A Comparison of UEBA Technologies and Solutions

Published: 29 March 2017 ID: G00317414

Analyst(s): |

Not a Gartner Client?

Want more research like this?
Learn the benefits of becoming a Gartner client.

contact us online


UEBA utilizes machine learning and other advanced analytics to detect threats and simplify the work of technical professionals focused on security. This research contrasts top UEBA technologies based on use cases and capabilities and highlights common usage scenarios and tool evaluation processes.

Table of Contents

  • Comparison
    • Comparison Criteria
    • UEBA Solution Use Cases Comparison
    • UEBA Tool Capabilities
      • Capability Summary
    • Capability Comparison
  • Analysis
    • UEBA Defined
    • Generic UEBA Product Architecture
    • UEBA Products vs. UEBA Capabilities
      • Just How Smart Is UEBA?
      • UEBA Drivers and Business Case
    • The UEBA Market
      • SIEM vs. UEBA
      • SIEM With UEBA
      • Open-Source Alternatives
    • UEBA Trends and Future
    • Organizations Benefiting From UEBA
    • Challenges With UEBA
      • Data Collection: Availability and Quality
      • Different Expert Labor
      • Tool Tuning Challenges
      • Proving Future Detection From Low-Criticality Examples
      • Alert, Incident and Anomaly Response Process
      • Effectiveness Measurement Challenges
      • Performance Problems Around Collection
      • Challenges Baselining Messy IT Environments
      • Cross-Silo Nature of UEBA
      • Privacy Challenges
  • Guidance
    • Building a Business Case for UEBA
    • Selecting UEBA Tools
      • UEBA Selection Focus Areas
    • Deploying UEBA
  • The Details
    • Use-Case Assessment Criteria
    • Vendor Profiles
      • Exabeam
      • Gurucul
      • Interset
      • Niara
      • Securonix
      • Splunk
    • Running a UEBA POC
  • Gartner Recommended Reading
© 2017 Gartner, Inc. and/or its Affiliates. All Rights Reserved. Reproduction and distribution of this publication in any form without prior written permission is forbidden. The information contained herein has been obtained from sources believed to be reliable. Gartner disclaims all warranties as to the accuracy, completeness or adequacy of such information. Although Gartners research may discuss legal issues related to the information technology business, Gartner does not provide legal advice or services and its research should not be construed or used as such. Gartner shall have no liability for errors, omissions or inadequacies in the information contained herein or for interpretations thereof. The opinions expressed herein are subject to change without notice.

Free Research

Discover what 12,000 CIOs and Senior IT leaders already know.

Free Access

Why Gartner

Gartner delivers the technology-related insight you need to make the right decisions, every day.

Find out more