There are five categories of threats for which risk scoring is done in Log360 UEBA. These are:
Risk scoring in Log360 UEBA
Any time a user's or entity's observed activity deviates from its baseline of expected activities, the risk score of the user or entity associated with one or more of the above threat categories will be increased.
Dynamic peer grouping analysis: Users and entities are automatically placed into peer groups based on behavioral traits. The security administrator has the option to enable Dynamic Peer Grouping Analysis when calculating the risk score. A user's or entity's peer group then be considered when calculating the risk score. This will provide better security context and decrease false positives.