New Behavioral Analytics Trends Highlighted In Gartner UEBA Report – Chuck Leaver

Written By Josh Linder And Presented By Ziften CEO Chuck Leaver


The market for enterprise behavioral analytics is developing – once again – to support the security use case. In the recent Gartner User and Entity Behavior (UEBA) Trends Report, Ziften is thrilled to be listed as a “Vendor to Watch.” We believe that our established relationships with risk intelligence feeds and visualization tools reflects our inclusion within this research study note.

In the UEBA Market Report, Experts Eric Ahlm and Avivah Litan describe that there is a possible merging in the advanced threat and analytics markets. The idea of UEBA – which extends user behavioral analytics to now include organizations, business processes, and autonomous devices such as the Internet of Things – needs deep understanding and the capability to respond rapidly and efficiently.

At Ziften our recognized relationships with risk intelligence feeds and visualization tools shows our addition within this research note. Our platform offers threat detection across different behavior vectors, instead of taking a look at a single-threaded signature feed. With integrations to orchestration and response systems, Ziften uniquely couples signature-based and behavioral analysis, while bridging the gap from securing the endpoint to protecting the entity. Constant monitoring from the endpoint – consisting of network flow – is vital to understanding the total risk landscape and important for a holistic security architecture.

We applaud Gartner on identifying 4 areas for security and analytic suppliers to concentrate on: User Habits, Host/App Behavior, Network Behavior, and External Communications Habits. We are the only endpoint supplier – today – to monitor both network behavior and external communications habits. Ziften’s ZFLow ™ uses network telemetry to go beyond the basic IPFIX flow data, and enhance with Layer 4 and Layer 5 os and user behavior. Our threat intelligence integration – with Blue Coat, iSIGHT Partners, AlienVault and the National Vulnerability Database – is second to none. In addition, our distinct relationship with ReversingLabs supplies binary analysis directly within the Ziften administration console.

Ultimately, our constant endpoint visibility service is pivotal in helping to discover behavioral risks that are challenging to associate without the use of advanced analytics.

Gartner Report

Six additional technology trend takeaways which Gartner readers should think about:

– Application of Analytics to Discovering Breaches Differs
– Data Science for Analytics Technologies Still Up and Coming
– The Required for Extended Telemetry Drives Analytics Market Merging
– Merging Between Analytics-Based Detection Vendors and Orchestration/Response Vendors Likely
– SIEM Technologies Positioned to Be Central to Consolidation for Analytics Detection
– Advanced Behavioral Analytics Providers Extending Their Reach to Security Buyers


Gartner does not endorse any vendor, services or product portrayed in its research study publications, and does not advise technology users to pick only those vendors with the highest scores or other classification. Gartner research study publications consist of the viewpoints of Gartner’s research study company and ought to not be construed as declarations of truth. Gartner disclaims all guarantees, expressed or suggested, with respect to this research study, consisting of any warranties of merchantability or fitness for a particular function.