On September 29th 2018, IBM QRadar team launched the new User Behavior Analytics App on IBM App Exchange.
IBM Security QRadar User Behavior Analytics (UBA) app provides a new, efficient means for detecting anomalous or malicious behaviors. By understanding who is doing what and deriving a lens into deviations of user behavior, QRadar UBA app helps security analysts become more productive and manage insider threats more efficiently. The QRadar UBA app comes with ready-to-go anomaly detection, behavioral rules and analytics, and leverages the curated log and activity data already in QRadar.
New capabilities provided by QRadar UBA V3.0
- User activity timelines providing insights into high risk events and metrics within user sessions.
- Individually selectable user activity categories (12) enabling +120 activity monitoring rules.
- Enable user analytics and machine learnings from 8 analytics groups including total user activity, activity by category, risk posture, abnormal data transfer & attempts, activity distribution, peer group learning and analysis
- Users can create and manage watchlists directly from the UBA 3.0 console view to customize enterprise specific detection
QRadar UBA is available for free. For more details on dependencies, check details on IBM App Exchange
IBM QRadar Product Marketing