See unknown and unknowable threats with Behaviour Anomaly Detection
Huntsman Security’s Behaviour Anomaly Detection (BAD) / User Entity Behaviour Analytics (UEBA) engine ensures suspicious activity, whether by users, machines or applications operating across the network can be easily detected, investigated and resolved based on learned profiles of baseline behaviour that can be fixed once derived, or continuously variable as the network grows or patterns of use evolve.
Our Behaviour Anomaly Detection builds on policy-driven or rule and pattern-based analysis to detect unknown and unknowable activity from insiders or external parties using machine learning to highlight statistical or behavioural anomalies that can indicate a security attack, data loss, insider misuse or other issue.
Video: What is Behaviour Anomaly Detection and why do you need it?
What Behaviour Anomaly Detection delivers
- Real-time detection of cyber threats and insider misuse
- Reduced operational risk to limit uncertainty and remove operator error
- Visibility of anomalous activity within the network, operating system and application layers
- Enriches data collection and enables both rule-based and behavioural analysis
How Behaviour Anomaly Detection works
- Adapts to authorised network changes, gradual trends, usage spikes and work patterns
- Automatically distinguishes suspicious and risky outliers from normal events
- Real-time correlation and analysis of user, device, application, network activity and other data sources to detect:
- Advanced Persistent Threats (APTs)
- Smart, customized and targeted malware
- Malicious or negligent insiders abusing access and putting information at risk
- Data exfiltration, lateral movement and the use of credentials by attackers
- ‘Unknown’ and ‘unknowable’ external and internal threats
- Visual analysis GUI so metrics, key information and sensitivities can be displayed and tailored to meet precise profiling requirements