Splunk UBA Software Upgrade Package

Splunk UBA is a machine learning driven solution that helps organizations find hidden threats and anomalous behavior across users, devices, and applications. Its data science driven approach produces actionable results with risk ratings and supporting evidence, augmenting SOC analysts’ existing techniques. In addition, it provides visual pivot points for hunters to proactively investigate anomalous behavior. • Detects insider threats using out-of-the-box purpose-built but extensible unsupervised machine learning (ML) algorithms • Provides context around the threat via ML driven anomaly correlation and visual mapping of stitched anomalies over various phases of the attack lifecycle • Increases SOC efficiency with rank-ordered threats and supporting evidence • Supports bi-directional integration with Splunk Enterprise for data ingestion and correlation and with Splunk Enterprise Security for incident scoping, workflow management and automated response See Details for Product Downloads