Feature spotlights

Detects insider threats based on user behavioral anomalies

User behavior analysis and fine-grained machine learning algorithms can detect when users deviate from normal activity patterns or behave differently from their peers. QRadar UBA creates a baseline of normal activity and detects significant deviations to expose both malicious insiders and users whose credentials have been compromised by cyber criminals.

Generates detailed risk scores for individual users

Risk scores dynamically change based on user activity, and high-risk users can be added to a watch list. Security analysts can easily drill down to view the actions, offenses, logs and flow data that contributed to a person’s risk score. This helps shorten the investigation and response times associated with insider threats.

Integrates seamlessly with QRadar Security Analytics

QRadar UBA integrates directly into the QRadar Security Analytics solution, leveraging the existing QRadar user interface and database. All enterprise-wide security data can remain in one central location, and analysts can tune rules, generate reports and integrate with complementary Identity and Access Management solutions – all without having to learn a new system or build a new integration.

Available from the IBM Security App Exchange

QRadar UBA is packaged as a downloadable app that is independent of the platform’s formal release cycles. All current QRadar clients can add this app to QRadar version 7.2.7 or higher to begin seeing a user-centric view of activity within their networks.

Technical details

Software requirements

All current QRadar clients can add this app to their QRadar version 7.2.7 or higher releases to begin seeing a user-centric view of what is happening within their networks.

Supported web browsers:

  • Mozilla Firefox 45.2 Extended Support Release
  • Google Chrome (Latest)

Hardware requirements

Users will need a QRadar SIEM console with 128 GB of memory.

    Technical specifications

    You must install IBM Security QRadar V7.2.7 or later before you install the QRadar UBA app.