Security provider Stellar Cyber, with the first Open-XDR security platform, added a User Behavior Analytics (UBA) App to its Security App Store, making it much easier to track threats by specific users.
UBA is a hot area of security because it’s easier to identify compromised users and malicious users. It tracks threats by user rather than by threat type, and detects additional anomalous activities of a user with advanced behavioral analytics through machine learning.
In contrast, the conventional security platforms force security analysts to manually identify events as belonging to one user or another, lacking a user-centric view.
The UBA App in Stellar Cyber’s Starlight platform collects and fuses user-relevant data from a variety of data sources such as network traffic, Active Directory logs, and applications like Office365.
It applies sophisticated behavioral analytics through machine learning. It baselines users’ typical behavior in order to detect users’ anomalous activities. It can rapidly detect bad behaviors without writing any rules or signatures.
With this, coupled with other relevant security events detected with many tightly-integrated security applications such as malware detection, the UBA App can quickly detetct malicious users or compromised users.
UBA gives the holistic view of all users’ activities, abnormal behaviors, security events and the associated security risk. Rather than focusing on malware delivery events or data exfiltration events, for example, the UBA App provides a global view of user activity.
And, as an integrated security toolkit and by fusing data from a variety of sources, the Starlight platform works with other apps in its Security App Store to easily enable analysts to cross-check events to elevate a given user’s risk score.
“With conventional products, UBA is a complex and laborious process,” said Ilker Simsir, Principal Product Manager at Stellar Cyber. “Our UBA app makes it much easier to track threats on a per-user basis because it correlates events from throughout the kill chain.”