Charles Leaver – Gartner UEBA Report Indicates Behavioral Analytics New Trends

Written By Josh Linder And Presented By Ziften CEO Charles Leaver

The market for enterprise behavioral analytics is developing – once again – to support the security usage case. In the recent Gartner User and Entity Behavior (UEBA) Trends Report, Ziften is excited to be noted as a “Vendor to Watch.” Our company believe that our recognized relationships with threat intelligence feeds and visualization tools shows our addition within this research note.

In the UEBA Market Report, Analysts Eric Ahlm and Avivah Litan explain that there is a possible merging in the innovative risk and analytics markets. The idea of UEBA – which extends user behavioral analytics to now include organizations, business processes, and autonomous devices such as the Internet of Things – requires deep understanding and the ability to react quickly and efficiently.

At Ziften our recognized relationships with risk intelligence feeds and visualization tools shows our addition within this research note. Our platform offers risk detection across different behavior vectors, rather than looking at a single-threaded signature feed. With integrations to orchestration and response systems, Ziften uniquely couples signature-based and behavioral analysis, while bridging the gap from protecting the endpoint to securing the entity. Continuous monitoring from the endpoint – including network flow – is critical to understanding the complete risk landscape and essential for a holistic security architecture.

We applaud Gartner on identifying four areas for security and analytic vendors to concentrate on: User Behavior, Host/App Behavior, Network Habits, and External Communications Habits. We are the only endpoint supplier – today – to monitor both network behavior and external interactions habits. Ziften’s ZFLow ™ utilizes network telemetry to go beyond the standard IPFIX flow data, and augment with Layer 4 and Layer 5 os and user behavior. Our risk intelligence integration – with Blue Coat, iSIGHT Partners, AlienVault and the National Vulnerability Database – is the best in the field. Additionally, our distinct relationship with ReversingLabs provides binary analysis directly within the Ziften administration console.

Eventually, our continuous endpoint visibility service is pivotal in helping to discover behavioral risks that are difficult to correlate without making use of innovative analytics.

Gartner Report

6 additional technology trend takeaways which Gartner readers need to think about:

– Application of Analytics to Finding Breaches Varies
– Data Science for Analytics Technologies Still Emerging
– The Required for Extended Telemetry Drives Analytics Market Merging
– Merging Between Analytics-Based Detection Suppliers and Orchestration/Response Vendors Likely
– SIEM Technologies Positioned to Be Central to Consolidation for Analytics Detection
– Advanced Behavioral Analytics Providers Extending Their Reach to Security Buyers


Gartner does not back any vendor, service or product portrayed in its research publications, and does not advise technology users to pick just those suppliers with the greatest ratings or other classification. Gartner research study publications include the viewpoints of Gartner’s research study organization and must not be construed as declarations of truth. Gartner disclaims all guarantees, expressed or indicated, with respect to this research study, including any warranties of merchantability or fitness for a particular function.