CipherCloud’s User and Entity Behavior Analytics (UEBA) engine performs continuous monitoring of users, devices and application activities, allowing IT security teams to identify anomalous behavior of users in real-time across multiple clouds and preventing accounts from getting compromised by malicious insiders and external threats.
CipherCloud UEBA continuously profiles data attributes and user behavior to detect activity that is out of the ordinary for your enterprise. Examples of anomalies might be an abnormally large number of downloads from an individual user, a higher than normal number of logins from the same user, or persistent login attempts by an unauthorized user. Monitoring includes the locations from where logins take place (geo-logins), source IP addresses, and devices used. User behavior includes activities such as content uploads and downloads, edits, deletes, logins, and logouts.
UEBA detecting and flagging anomalous user exceeding download count during out of office hours
With CipherCloud UEBA organizations can: