Insider threats, compromised accounts, and administrator abuse and misuse are among the most damaging and difficult to detect threats. User and entity behavior analytics (UEBA) solutions are making it possible to detect these advanced end user threats through the discovery of new trends and behavioral patterns within the environment.
In this in-depth product review, SANS analyzed LogRhythm CloudAI for UEBA to learn how it can enhance user-borne threat detection capabilities. Their review focused on several key areas:
- Ease of use
- Advanced investigation capabilities
- Case management features
- Machine learning intelligence