View
Sorting
Products found: 14
Amazon Pinpoint
Elastic Stack
- detecting advanced security threat activities and anomalies in log data,
- discovering hidden fraud patterns in highly sensitive data,
- identifying anomalous systems or metrics and their root causes across IT systems,
- linking together complex series of events in data to expose early warning signals,
- automatically pinpointing where and why critical system outages are occurring,
- detecting unexpected drops in transactional activity, and much more.
Exabeam Advanced Analytics
Forcepoint SureView Analytics
Forcepoint User and Entity Behavior Analytics (UEBA)
Advanced Compromised Account Detection By understanding attributes like typical access patterns, prevent bad actors from accessing your critical assets and systems with User and Entity Behavior Analytics (UEBA).
Be a Partner to Human Resources Analyze communications-based data sources to identify potential code-of-conduct infractions.
Get More Out of Your SIEM Investment UEBA adds context and analytics to SIEM data and provides risk scoring to incidents organized by entity, allowing analysts to prioritize the highest risks.
Perform Context & Content-Rich Incident Response Enable transparent comprehensive investigation with advanced analytics like machine learning and artificial intelligence that are tuned toward specific behavior risk.
Solve Challenges in Data Security and Regulatory Compliance Analyze and detect patterns of human behavior in big data, delivering insights into enterprise risk where threats have surpassed the perimeter.
Automate DLP Policy Enforcement Combine UEBA with Forcepoint DLP to utilize analytic risk scores to dynamically change DLP policies.
Transparency Understandable analytics with simple explanation and context to make informed decisions about possible insider threats.
Configurability There is no one-size-fits-all UEBA solution. Forcepoint allows customers to build their own use cases and develop their own analytics without the need of a data scientist.
Entity Timeline View all historical activity during forensics stage with dynamic visualization.
Detect Seemingly Unrelated Threats Single alerts lack context to data. UEBA uses natural language processing and sentiment analysis for a holistic view of the user.
Varied Dataset Calculations Data models informed by both structured data, such as SIEM logs, and unstructured data, such as email and chat, from your disparate security tools and third-party applications.
Gurucul Identity Analytics
Gurucul Identity Analytics (IdA) comprehensively manages and monitors identity-based risks and threats across an organization’s siloed environments. Using big data, Gurucul provides a holistic 360-degree view of identity, access, privileged access, and usage in the cloud, on mobile and on-premises. IdA reduces the access plane by detecting and removing access risks, access outliers, and orphan or dormant accounts. This improves an organization’s security posture by significantly decreasing the number of accounts that can be compromised or abused.
Identity Analytics delivers the data science that improves IAM and PAM, enriching existing identity management investments and accelerating deployments. IdA surpasses human capabilities by leveraging machine learning models to define, review and confirm accounts and entitlements for access. It uses dynamic risk scores and advanced analytics data as key indicators for provisioning, de-provisioning, authentication and privileged access management.
The impact of machine learning with Identity Analytics can radically reduce accounts and entitlements. Machine learning models provide 360-degree visibility for an identity, accounts and access, with the ability to compare to peer groups using baselines to determine normal and anomalous access. The objective is to clean up the access plane to enable access only where it should be provided.
Gurucul User and Entity Behavior Analytics (UEBA)
IBM QRADAR UBA
IBM QRradar UBA
IBM Security QRadar SIEM
- Provides real-time visibility to the entire IT infrastructure for threat detection and prioritization.
- Reduces and prioritizes alerts to focus security analyst investigations on an actionable list of suspected, high probability incidents.
- Enables more effective threat management while producing detailed data access and user activity reports.
- Operates across on-premises and cloud environments.
- Produces detailed data access and user activity reports to help manage compliance.
- Offers multi-tenancy and a master console to help managed service providers provide security intelligence solutions in a cost-effective manner.
- Senses and detects inappropriate use of applications, insider fraud, and advanced low and slow threats that can be lost among millions of daily events.
- Collects logs and events from several sources including network assets, security devices, operating systems, applications, databases, and identity and access management products.
- Collects network flow data, including Layer 7 (application-layer) data, from switches and routers.
- Obtains information from identity and access management products and infrastructure services such as Dynamic Host Configuration Protocol (DHCP); and receives vulnerability information from network and application vulnerability scanners.
- Performs immediate event normalization and correlation for threat detection and compliance reporting.
- Reduces billions of events and flows into a handful of actionable offenses and prioritizes them according to business impact.
