes
N/A
On-premises software
AvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Advanced Analytics
AvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableN/A
Incident Response
AvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Machine Learning
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Licensing model all based on identity
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
  • Only HP UEBA
  • Yes
N/AN/A
  • Yes
N/A
Deep Learning
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
Visibility into users via reports and dashboards
N/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliable
Near real-time alerts
N/AAvaliableN/AAvaliableAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Forensic Tools
N/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Customizable notification
N/AAvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliable
Role based reports
AvaliableN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/A
Threat Intelligence reports
AvaliableN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliable
Technologies integration
  • SIEM
  • SIEM
  • IAM
  • DLP
  • SIEM
  • IAM
  • DLP
N/AN/A
  • SIEM
N/AN/A
  • IAM
  • DLP
  • SIEM
  • SIEM
  • DLP
  • SIEM
  • IAM
  • SIEM
  • SIEM
  • IAM
  • SIEM
  • IAM
  • DLP
N/A
  • SIEM
  • IAM
  • DLP
  • SIEM
Log collection from SaaS apps
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliable
Logs and User context data from Active directory
AvaliableAvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Logs from endpoint security solutions
N/AAvaliableAvaliableAvaliableN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliable
Network flow/Packet data
N/AAvaliableAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliable
Unstructured contextual data
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliable
Log collection from OS, apps, services
N/AAvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Meta data from electronic communications
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliable
Statistical models
N/AN/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliable
Modelling based rules and signatures
AvaliableN/AN/AAvaliableN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableN/AN/AAvaliableN/A
Catching users with anomaly behavior on start by baselining model
AvaliableN/AN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableN/AN/AN/AAvaliableN/A
System adaptation to user's dynamic role changes
AvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AN/AAvaliableAvaliable
UEBA - User and Entity Behavior Analytics
Hadoop
Clouds
On-premises software
Advanced Analytics
Incident Response
Machine Learning
Licensing model all based on identity
Deep Learning
Visibility into users via reports and dashboards
Near real-time alerts
Forensic Tools
Customizable notification
Role based reports
Threat Intelligence reports
Technologies integration
Log collection from SaaS apps
Logs and User context data from Active directory
Logs from endpoint security solutions
Network flow/Packet data
Unstructured contextual data
Log collection from OS, apps, services
Meta data from electronic communications
Statistical models
Modelling based rules and signatures
Catching users with anomaly behavior on start by baselining model
System adaptation to user's dynamic role changes