Detect Insider Threats with User Behavior Analytics
As an integrated component of the QRadar Security Intelligence Platform, UBA leverages out of the box behavioral rules and machine learning (ML) models to add user context to network, log, vulnerability and threat data to more quickly and accurately detect attacks.
Gain visibility into insider threats
Guard against rogue insiders and cyber criminals using compromised credentials. Uncover anomalous behaviors, lateral movement, threats and data exfiltration─with a user focus.
Improve analyst productivity
Easily identify risky users by applying machine learning (ML) and behavioral analytics to QRadar security data, calculate users’ risk scores and only raise alerts on high risk incidents.
Accelerate time to value
Generate meaningful insights within 24 hours. QRadar clients can download and install the UBA app quickly and easily from the IBM Security App Exchange.
Extend QRadar security features
The UBA dashboard is an integrated part of the QRadar console and helps extend capabilities of the QRadar Security Intelligence Platform.
Key Features
- Detects insider threats based on user behavioral anomalies
- Integrate seamlessly with IBM QRadar
- Generates detailed risk scores for individual users
- Available from the IBM Security App Exchange
Product images
QRadar UBA dashboard
User activity details
User activity timeline
QRadar Advisor with Watson investigation
Use case tuning and configuration
Custom machine learning model builder
Testimonials
“ An effective tool to monitor individual activity against statistical baselines, individual as well as peer group anomalous behavior, and overall risk scores. ”
- Chris Kissel
- Director of Research, Cybersecurity AIRO Team
- IDC
“ IBM is one of the few vendors that not only understand SOAPA conceptually but also deliver SOAPA today. Case in point, IBM can provide a SIEM/UEBA solution with the combination of QRadar and QRadar UBA. ”
- Jon Oltsik
- Senior Principal Analyst and ESG Fellow
- Enterprise Strategy Group