Skip to main content


Security

Splunk User Behavior Analytics

Protect against unknown threats with user and entity behavior analytics.

im im

HOW IT WORKS

Detect threats and anomalous behavior using machine learning

machine-learning-toolkit-mltk-dashboard-featured machine-learning-toolkit-mltk-dashboard-featured

Advanced threat detection

Discover abnormalities and unknown threats that traditional security tools miss.

Boost productivity

Automate stitching of hundreds of anomalies into a single threat to simplify incident investigations.

machine-learning-toolkit-mltk-dashboard-featured machine-learning-toolkit-mltk-dashboard-featured
machine-learning-toolkit-mltk-dashboard-featured machine-learning-toolkit-mltk-dashboard-featured

Accelerate threat hunting

Use deep investigative capabilities and powerful behavior baselines on any entity, anomaly or threat.

Features

Find unknown threats using machine learning

Enhance visibility and improve detection of known, unknown and hidden cyberattacks and insider threats.

dw-bi-analytics dw-bi-analytics

Streamlined threat workflow

Reduce billions of raw events to tens of threats for quick review and resolution. Use machine learning algorithms to help identify hidden threats without human analysis.

Data streaming Data streaming

Threat review and exploration

Visualize threats over a kill chain to gain context. Anomalies are stitched together across users, accounts, devices and applications so you can clearly see attack patterns.

digital-experience-monitoring digital-experience-monitoring

User feedback learning

Customize anomaly models based on your organization’s processes, policies, assets, user roles and functions. Get granular feedback to improve confidence in threat severity and detection.

detecting-network-abuse detecting-network-abuse

Kill chain detection and attack vector discovery

Detect lateral movement of malware or malicious insider proliferation. See behavior-based irregularities or pinpoint botnet or C&C activity.

acquia background acquia background

CUSTOMER STORY

Keeping Markets Moving: Splunk & NASDAQ

Splunk UBA is giving us deep insight into our insider threat and what our trusted users are doing at any given instant. 

Martin Luitermoza, Associate Vice President, NASDAQ

INTEGRATIONS

Splunk ES and Splunk UBA join forces

integrations integrations

Related Products

More from Splunk Security

strengthen-your-security-posture strengthen-your-security-posture

Splunk Enterprise Security

Turn data into doing by putting trust into an agile security analytics solution that moves at the speed of your business.

Explore Splunk Enterprise Security
adaptive-response adaptive-response

Splunk SOAR

Work smarter by automating repetitive security tasks, respond to incidents in seconds, and increase analyst productivity and accuracy to better protect your business.

Explore Splunk SOAR
learning-management learning-management

Splunk Intelligence Management

Transform and curate data to make it actionable, break down data silos and improve cyber resilience and operational efficiency.

Explore Splunk Intelligence Management

Get started

From security to observability and beyond, Splunk helps you go from visibility to action