User Behavior Analysis (UBA) is a system of analysing user and system behaviour aimed at finding and detecting anomalies using monitoring tools. UBA technologies analyse historical data logs (including network logs and authentication logs) aggregated by SIEM systems to identify traffic patterns caused by both normal and malicious user behaviour. Usually, UBA systems do not take action based on the results of the analysis. However, they can be configured to automatically adjust the authentication complexity of users who exhibit anomalous behaviour.
Opportunities:
- continuous monitoring and logging of user activity on workstations with the ability to record desktop video;
- profiling and detection of anomalies in user behaviour (as well as hosts, services, processes);
- statistics maintenance.
Result:
- staff time-keeping;
- detection of insider activity (unauthorised actions, transfer of confidential information, etc.);
- contractors’ time-keeping, process and scope of work assessment.
Our partners: Teramind | EKRAN
Full portfolio of managed services
Get a consultation on the UBA:
+38 044 538 00 45;
infosec@old.octava.ua