- Performs activity baselining and anomaly detection to identify changes in behavior associated with applications, hosts, users and areas of the network.
- Uses IBM X-Force Threat Intelligence optionally to identify activity associated with suspicious IP addresses, such as those suspected of hosting malware.
- Senses and tracks significant incidents and threats, providing links to all supporting data and context for easier investigation.
- Performs event and flow data searches in both real-time streaming mode or on a historical basis to enhance investigations.
- Enables the addition of IBM QRadar QFlow and IBM QRadar VFlow Collector appliances for deep insight and visibility into applications (such as enterprise resource management), databases, collaboration products and social media through deep packet inspection of Layer 7 network traffic.
- Detects off-hours or unusual use of an application or cloud-based service, or network activity patterns that are inconsistent with historical usage patterns.
- Performs federated searches throughout large, geographically distributed environments.
- Provides SoftLayer cloud installation capability.
- Collects events and flows from applications running both in the cloud and on-premises.
- Tracks all access to customer data by username and IP address to ensure enforcement of data-privacy policies.
- Includes an intuitive reporting engine that does not require advanced database and report-writing skills.
- Provides the transparency, accountability and measurability to meet regulatory mandates and compliance reporting.
- Allows managed service providers to cost-effectively deliver security intelligence using a single console to support multiple customers.
- Leverages either on-premises or cloud-based deployments.
Micro Focus Security ArcSight User Behavior Analytics (UBA)
- Lowering the risk and impact of cyber attacks
- Detect unusual behavior by correlating user identity management with rest of the IT logs from apps and network
- Achieve faster event resolution to identified threats through deeper integration with SIEM
- Quick forensics investigation UBA analyzes user related data looking for threats in comparison to peers, historical activity, and/or violations of predefined expected behavior.
Securonix Enterprise
Securonix User and Entity Behavior Analytics (UEBA)
- Build a comprehensive risk profile of every user in your environment, based on identity, employment, security violations, IT activity and access, physical access, and even phone records.
- Identify true areas of risk by comparing user activity to their individual baseline, their peer group baseline, and known threat indicators.
- Results are scored and presented in interactive scorecards.
Clear Visibility into Your Cloud
- Provide cloud-to-cloud monitoring capabilities with built-in APIs for all major cloud infrastructure and application technologies.
- Detect malicious activity by analyzing user entitlements and events.
- Correlate cloud data and on-premises data to add entity context information.
- Analyze end-to-end activities to detect actionable threat patterns.
Proactive Enterprise Fraud Detection
- Identify complex fraud attacks that typically escape signature-based detection methods using advanced signatureless behavior and peer-based outlier analysis techniques.
- Detect account takeover, anomalous user behavior, transaction fraud, and anti-money laundering violations.
Revolutionize Your Cloud Security With Securonix Cloud you can enjoy all the capabilities of Securonix Security Analytics Platform, with the convenience of a software-as-a-service (SaaS) solution. It provides security that spans across your cloud infrastructure, data, applications, and access control solutions. Benefit from the quick deployment, easy scalability, and shorter time to value of Securonix Cloud.
Splunk User Behavior Analytics
- Advanced Threat Detection. Discover abnormalities and unknown threats that traditional security tools miss
- Higher Productivity. Automate stitching of hundreds of anomalies into a single threat to simplify a security analyst’s life
- Accelerate Threat Hunting. Use deep investigative capabilities and powerful behavior baselines on any entity, anomaly or threat
- Enhance Visibility and Detection. Automate threat detection using machine learning so you can spend more time hunting with higher fidelity behavior-based alerts for quick review and resolution.
- Accelerate Threat Hunting. Rapidly identify anomalous entities without human analysis. Rich set of anomaly types (65+) and threat classifications (25+) across users, accounts, devices and applications.
- Augment SOC Resources. Automatically stitch hundreds of anomalies observed across multiple-entities—users, accounts, devices and applications - to a single threat for faster action.
- Better Together: Splunk ES and Splunk UBA. Organizations gain maximum value to detect and resolve threats and anomalies via the power of human and machine-driven solutions by combing Splunk® Enterprise Security and Splunk UBA.
The ROI4CIO Product Catalog is a database of business software, hardware, and IT services. Using filters, select IT products by category, supplier or vendor, business tasks, problems, availability of ROI calculator or price calculator. Find the right business solutions by using a neural network search based on the results of deployment products in other companies.