Vendor

ManageEngine introduces new user and entity behaviour analytics solution

Manikandan Thangaraj, director of product management, ManageEngine
Manikandan Thangaraj, ManageEngine

ManageEngine has announced that it has introduced user and entity behaviour analytics (UEBA) into its SIEM solution, Log360.

With score-based risk assessment, threat corroboration, anomaly detection powered by machine learning, and other new capabilities, the Log360 UEBA add-on helps security professionals identify, qualify, and investigate internal threats and anomalies by extracting more information from logs for better context.

According to Verizon’s 2018 Data Breach Investigations Report, over a quarter of the 53,308 cyber-attacks in 2017 involved insiders. Insider threats can be particularly difficult to detect with conventional threat detection systems, as it’s hard to spot the signs of someone using their legitimate access to data for nefarious purposes, and both vulnerabilities and exploits are unknown. UEBA delivers more robust and accurate threat detection by using machine learning to set a baseline of a user’s normal activity, and then flag any deviations from that baseline.

“In today’s IT security landscape, rigid alert rules and conventional threat detection systems no longer make the cut. The need of the hour is a system that can learn and adapt to continuous change,” said Manikandan Thangaraj, director of program management at ManageEngine. “Log360 UEBA does just that and improves the accuracy of threat detection, helping SOC personnel qualify and investigate threats that actually merit investigation.”

Log360 UEBA monitors user activity captured in logs to identify behavioural changes. User activities that would otherwise go unnoticed are flagged, reducing the time it takes to detect and respond to threats.

The solution is capable of spotting deviant user and entity behaviour such as logons at unusual hours, excessive logon failures, and file deletions from a host that is not generally used by a particular user. It can also generate a risk score for each user and entity based on how dangerous their behaviour is, helping security admins determine which threats merit investigation. In addition, it identifies indicators of compromise and indicators of attack, exposing major threats including insider threats, account compromise, and data exfiltration.

The Log360 UEBA add-on is available immediately at https://goo.gl/25wyfH and is priced at $495.

Previous ArticleNext Article

GET TAHAWULTECH.COM IN YOUR INBOX

The free newsletter covering the top industry headlines