Laptop Displaying the GigaOm Research Portal

Get your Free GigaOm account today.

Access complimentary GigaOm content by signing up for a FREE GigaOm account today — or upgrade to premium for full access to the GigaOm research catalog. Join now and uncover what you’ve been missing!

GigaOm Radar for User and Entity Behavior Analysisv2.02

Detecting Malicious Behaviors and Reducing Risk Through Deeper Visibility

Table of Contents

  1. Summary
  2. Market Categories and Deployment Types
  3. Key Criteria Comparison
  4. GigaOm Radar
  5. Vendor Insights
  6. Analyst’s Take
  7. About Chris Ray

1. Summary

Cybersecurity is a multidisciplinary practice experiencing a fast rate of change and growing complexity. In response, vendors are evolving their technology at a similar pace.

Security concerns today range from protecting against compromised servers, to the relatively new area of development security operations (DevSecOps) aimed at securing new code and infrastructure deploying at rapid speeds, to mitigating identity-related security risks.

For the latter, user behavior analysis (UBA) was designed to analyze the actions of users in an organization and classify normal versus abnormal behaviors. From this analysis, UBA solutions look for any and all deviations from baseline user activity and can detect malicious or risky behaviors.

As technology has advanced and the scope of what’s connected to the network has expanded, the need to analyze entities other than users has emerged. In response, vendors have added entity analysis to UBA, creating user and entity behavior analysis (UEBA). The strategy remains the same, but the scope of analysis has expanded to include entities involving things like daemons, processes, infrastructure, and cloud roles.

This GigaOm Radar report highlights key UEBA vendors and equips IT decision-makers with the information needed to select the best fit for their business and use case requirements. In the corresponding GigaOm report “Key Criteria for Evaluating UEBA Solutions,” we describe in more detail the key features and metrics that are used to evaluate vendors in this market.

How to Read this Report

This GigaOm report is one of a series of documents that helps IT organizations assess competing solutions in the context of well-defined features and criteria. For a fuller understanding, consider reviewing the following reports:

Key Criteria report: A detailed market sector analysis that assesses the impact that key product features and criteria have on top-line solution characteristics—such as scalability, performance, and TCO—that drive purchase decisions.

GigaOm Radar report: A forward-looking analysis that plots the relative value and progression of vendor solutions along multiple axes based on strategy and execution. The Radar report includes a breakdown of each vendor’s offering in the sector.

Solution Profile: An in-depth vendor analysis that builds on the framework developed in the Key Criteria and Radar reports to assess a company’s engagement within a technology sector. This analysis includes forward-looking guidance around both strategy and product.