Help Document

Introduction

Log360 UEBA is powered by Machine Learning (ML), and can detect anomalies by recognizing subtle shifts in user activity. It helps you identify, qualify, and investigate threats that might otherwise go unnoticed, by extracting more information from your logs to give better context.

The capabilities of Log360 UEBA include,

  • Anomalous User and Entity Behavior Analytics: Spot deviant user and entity behavior such as logons at an unusual hour, excessive logon failures, and file deletions from a host that is not generally used by a particular user.
  • Score-based Risk assessment: The Log360 UEBA dashboard gives you greater visibility into threats with its score-based risk assessment for users and entities. This approach helps you determine which threats actually merit investigation.
  • Threat Corroboration: Log360 UEBA identifies indicators of compromise (IoC) and attack (IoA), exposing major threats including insider threats, account compromise, and data exfiltration.

Note: Log360 UEBA is an add-on of Log360 and can work in combination with ADAudit Plus, EventLog Analyzer and Cloud Security Plus in Log360. It can also work with PAM360 to detect privilege misuse.