User Entity Behavior Analytics (UEBA)
Get a single unified view in your environment
with Stellar Cyber's security operations platform
From Dev, to Q/A and Production, Stellar Cyber ensures 360 degree visibility for security analysis throughout the CI / CD pipeline
Comprehensive Asset Inventory and Advanced User Analytics
Entity Analytics
-- Beyond SIEM Security
- Dynamically discover assets across networks, endpoints and cloud environments through open extended detection and response Open XDR
- Constantly discover assets from a variety of sources – sensors, logs, host information or 3rd party applications
- Uniquely identify assets with either host names, MAC addresses or IP addresses
- Automatically collect and fuse user-relevant data from multiple data sources across security infrastructure, delivering on the idea of Open XDR
- Enable sophisticated behavioral analytics through machine learning
- Detect bad behaviors without any rules or signatures
- Discover and provide asset/user relationships
- Complement the detections with other security capabilities on the platform
- Assigns a risk score based on observed security events and asset risk profile
- Assigns a risk score based on observed security events and asset risk profile
- Provides a centralized risk-level view of all assets–network security, cloud security and IT security
- Correlates asset information with user, threat, location and vulnerability data through Open XDR
- Provides a kill chain view of security events for each asset
- Offers a panoramic view of lateral movement of attacks around an asset across security infrastructure
- Enables flexible searching or filtering of assets in various ways such as CVEs
- Tags each security event with asset ID
User-Centric View
- Provides full visibility of users’ activities and threats anywhere across IT security, including SIEM tools
- Tracks threats by user rather than by threat type
- Associates a user with a risk score for easy identification of risky users
- Security analysis is easy through tightly integrated security applications such as malware detection
What People Are Saying
Jon Oltsik Senior Principal Analyst and ESG Fellow
Central IT Department University of Zurich
Rik Turner Principal Analyst, Infrastructure Solutions
Gartner PeerInsights
Key Features
Detect User Anomaly Behaviors That SIEM Tools Miss
The UEBA App in Stellar Cyber’s Open XDR platform collects and fuses user-relevant data from a variety of data sources across security infrastructure such as SIEM tools, network traffic, Active Directory logs, and applications like Office 365. It applies sophisticated behavioral security analysis through machine learning.
Advanced Asset Management-- Beyond SIEM Security Thinking
Drive a holistic view and bring together IT security, network security and cloud security. Stellar Cyber’s UEBA automatically and continually discovers and inventories all assets across networks, clients and cloud environments by collecting information from many different sources such as network traffic, logs, endpoints, vulnerability scan results, etc.
Response at Your
Discretion
Stellar Cyber’s NDR application supports both automatic and manual responses. It can directly block attacks by dropping suspicious traffic on NGFW, disabling affected users on Active Directory, containing compromised endpoints via EDR, or any actions through Restful APIs or flexible scripts. Stellar Cyber’s NDR also supports integration with other SOARs like Phantom, Demisto, Swimlane and more.
See Critical Events Through User Behavior Analysis
UEBA provides a holistic view of all users activities, abnormal behaviors, security events and the associated security risk. Rather than focusing on malware delivery events or data ex-filtration events, for example, the UEBA capability provides a global view of user activity.
Auto Correlation and Risk Profiling Simplifying Security Analysis
UEBA provides a holistic view of all users’ activities, abnormal behaviors, security events and the associated security risk. Rather than focusing on malware delivery events or data ex-filtration events, for example, the UEBA capability provides a global view of user activity.