Behavioural Analytics or Entity User Behavioural Analysis (EUBA)
ACSIA looks at patterns of human behavior, and then applies algorithms detect meaningful anomalies from those patterns—anomalies that indicate potential threats. Instead of tracking devices or security events, EUBA tracks a system’s users. ACSIA detects insider threats and advanced persistent threats. EUBA builds a profile of an employee based on their usage patterns thanls to its deep learning unsupervised machine learning algorithms, and sends out an alert if it sees abnormal user behavior.
ACSIA EUBA helps mitigate the risks of both insider threats and external attackers by using the same principle. First, a normal baseline is defined based on user behavior – file access, logins, network activity, etc. – over an extended period. Second, EUBA can quickly identify user deviations from that norm, and generate an alert. In the case of attackers entering the system, EUBA can tell whether an employee’s credentials are being used by outsiders. For legitimate employees, EUBA can also spot changes in activity that signal insider data theft, or IT sabotage.