Hello!
We are excited to announce the release of HP UBA 1.1, which includes the release of HP UBA Premium as well as Application Insight Packs.
For a quick summary of the User Behavior Analytics product offerings, please see below:
< Previously Available within HP UBA 1.0 >
HP UBA Basic augments security monitoring with identity context. In real time, the solution identifies highest risk users when they violate a pre-defined, rule based violation. Violations are risk scored and forwarded into ESM, violations are also displayed in UBA aggregated under the responsible user alongside other indicators of compromise.
HP UBA detects unknown threats by creating a baseline for normal activity of users, peer groups, and accounts within the network, the cloud, and enterprise applications—alerting on anomalous, inappropriate, high risk activities—thereby detecting malicious external and interanal actors operating within the entitlement of their access and job function. Additionally, to investigate and understand the potential extent of a security threat, the interactive visual user interface of the investigation workbench enables analysts to drill down on the anomalous activities, pivot across various objects (e.g., IP address, systems, violations, peer groups, etc.) by simply dragging and dropping them, examine activity, and rapidly reveal suspicious behavior. Incremental to UBA Basic, HP UBA offers customers 1) detection of malicious actors 2) faster event resolution and investigation efficiency 3) ROI savings
< New Features within HP UBA 1.1 >
HP UBA Premium extends the capabilities of HP UBA into protecting the enterprise in additional stages of the attack kill chain. To preemptively mitigate the threat users pose to an organization and reduce external risk in to the infiltration phase, HP UBA Premium connects into IAM systems to mine access entitlements and perform peer analytics and other application specific techniques to automatically identify and risk rank rogue and high risk access on applications, servers, databases, and mainframe systems for certification and cleanup. Additionally, HP UBA Premium identifies actors in the exfiltration stage by automatically identifying data exfiltration risk using identity, behavior, and peer analysis associated with users and accounts that are demonstrating multiple indicators of exfiltration risk in advance, during, and after an attack--proactively monitoring data exfiltration risk coming from inside and outside of the organization.
Application Insight Packages monitor critical custom and COTS applications and systems at the transaction, data set, and sensitive user record level. Packages available today monitor user behavior within Cerner, EPIC, BOX, Google Apps, CyberArk, Lieberman, AWS. The solutions continuously builds a risk profile for all applications and systems while identifying all high-risk users, access, and activities associated with sensitive data and transactions within the application. All results are scored and presented in application risk scorecards. Applications packages are purchasable with HP UBA and HP UBA Premium only, and are priced per application (not priced per user).