Market Guide for User and Entity Behavior Analytics
Security and risk management leaders considering UEBA will find that the market has fragmented, with a few pure-play vendors and a wide set of traditional security products that embed core UEBA technologies and features to benefit from advanced analytics capabilities.
UEBA technologies are maturing, becoming more robust and valuable, and seeing broader adoption with forward-leaning organizations, especially as pure-play UEBA vendors morph into adjacent markets by building additional capabilities to try to replace legacy tools.
UEBA capabilities are being adopted across a range of security technologies, such as SIEM, IDPS, DCAP, CASB, IAM and EDR.
UEBA primarily relies on advanced analytics methods and approaches, such as machine learning, but vendor hype and use of terms such as "artificial intelligence" make it difficult for buyers to effectively evaluate vendor technologies and capabilities.
Buyers find that UEBA deployment can be more time-consuming and labor-intensive than what vendors promise, even for core threat detection use cases. Also, adding custom or edge use cases can be an arduous process, requiring expertise such as data science and data analytics.