UBA provides global view of user behavior to better track threats
Advanced Behavioral Analytics
- Collect and fuse user-relevant data from multiple data sources
- Provide sophisticated behavioral analytics through machine learning
- Detect bad behaviors without any rules or signatures
- Complement the detection’s from other security applications on the platform
- Provide full visibility of users’ activities and threats anywhere
- Track threats by user rather than by threat type
- Associate a user with a risk score for easy identification of risky users
- Tightly integrate with other security applications such as malware detection
- User Behavior Analysis (UBA) Application 3-minute overview
“Starlight’s multi-tenant capability provides industry leading security analytics ideal for the managed security service provider or enterprise security operator, at a very aggressive price point… More >>
Detecting User Anomaly Behaviors
The UBA App in Stellar Cyber’s Starlight platform collects and fuses user-relevant data from a variety of data sources such as network traffic, Active Directory logs, and applications like Office-365. It applies sophisticated behavioral analytics through machine learning. It baselines users’ typical behavior in order to detect users’ anomalous activities. It can rapidly detect bad behaviors without the need to write any rules or signatures. Combined with other relevant security events detected with many tightly-integrated security applications such as malware detection, the UBA App can quickly detect malicious users or compromised users.
Connecting the Dots Through Users
UBA gives the holistic view of all users’ activities, abnormal behaviors, security events and the associated security risk. Rather than focusing on malware delivery events or data exfiltration events, for example, the UBA App provides a global view of user activity. And, as an integrated security toolkit and by fusing data from variety of sources, the Starlight platform works with other apps in its Security App Store to easily enable analysts to cross-check events to elevate a given user’s risk score.