GigaOm Radar for User and Entity Behavior Analytics (UEBA)v1.01

Table of Contents

  1. Summary
  2. Market Categories and Deployment Types
  3. Key Criteria Comparison
  4. GigaOm Radar
  5. Vendor Insights
  6. Analyst’s Take
  7. About Chris Ray

1. Summary

Report updated 3.4.2022 to include Securonix in the list of vendors.

Cybersecurity is a multidisciplinary practice that not only grows in complexity year over year, it quickly evolves as well. A survey of the security landscape today would reveal concerns ranging from the classic compromised servers that have long been an issue, to the relatively new ransomware attacking multiple organizations in recent years. However, some things remain constant no matter how much change is introduced. While complexity varies and technology evolves, there is almost always a human component to the risks that organizations encounter.

User Behavior Analytics (UBA) solutions were designed to analyze the actions of users in an organization and attempt to identify normal and abnormal behaviors in order to detect malicious or risky behaviors. These solutions identify events that are not detectable using other methods because, unlike classic security tools (an IDS or SIEM, for example), UBA does not simply pattern match or apply rule sets to data to identify security events. Instead, it looks for any and all deviations from baseline user activity.

As technology advances and evolves and the scope of what is connected to the network grows, the need to analyze entities besides users emerged. In response, entity analysis, now known as User and Entity Behavior Analytics (UEBA), was added to the process. The strategy is the same, but the scope of analysis has expanded to include entities—daemons, processes, infrastructure, and so forth.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.

Full content available to GigaOm Subscribers.

Sign Up For Free