UEBA | The Blog Pros

March 23, 2022

4 Challenges of Using Anonymous User Data for UEBA

User and entity behavior analytics (UEBA) tools support a cybersecurity strategy by looking for anomalies. These tools establish a baseline usage for users, devices, and networks, then flag cybersecurity teams about significant deviations from those norms. People are highly interested in how user behavior analytics could cut cyberattack risks. One market analysis showed that the UEBA sector was worth $1.2 billion in 2022. However, researchers believe it will get to $4.2 billion by 2026.

However, the push towards anonymizing user data for the sake of privacy could hinder that growth. User and entity behavior analytics work best when decision-makers at the companies using the technology can narrow down potential problems. Anonymous UEBA data would limit the trends it's possible to pinpoint. Here's a closer look at why anonymized information is not a good fit for UEBA platforms.

August 2, 2019

User and Entity Behavior Analytics

I had the opportunity to meet with Harish Sekar, Manager of Bus Dev for ManageEngine, during their user conference in Dallas to discuss the user and entity behavior analytics (UEBA) that were integrated into ManageEngine's SIEM solution, Log360.

Five years ago, an admin or IT manager had to turn on a few settings to get information about network activity. Now, with ongoing attacks, you cannot keep asking admins or IT to reconstruct their environment every time an attack takes place. Today, IT just has to feed the logs in, and Log360 automatically scores user behavior based on activity patterns, time inside, and resources touched to help analyze and identify the wrongdoers, be they clueless employees or bad actors. Don’t spare anyone if they're doing something that's not safe; it's still a problem.

Packages for Store Routines in MariaDB 11.4
No categories
MariaDB 11.4 introduced many advanced features. One that grabbed my attention is the general support of packages for stored routines. Although this was previously available by activating the Oracle compatibility mode, now the feature is available gener... […]
Maintain Chat History in Generative AI Apps With Valkey
No categories
A while back I wrote up a blog post on how to use Redis as a chat history component with LangChain. Since LangChain already had Redis chat history available as a component, it was quite convenient to write a client application. But, that's not the same... […]
Knowledge Graph Enlightenment, AI, and RAG
No categories
In the previous edition of the YotG newsletter, the wave of Generative AI hype was probably at its all-time high. Today, while Generative AI is still talked about and trialed, the hype is subsiding. Skepticism is settling in, and for good reason. Repor... […]
Building an Effective Zero Trust Security Strategy for End-To-End Cyber Risk Management
No categories
You've probably heard a lot about zero-trust security lately, and for good reason. As we move more of our applications and data to the cloud, the traditional castle-and-moat approach to security just doesn't cut it anymore. This makes me come... […]
Phased Approach to Data Warehouse Modernization
No categories
A modernized database will help you focus on building innovative solutions rather than investing your time and effort in managing these legacy systems. Based on the scale of your existing data warehouse processes or jobs, it can be an enormous task to ... […]