UEBA Report From Gartner Identifies New Trends In Behavioral Analytics – Chuck Leaver

Written By Josh Linder And Presented By Ziften CEO Chuck Leaver


The market for business behavioral analytics is evolving – again – to support the security usage case. In the recent Gartner User and Entity Behavior (UEBA) Trends Report, Ziften is delighted to be noted as a “Vendor to Watch.” We believe that our recognized relationships with risk intelligence feeds and visualization tools shows our inclusion within this research study note.

In the UEBA Market Report, Experts Eric Ahlm and Avivah Litan discuss that there is a potential merging in the sophisticated threat and analytics markets. The idea of UEBA – which extends user behavioral analytics to now include organizations, business processes, and autonomous devices such as the Internet of Things – requires deep understanding and the ability to respond rapidly and efficiently.

At Ziften our recognized relationships with risk intelligence feeds and visualization tools reflects our addition within this research study note. Our platform provides threat detection across different behavior vectors, rather than taking a look at a single-threaded signature feed. With integrations to orchestration and response systems, Ziften distinctively couples signature-based and behavioral analysis, while bridging the gap from protecting the endpoint to protecting the entity. Continuous tracking from the endpoint – consisting of network flow – is vital to comprehending the total risk landscape and essential for a holistic security architecture.

We applaud Gartner on recognizing four areas for security and analytic suppliers to focus on: User Habits, Host/App Behavior, Network Habits, and External Communications Habits. We are the only endpoint vendor – today – to monitor both network behavior and external communications habits. Ziften’s ZFLow ™ utilizes network telemetry to surpass the basic IPFIX flow data, and enhance with Layer 4 and Layer 5 operating system and user habits. Our threat intelligence integration – with Blue Coat, iSIGHT Partners, AlienVault and the National Vulnerability Database – is second to none. In addition, our special relationship with ReversingLabs provides binary analysis directly within the Ziften administration console.

Eventually, our constant endpoint visibility system is instrumental in helping to find behavioral risks that are challenging to correlate without using sophisticated analytics.

Gartner Report

6 extra technology trend takeaways which Gartner readers must consider:

– Application of Analytics to Finding Breaches Varies
– Data Science for Analytics Technologies Still Up and Coming
– The Need for Extended Telemetry Drives Analytics Market Convergence
– Merging Between Analytics-Based Detection Vendors and Orchestration/Response Vendors Likely
– SIEM Technologies Positioned to Be Central to Consolidation for Analytics Detection
– Advanced Behavioral Analytics Providers Extending Their Reach to Security Purchasers


Gartner does not back any supplier, service or product portrayed in its research publications, and does not advise technology users to select only those vendors with the greatest ratings or other designation. Gartner research publications consist of the viewpoints of Gartner’s research study organization and ought to not be interpreted as statements of reality. Gartner disclaims all warranties, expressed or implied, with respect to this research study, including any warranties of merchantability or fitness for a particular function.