Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity

    7 Security Risks User and Entity Behavior Analytics Helps Detect

    By
    Sean Michael Kerner
    -
    October 10, 2017
    Share
    Facebook
    Twitter
    Linkedin

      PrevNext

      17 Security Risks User and Entity Behavior Analytics Helps Detect

      1 - 7 Security Risks User and Entity Behavior Analytics Helps Detect

      User and Entity Behavior Analytics (UEBA) technology is a relatively new entrant into the cyber-security tools arena that aims to provide capabilities that classic network security tools such as firewall and intrusion preventions systems (IPS) cannot. With UEBA, rather than just looking at network traffic and anti-malware scanners for indicators of compromise, organizations gain insight into user behavior. UEBA systems can identify different types of anomalous user behavior and actions that might serve as indicators of threat and compromise. In this eWEEK slide show using industry information from Ryan Stolte, co-founder and CTO of Bay Dynamics, eWEEK outlines seven things that UEBA technology can help to uncover.

      2Slow and Low Attacks

      2 - Slow and Low Attacks

      Bad guys, outsiders and insiders alike know that traditional security tools work on basic thresholds. They know if they do the same thing more than “X” amount of times, it will raise a red flag. So they keep their activity slow enough with low volume to stay under the radar. An example of this would be leaking a small number of credit card numbers via email just once a day. UEBA can pick up this pattern and identify it as a recurring behavior that needs to be investigated.

      3Collusion

      3 - Collusion

      UEBA can help uncover a group of people who work closely together who suddenly change their behavior in the same way. For example, a team has decided to pull off a heist of customer records it intends to use for its own gain, but it knows security controls are watching. So each member takes a bit of what the team is trying to steal and emails it to their personal accounts. UEBA will not only find the abrupt change in the users’ behavior, but will also flag that it is a consistent change within the team, and highlight the entire group.

      4Hiding in the Noise

      4 - Hiding in the Noise

      Every employee has a role and is required to perform certain actions tied to that role. For example, Joe is on a team responsible for printing mortgages. Tom, who works for the same company but is a retirement plan financial adviser, prints two mortgages during the span of two weeks. While printing mortgages is normal for Joe, his team and his company, it’s not a normal action for Tom or anyone on his team. UEBA can pick those people out of the crowd and enable security teams to investigate them without having to scrutinize the others.

      5Persistent Exfiltration Attempts

      5 - Persistent Exfiltration Attempts

      Very often if an attacker is blocked in his or her attempt to exfiltrate sensitive data, the attacker will try another method to get around the system. For example, Jane attempts to email a file with sensitive data to her personal account, but it’s blocked. She proceeds to upload the file to cloud storage on her personal site, but again she’s blocked. She then tries to put the file on a USB stick, but once more she’s blocked. She clicks “print” and—success! Or so she thinks. UEBA technology can piece all those actions together, and Jane receives a deskside visit from an investigator.

      6Door Jigglers

      6 - Door Jigglers

      Some people just can’t help jiggling and shaking door knobs when they walk down the hallway. Many are just curious or like pushing the limits, but the truth is these are the people who are most likely to open that file that they know they shouldn’t open. They go to websites that are blocked and keep on trying, assuming nobody is really looking. These employees are likely to be a welcome entry point for a phishing attack. UEBA can spot the “door jigglers” and warn them about the risky behavior.

      7Checking Out and Preparing to Exit

      7 - Checking Out and Preparing to Exit

      UEBA spots behavior changes that are consistent with those of others who were preparing to leave a company. This enables security teams to find the employees before they let their company know they’re leaving. This is important because sensitive data can leave a company when an employee leaves. Since UEBA can see changes in behavior that may indicate an employee is preparing to quit, these employees can be found before data slips out the door.

      8Gold Prospectors

      8 - Gold Prospectors

      Unlike door jigglers, these are true bad actors, scouring file systems and trying to log into whatever they can find as they look for golden nuggets. These people have big dreams and keep looking until they find that golden sensitive data—or until UEBA finds them.

      PrevNext

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      Applications

      Cisco’s Thimaya Subaiya on Customer Experience in...

      James Maguire - May 10, 2022 0
      I spoke with Thimaya Subaiya, SVP and GM of Global Customer Experience at Cisco, about the factors that create good customer experience – and...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×