Defense & Operations
UBA (User Behavior Analytics)
Also known as: User Behavior Analytics
Definition
An analytics technology that establishes baselines of normal user activity and flags anomalies to detect account misuse, insider threats and compromised credentials.
Examples
- A UBA module flagging a finance user who suddenly downloads 50 GB from SharePoint at 02:00 from a foreign IP.
- Risk-based authentication that requires step-up MFA when login behavior deviates from the user's baseline.
Related terms
UEBA (User and Entity Behavior Analytics)
A security analytics approach that profiles normal behaviour of users and entities, then flags statistical deviations that may indicate compromise or insider misuse.
SIEM
A platform that aggregates, normalizes and correlates security telemetry from across the enterprise to enable detection, investigation, compliance and reporting.
Behavioral Biometrics
A continuous-authentication technique that profiles unique user behaviors — typing rhythm, mouse movements, gait, or touchscreen gestures — to detect impostors.
Indicator of Attack (IoA)
Indicator of Attack (IoA) — definition coming soon.
Threat Hunting
Threat Hunting — definition coming soon.
Security Operations Center (SOC)
A centralized team and facility that continuously monitors, detects, investigates and responds to cybersecurity incidents across an organization's IT estate.