Innspark UEBA
Never miss any threatening behavior from insideUnparalleled detection of malicious insider activities using deep insights around users and threats
Detection of hijacked accounts
Multi-user attack detection
Improved Operational efficiency
Data exfiltration detection
Priviledge Abuse and misuse
Lateral movement detection
Innspark UEBA Capabilities
Increased Anomaly Detection
Monitors logs in real-time, alerting on anomalous user behavior. Each model undergoes training to establish a baseline. If any deviations are detected, UEBA alerts and reports contextual information
Smart Users Activity Timeline
Enhances analyst’s investigation capabilities through a Smart User Activity Timeline, in which activities of each user are arranged chronologically. This enables analysts to gain real-time insights into any suspicious activity at the very beginning stage, before it affects the entire infrastructure
Machine Learning & Artificial Intelligence
Utilizes diverse machine learning modules: Reinforcement Learning, Deep Learning, Supervised Machine Learning, Bayesian Networks, and other models based on time, category, continuity, and discrete aspects
Blazing Fast Forensics
Facilitates forensics search in both RAW and Parsed data using intuitive GUI with natural language support. The system ensures user-friendly experience, offering compatible options and auto-suggestions for selected fields based on contextual data
User Interface & Dashboards
Provides user-friendly visualizations, offering insights into the organization’s security posture. Alerts for a specific tenant/group can be viewed separately. Dashboards are configurable for real-time or historical data viewing
Advanced Threat Detection
Provides out-of-the-box threat detection for various malicious activities, including Lateral Movement, Data Exfiltration, Anomalous Data Access, Brute Force detection, Insider Threat detection, and Network Behavioral-based detections. Proactively monitors privilege misuse activities
Features
Innspark UEBA is designed to enhance the security posture of organizations by integrating with various security solutions, including SIEM, SOAR, EDR, and XDR. Its key features include:
-
High accuracy machine identification, even if IP addresses change
-
Granular role-based access control (RBAC)
-
One-click export of raw log data
-
Alert mechanism for threat detection
-
Integration with enterprise authentication systems
-
Auto identification of trusted hosts and compromised entities
-
Optimizable risk models for better threat detection
-
Auto identification and classification of users and entities
-
Support for high availability (HA) architecture
-
Fine-tuning of metadata attributes for behaviour models
-
Dedicated report generation engine with built-in templates for exporting reports in PDF, CSV, and Excel formats
-
Automatic report generation through scheduling
-
Web-based application for easy access
-
Supports creation of custom models and rules/policies that can be automatically adjusted through automated learning
-
Self-learning behavioural analysis to dynamically model each device
-
Retraining of the model based on feedback from security analytics
-
Flexibility to configure rolling window of period for behaviour profiling
Let’s cybersecure your enterprise.
Schedule a demo of our products.