Top 5 User Behaviour Analytics (UBA) Vendors at RSAC 2017

RSA conference is one of the leading security conference worldwide.  It creates tremendous opportunity for vendors, users and practitioners to innovate, educate and discuss around the current security landscape.


User behavior analytics technology is in a way similar to SIEM technology but with certain subtle differences:

  • Most standalone UBA tools utilize both basic and advance analytics approach ranging from rules-based models to Deep machine learning. A SIEM tool may or may not utilize advanced analytics approaches such as unsupervised machine learning
  • Most standalone UBA tools utilize narrow but highly relevant set of data for ex. Active directory logs, end point security solutions, DLP solutions etc, for analysis. This results in higher quality of alerts with less false-negatives and false-positives. compare this to SIEM  tools which ingest overwhelming amount of data only to generate more noise in their alerts
  • Standalone UBA tools builds profiles/models for Users and Entities (Hosts, applications, devices etc.) behavior over a period of time and uses that as a baseline to detect any malicious actions by noting any abrupt or sudden change in their behavior. This functionality is only available as a feature in some SIEM tools.
  • UBA excels in certain use cases such as insider threat detection, detecting compromised accounts etc.

Here are top 5 emerging UBA vendors to watch out for:



Exabeam user behavior intelligence solution helps organizations tackles challenges like external/internal threats and data theft by applying the advancements in data science to cyber-security. The product is built on a big data platform and performs behavioral analytics and risk scoring to determine any malicious activity.

To Know More: Visit Exabeam User Behavior Intelligence Solution Page


Gurucul’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches.


To Know More: Visit Gurucul Risk Analytics Platform Product Page

(Read More: Technology Stack For Ransomware Protection )



Fortscale UEBA uses unsupervised machine learning algorithms to provide user and entity profiling and anomaly detection. Fortscale can ingest myriad sources of data and has inbuilt forensics and investigation capabilities.


To Know More: Visit Fortscale UEBA Product Page



RedOwl uses a mix and match advance and basic analytics, such as, statistical pattern matching, machine learning and content analytics to profile user behavior, and identify anomalous user activity. RedOwl UBA solution can ingest both structured and unstructured data formats and has multiuse cases out-of-the box.


To Know More: Visit RedOwl UBA Solution Page



Niara security analytics platform utilizes both supervised and unsupervised machine learning for behavioral profiling of user and entities. It ingests data sources such as network packets, log data from hosts, application and other security products such as SIEM, DLP and WAF. Niara security analytics platform can be deployed on-premise or can be cloud based.


To Know More: Visit Niara Security Analytics Platfrom Page

Views: 353

Join the Discussion ...

You need to be a member of CISO Platform to join the discussion!

Join CISO Platform


CISO as an enabler

Started by Maheshkumar Vagadiya Jul 30, 2020. 0 Replies

Share the instances where you were able to convince the Executive management /board that CISO function is enabler rather then a hindrance.Thanks youMaheshContinue

Has Anyone Evaluated Digital Signature (like Docusign)?

Started by CISO Platform. Last reply by Yogesh Nov 19, 2020. 2 Replies

(question posted on behalf of a CISO member)Has anyone evaluated digital signature (like Docusign), any specific risk/ security areas to be looked into while finalising a vendor? Any and all inputs will be very much appreciated.Continue

What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?

Started by CISO Platform. Last reply by ANAND SHRIMALI May 20, 2020. 4 Replies

(question posted on behalf of a CISO member)What are your strategies for using Zoom in your organization after recent vulnerabilities in news about Zoom platform?Related Question: …Continue

[Please Suggest] Corona Virus: Security advisory for work from home

Started by CISO Platform. Last reply by Bhushan Deo Mar 20, 2020. 12 Replies

(question posted on behalf of a CISO member)Due to CORONA virus most of the organizations are allowing their employees to work form home.Has any one issued security advisory for work from home ?Continue

Tags: #COVID19

Follow us

Contact Us


Mobile: +91 99002 62585

InfoSec Media Private Limited,First Floor,# 48,Dr DV Gundappa Road, Basavanagudi,Bangalore,Karnataka - 560004

© 2021   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service

/* */