User & Entity Behavioral Analytics in Incident Detection & Response, 2017

User & Entity Behavioral Analytics in Incident Detection & Response, 2017

Machine Learning and AI for Rapid Deployment in Incident Response Threat Detection and Mitigation

RELEASE DATE
26-Dec-2017
REGION
Global
Research Code: K266-01-00-00-00
SKU: IT03567-GL-MR_21339
$3,000.00
In stock
SKU
IT03567-GL-MR_21339
$3,000.00
DownloadLink

Pay by invoice

ENQUIRE NOW

Description

The report is about User and Entity Behavioral Analytics (UEBA) platforms used in the Incident Detection and Response (IDR) lifecycle and machine learning in various procedures in cybersecurity technologies. UEBA platforms apply algorithms over unstructured data sets to locate anomalies. By using a algorithm-based approach, UEBA is not limited to what can be learned from signatures or from techniques that require packet parsing. Divorced from signatures and packets, UEBA platforms are positioned to detect threats not possible in traditional cyber defense tools. UEBA platforms are deployed (typically) as plug-ins to network ingress/egress points and do not require agents or sensors (although additional visibility and endpoint management with the deployments of agents could be gained).If a UEBA platform is trusted, it can reduce agent management, and more importantly, reduce the number of alerts facing SOC analysts.


Research Highlights

The report is about User and Entity Behavioral Analytics (UEBA) platforms used in the Incident Detection and Response (IDR) lifecycle and machine learning in various procedures in cybersecurity technologies.

UEBA platforms are attractive on several levels:

  • UEBA platforms apply algorithms over unstructured data sets to look for anomalies.
  • By using a math-based approach, UEBA is not limited to what can be learned from  signatures or from techniques that require packet parsing.
  • Divorced from signatures and packets, UEBA platforms may be able to detect threats not possible in traditional cyber defense tools.
  • UEBA platforms are deployed (typically) as plug-ins to network ingress/egress points and do not require agents or sensors (although additional visibility and endpoint management with the deployments of agents could be gained).
  • If a UEBA platform is trusted, it can reduce lightweight agent management, and more importantly, reduce the number of alerts facing SOC analysts.

RESEARCH: INFOGRAPHIC

This infographic presents a brief overview of the research, and highlights the key topics discussed in it.
Click image to view it in full size

Table of Contents

Key Findings

Key Findings (continued)

Executive Summary—Key Questions This Study Will Answer

Introduction to the Research

Introduction to the Research (continued)

Definitions UEBA, Machine Learning, and Artificial Intelligence

Definitions UEBA, Machine Learning, and Artificial Intelligence (continued)

Drivers and Restraints

Drivers Explained

Drivers Explained (continued)

Drivers Explained (continued)

Drivers Explained (continued)

Drivers Explained (continued)

Drivers Explained (continued)

Restraints Explained

Restraints Explained (continued)

Restraints Explained (continued)

Restraints Explained (continued)

Restraints Explained (continued)

Restraints Explained (continued)

Machine Learning and Artificial Intelligence Role in IDR

Machine Learning and Artificial Intelligence Role in IDR (continued)

Machine Learning and Artificial Intelligence Role in IDR (continued)

Machine Learning and Artificial Intelligence Role in IDR (continued)

More about Machine Learning and Artificial Intelligence

More about Machine Learning and Artificial Intelligence (continued)

More about Machine Learning and Artificial Intelligence (continued)

Attributes of Vendor Analysis of UEBA Platforms in IDR

Vendor Analysis of UEBA Platforms in IDR

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

Vendor Analysis of UEBA Platforms in IDR (continued)

UEBA and Machine Learning in Cybersecurity Platforms

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms—LogRhythm

UEBA and Machine Learning in Cybersecurity Platforms

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

UEBA and Machine Learning in Cybersecurity Platforms (continued)

The Last Word—Predictions

The Last Word—Recommendations

Legal Disclaimer

Vendor Profile—Arctic Wolf Networks

SOC-as-a-ServiceDelivered by Concierge Security Engineers

Vendor Profile—Aruba, a Hewlett Packard Enterprise Company

Vendor Profile—Aruba, a Hewlett Packard Enterprise Company (continued)

Vendor Profile—Aruba, a Hewlett Packard Enterprise Company (continued)

Vendor Profile—Awake Security

Vendor Profile—Darktrace The Enterprise Immune System

Vendor Profile—Darktrace Autonomous Response Capability: Antigena

Vendor Profile—Demisto

Vendor Profile—Exabeam

Vendor Profile—Lacework

Vendor Profile—Lastline

Vendor Profile—Lastline (continued)

Vendor Profile—LogRhythm Threat Lifecycle Management

Vendor Profile—LogRhythm (continued)

Vendor Profile—Lumeta

Vendor Profile—Lumeta (continued)

Vendor Profile—SecBI

Vendor Profile—SecBI (continued)

Vendor Profile—ThetaRay

Appendix A—What are the Criteria in Multifactor Incident Detection and Response (IDR)

Appendix A—Cybersecurity Technology Classes Included in Multifactor IDR

Appendix A—Cybersecurity Technology Classes Not Included in Multifactor IDR

Appendix B—Explaining Individual Attributes of the IDR Lifecycle

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Appendix B—Explaining Individual Attributes of the IDR Lifecycle (continued)

Methodology

The Frost & Sullivan Story

Value Proposition—Future of Your Company & Career

Global Perspective

Industry Convergence

360º Research Perspective

Implementation Excellence

Our Blue Ocean Strategy

Related Research
The report is about User and Entity Behavioral Analytics (UEBA) platforms used in the Incident Detection and Response (IDR) lifecycle and machine learning in various procedures in cybersecurity technologies. UEBA platforms apply algorithms over unstructured data sets to locate anomalies. By using a algorithm-based approach, UEBA is not limited to what can be learned from signatures or from techniques that require packet parsing. Divorced from signatures and packets, UEBA platforms are positioned to detect threats not possible in traditional cyber defense tools. UEBA platforms are deployed (typically) as plug-ins to network ingress/egress points and do not require agents or sensors (although additional visibility and endpoint management with the deployments of agents could be gained).If a UEBA platform is trusted, it can reduce agent management, and more importantly, reduce the number of alerts facing SOC analysts.--BEGIN PROMO--

Research Highlights

The report is about User and Entity Behavioral Analytics (UEBA) platforms used in the Incident Detection and Response (IDR) lifecycle and machine learning in various procedures in cybersecurity technologies.

UEBA platforms are attractive on several levels:

  • UEBA platforms apply algorithms over unstructured data sets to look for anomalies.
  • By using a math-based approach, UEBA is not limited to what can be learned from  signatures or from techniques that require packet parsing.
  • Divorced from signatures and packets, UEBA platforms may be able to detect threats not possible in traditional cyber defense tools.
  • UEBA platforms are deployed (typically) as plug-ins to network ingress/egress points and do not require agents or sensors (although additional visibility and endpoint management with the deployments of agents could be gained).
  • If a UEBA platform is trusted, it can reduce lightweight agent management, and more importantly, reduc
More Information
No Index No
Podcast No
Author Chris Rodriguez
Industries Information Technology
WIP Number K266-01-00-00-00
Is Prebook No