UEBA - User and Entity Behavior Analytics
Hadoop
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AN/AN/AAvaliableAvaliable
Clouds
  • Yes
N/AN/AN/AN/A
  • Yes
N/A
  • Yes
N/AN/AN/AN/AN/AN/A
  • Yes
N/A
  • Yes
N/A
On-premises software
AvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Advanced Analytics
AvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableN/AAvaliableN/A
Incident Response
AvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliable
Machine Learning
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliable
Licensing model all based on identity
  • Yes
N/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
  • Only HP UEBA
N/AN/A
  • Yes
N/A
Deep Learning
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/A
Visibility into users via reports and dashboards
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliable
Near real-time alerts
AvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliableN/AAvaliableAvaliable
Forensic Tools
AvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliable
Customizable notification
N/AAvaliableAvaliableN/AAvaliableAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliable
Role based reports
N/AN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AN/AN/AAvaliableN/AN/AN/AN/AN/A
Threat Intelligence reports
N/AN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableN/AAvaliable
Technologies integration
  • SIEM
  • IAM
  • SIEM
  • IAM
  • DLP
  • SIEM
  • IAM
  • DLP
N/AN/A
  • SIEM
N/AN/A
  • IAM
  • DLP
  • SIEM
  • SIEM
  • DLP
  • SIEM
  • IAM
  • SIEM
  • SIEM
  • SIEM
  • IAM
  • DLP
N/A
  • SIEM
  • IAM
  • DLP
  • SIEM
Log collection from SaaS apps
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliable
Logs and User context data from Active directory
AvaliableAvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliable
Logs from endpoint security solutions
AvaliableAvaliableAvaliableAvaliableN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliable
Network flow/Packet data
AvaliableAvaliableAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliable
Unstructured contextual data
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AN/AN/AN/AN/AN/AN/AN/AAvaliableAvaliable
Log collection from OS, apps, services
AvaliableAvaliableAvaliableN/AN/AAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableAvaliableAvaliableAvaliable
Meta data from electronic communications
N/AN/AN/AN/AN/AAvaliableN/AN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/AAvaliableAvaliable
Statistical models
AvaliableN/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliableN/AN/AAvaliableN/AAvaliableAvaliable
Modelling based rules and signatures
AvaliableN/AN/AAvaliableN/AAvaliableN/AN/AAvaliableN/AN/AAvaliableAvaliableN/AN/AN/AAvaliableN/A
Catching users with anomaly behavior on start by baselining model
N/AN/AN/AN/AAvaliableAvaliableAvaliableN/AN/AN/AN/AN/AAvaliableAvaliableN/AN/AAvaliableN/A
System adaptation to user's dynamic role changes
N/AAvaliableAvaliableN/AAvaliableAvaliableAvaliableN/AAvaliableAvaliableAvaliableAvaliableAvaliableAvaliableN/AN/AAvaliableAvaliable
UEBA - User and Entity Behavior Analytics
Hadoop
Clouds
On-premises software
Advanced Analytics
Incident Response
Machine Learning
Licensing model all based on identity
Deep Learning
Visibility into users via reports and dashboards
Near real-time alerts
Forensic Tools
Customizable notification
Role based reports
Threat Intelligence reports
Technologies integration
Log collection from SaaS apps
Logs and User context data from Active directory
Logs from endpoint security solutions
Network flow/Packet data
Unstructured contextual data
Log collection from OS, apps, services
Meta data from electronic communications
Statistical models
Modelling based rules and signatures
Catching users with anomaly behavior on start by baselining model
System adaptation to user's dynamic role changes