POWERED BY
INTELLIGENT BRANDS // Enterprise Security
ManageEngine introduces UEBA
analytics in its SIEM Solution
/////////////////////////////
ManageEngine has introduced user and entity
behaviour analytics (UEBA) into its SIEM solution,
Log360, to help security professionals tackle
internal threats.
M
anageEngine, the real-time IT
management company, has
announced that it has introduced
user and entity behaviour analytics (UEBA)
into its SIEM solution, Log360.
With score-based risk assessment, threat
corroboration, anomaly detection powered
by Machine Learning and other new
capabilities, the Log360 UEBA add-on helps
security professionals identify, qualify, and
investigate internal threats and anomalies
by extracting more information from logs for
better context.
According to Verizon’s 2018 Data Breach
Investigations Report, over a quarter of
the 53,308 cyberattacks in 2017 involved
insiders. Insider threats can be particularly
difficult to detect with conventional threat
detection systems, as it’s hard to spot the
signs of someone using their legitimate
access to data for nefarious purposes
and both vulnerabilities and exploits are
unknown. UEBA delivers more robust
and accurate threat detection by using
Machine Learning to set a baseline of a
user’s normal activity and then flag any
deviations from that baseline.
“In today’s IT security landscape, rigid alert
rules and conventional threat detection
systems no longer make the cut. The need
of the hour is a system that can learn
and adapt to continuous change,” said
Manikandan Thangaraj, Director of Program
Management at ManageEngine.
“Log360 UEBA does just that and improves
the accuracy of threat detection, helping
SOC personnel qualify and investigate
threats that actually merit investigation.”
Manikandan Thangaraj, Director of Program
Management at ManageEngine
Highlights of Log360 UEBA
Log360 UEBA monitors user activity
captured in logs to identify behavioural
changes. User activities that would otherwise
go unnoticed are flagged, reducing the time
it takes to detect and respond to threats.
The highlights of Log360 UEBA include:
• Anomaly detection: Spots deviant user
and entity behaviour such as log-ons at
unusual hours, excessive log-on failures,
and file deletions from a host that is not
generally used by a particular user.
• Score-based risk assessment: Generates
a risk score for each user and entity based
on how dangerous their behaviour is,
helping security admins determine which
threats merit investigation.
• Threat corroboration: Identifies
indicators of compromise and indicators
of attack, exposing major threats
including insider threats, account
compromise and data exfiltration. n
www.intelligentcio.com
INTELLIGENTCIO
69