What is UEBA & UBA?
User and Entity Behavior Analytics / User Behavior Analytics
UEBA is a cyber-security detection model which uses “machine learning” or imprecise detection methodologies to detect what appear to be user / entity behavior anomalies.
Is UEBA Needed for Data Protection?
Many UEBA vendors claim that if your DLP solution creates “noise” aka “false positives” then UEBA is required to cut down the imprecise events. That may be so, however if you have a solution such as GTB’s DLP that Works whose fingerprinting algorithms result in virtually ZERO false positives then you probably do not need UEBA.
GTB DLP for Data in Motion and Data in Use has the unique ability to accurately identify and eliminate insider threats with real-time detection, control and prevention of sensitive data exfiltration
That being said, UEBA can come in handy when a DLP system detects and / or stops an event that could have been a breach by a user, then UEBA analytics, though imprecise, can help focus in on the users’ behavior (utilizing data captured through the DLP system) and help prevent a breach. UEBA applications are also good to zero in on users an organization feel may present a further / future risk to the organization.