User Behavior Analytics (UBA)

Leverage User Behavior Analytics to Minimize Your Risk Exposure

Today’s threatscape requires security controls to be adaptive to the risk context, using machine learning to analyze a privileged user’s behavior carefully. Adaptive control notifies you of suspicious activity in real-time but also allows you to actively respond to incidents by cutting off sessions, adding additional monitoring, or flagging for forensic follow-up. Centrify Privilege Threat Analytics Service can make the difference between falling victim to a breach or stopping it in its tracks.

Gain Insight and Stop Breaches

Machine learning establishes the baseline for “normal” access, privilege use, and executed commands.
Quickly identify and investigate suspicious activity and security events that triggered an anomaly alert.
Single location for monitoring active sessions or reviewing video recordings of privileged sessions.

Visibility into Access Risk Ecosystem

Leverage a series of interactive dashboards for better visibility into IT risk and access patterns across your infrastructure. Automated tailoring of security policies based on a user’s behavior and near real-time identification of suspicious activity results in an holistic view of access risk. It eliminates the overhead of sifting through log files with massive amounts of historical data.


Flexible Tools for Detailed Analysis

Better understand privileged access patterns and security events by drilling into details about security alerts, systems, access location, access time, privileged commands, and more. Security teams can drill into individual events to understand the relative risk level they pose. The tool computes risk scores in real-time for every event and categorizes them as high, medium, or low.


Streamlined Threat Monitoring and Investigation

Gain streamlined insight into sessions with anomalous activity through a detailed timeline view. Identify the specific activity contributing to an anomaly for a comprehensive understanding of a potential threat. Security teams can view system access, privilege use, and anomaly detection in high resolution with analytics tools such as dashboards, explorer views, and investigation tools.

Streamlined Integration with SIEM, Alerting and Reporting Tools

Easy Integration with SIEM Tools

Privileged access data is captured and stored to enable robust querying by log management tools and integration with external reporting tools. Streamlined integrations with SIEM and alerting tools such as Micro Focus® ArcSight, IBM® QRadar, and Splunk® raise identified events or abnormal behavior to the security team in near real-time for quick action.


Automate Alerts through Webhook-Enabled Endpoints

Leverage Slack or on-board incident response systems such as PagerDuty to enable real-time alerts, eliminating the need for multiple touchpoints and improving time to respond. When an alert event occurs, Centrify Privilege Threat Analytics Service forwards the alert to the third-party application via a Webhook. This capability speeds response to security alerts and improves containment.

Learn More about Centrify Privilege Threat Analytics Service

Ready to Protect Against the #1 Attack Vector?

Click here for more information about our products, pricing, demos, and more.

Contact Us