Applies behavior analytics to fast-track threat detection, investigation and response
NetWitness UEBA is a cloud-native SaaS offering that uses advanced behavior analytics and machine learning to quickly reveal unknown threats. Both as a cloud native offering and on-premises, it leverages NetWitness Platform endpoint and log data captured by NetWitness to create a baseline of an organization’s behaviors and IT usage and to identify deviations that indicate suspicious behavior and sophisticated threats.Want more detail? Read the data sheet
Easy to get started
No need to manually tune algorithms. Simple to administer.
Begins processing data within hours so you can quickly baseline behavior and start detecting high-risk anomalies.
Relief for analysts
Alleviates alert fatigue with an innovative risk scoring model that zeroes in on the highest risk indicators for analysts.
High-fidelity threat detection
Automatically and regularly refines its machine learning algorithms to provide accurate threat monitoring without rules, signatures or manual analysis.
Advanced analytics and threat detection powered by the cloud
Unsupervised machine learning
NetWitness UEBA uses unsupervised machine learning, which means that it starts working the moment you turn it on to rapidly and accurately identify behaviors that may signal an attack. Unsupervised machine learning eliminates the need to create rules, customize metadata, and continually tune underlying data models.
Innovative statistical analysis
NetWitness UEBA aggregates multiple indicators of suspicious activity, then applies a dynamic statistical risk scoring model. This approach alleviates analysts’ burdensome workloads by producing higher-fidelity alerts triggered only when a risk score exceeds established thresholds.
Intelligent peer grouping
Since user behavior varies based on an individual’s role, responsibilities, location and other factors, NetWitness UEBA creates peer groups and detects deviations among them. This leads to more accurate alerts.
Scalable SaaS platform
NetWitness UEBA scales to process millions of events daily and analyze hundreds of millions of organizational entities. Flexible licensing options accommodate the needs of both large enterprises and smaller organizations.
Rein in digital risk with advanced analytics
The ability to monitor user, network and endpoint behavior on unsupervised machine learning algorithms makes NetWitness UEBA an obvious choice for catching the sophisticated unknown threats that create so much digital risk for organizations.
We selected NetWitness Platform because we found that it absolutely leaves no stone unturned. It uses behavioral indicators to identify attacks that are normally undetected by signature and rules-based monitoring tools.
Security Architecture Manager
Recruit Technologies Co. Ltd.