Security
Splunk User Behavior Analytics
Protect against unknown threats with user and entity behavior analytics.
Detect advanced threats and anomalous behavior using machine learning
Splunk User Behavior Analytics uses unsupervised machine learning algorithms to establish baseline behaviors of users, devices and applications, then searches for deviations to detect unknown and insider threats.
Enhance security visibility so you can act decisively
Splunk User Behavior Analytics visualizes threats across multiple phases of an attack to give security analysts a comprehensive understanding of attack root cause, scope, severity and timelines. This context-rich view enables analysts to rapidly assess impact, and make informed decisions quickly and confidently.
Simplify incident investigations to increase SOC efficiency
Splunk User Behavior Analytics automatically reduces billions of raw events down to tens of threats for rapid review, without the need for time-consuming human-fueled detective work performed by an army of highly skilled security and data science professionals.
Features
Uncover the most sophisticated threats
Streamlined threat workflow
Reduce billions of raw events to tens of threats for quick review and resolution. Use machine learning algorithms to help identify hidden threats without human analysis.
Threat review and exploration
Visualize threats over a kill chain to gain context. Anomalies are stitched together across users, accounts, devices and applications so you can clearly see attack patterns.
User feedback learning
Customize anomaly models based on your organization’s processes, policies, assets, user roles and functions. Get granular feedback to improve confidence in threat severity and detection.
Kill chain detection and attack vector discovery
Detect lateral movement of malware or malicious insider proliferation. See behavior-based irregularities or pinpoint botnet or C&C activity.
CUSTOMER STORY
Keeping Markets Moving: Splunk and NASDAQ
Splunk UBA is giving us deep insight into our insider threat and what our trusted users are doing at any given instant.
Related Links
Splunk Attack Analyzer
Automatically detect and analyze the most complex credential phishing and malware threats.
Splunk Enterprise Security
Market-leading SIEM to quickly detect, investigate, and respond to threats.
Splunk SOAR
Work smarter by automating repetitive security tasks, respond to incidents in seconds, and increase analyst productivity and accuracy to better protect your business.
