We just raised a $30M Series A: Read our story
User Behavior Analytics - UEBA Questions
Satish Singh
Cloud Security Architect at Kyndryl
Oct 26 2021
Hi community members, I'm working as a Cloud Security Architect at a Tech Services Company with 10000+ employees. I'm looking for a security solution to detect and prevent APT attacks.  Can anyone suggest a good and cost-effective solution? Please explain why would you choose this particular… (more)

Hi community members,

I'm working as a Cloud Security Architect at a Tech Services Company with 10000+ employees.

I'm looking for a security solution to detect and prevent APT attacks. 

Can anyone suggest a good and cost-effective solution? Please explain why would you choose this particular tool or solution.

Thank you!

(less)
BobenGeorgeWhen you are considering cost-effectiveness Hardening perimeter defenses… more »
Eric Rise@Satish Singh, Thank you for your question it's one that requires deeper… more »
Evgeny Belenky
IT Central Station
Aug 27 2021

Hi community members,

Let's discuss what are the main differences between UEBA (User and Entity Behavior Analytics) and SIEM (Security Information and Event Management) solutions.

Tjeerd SaijoenMany SIEM solutions like QRadar are using UEBA in a SIEM solution. User and… more »
Navin RehniusSIEM is the platform where we can see all of the security events. Here we can… more »
David SwiftSIEM vs UEBA 1. SIEM is designed to store events for extended periods… more »
Karin Krings
User at University of Phoenix

I'm looking for recommendations for software to detect insider threats. Where can I find a Pros/Cons template, customized to organization, to source insider threat detection support?

Xavier SuriolI would suggest statistical methods (including machine learning): First, outlier… more »
reviewer1324719This is an inside-out --- outside-in --- inside-in question, as an insider can… more »
Ken ShauretteYou'd need to break out better what you consider to be the types of insider… more »
Jay Thompson
Chief Operational Officer at Merchant Light LLC
Sep 29 2021
If you host your website on your own server, it will be open to the public. Is there a way to monitor/ protect the rest of your network from hackers who have open access to your site? We have a single LAN and public site on the domain server of that LAN. Windows IIS is running our site on our… (more)

If you host your website on your own server, it will be open to the public. Is there a way to monitor/ protect the rest of your network from hackers who have open access to your site? We have a single LAN and public site on the domain server of that LAN. Windows IIS is running our site on our Windows 2019 Server and most business data has been pulled off the server to a client machine. 

We don't have a huge (okay, hardly any) budget to work with.

Industry: IT Tech Support; application development; application interface development; retail sales of hardware and software, monthly PAAS support services including monitoring, patching, anti-malware, network maintenance and 24x7 support.

Requirements: monitor only those nodes and forests that need to be protected.  If monitoring tells you who is visiting your website, great, but we already have that. We want to know who is trying to hack our site or network using procedure calls or other means that are not predefined and approved by security team. 

(less)
Steffen HornungHi, your question tangles on various subjects. Firstly, IIS is a great choice… more »
John RendyYour requirements can be tackled from a network security perspective. Using a… more »
David SwiftYou're describing the use cases for a Web Application Firewall. Web-specific… more »