Star Rating
Languages Supported
Pricing Options

User and Entity Behavior Analytics (UEBA) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Best User and Entity Behavior Analytics (UEBA) Software

    User and entity behavior analytics (UEBA) software is a family of tools used to develop and model baseline behaviors for people and hardware within a network, with the ultimate goal of identifying abnormalities and alerting security staff. These tools leverage machine learning to identify patterns and monitor user or machine behaviors, notifying stakeholders of abnormal activity, malicious behavior, or performance issues that arise from mistakes or improper operational actions.

    Companies use UEBA technology to protect their sensitive information and business critical systems from both external and insider threats. These may be employees or partners that partake in nefarious activities such as stealing data, adjusting privileges, or violating company policies. UEBA solutions can also detect compromised accounts that may have resulted from weak passwords or phishing scams that provide network access to unapproved parties. UEBA can uncover a number of external threat types as well; most notably, brute force attacks and privilege escalation.

    UEBA functions on a similar basis as risk-based authentication (RBA) software and zero trust networking software. Both of these tools use machine learning to evaluate risk and identify threat actors, but neither is designed to constantly monitor user behavior within a specific network. RBA takes into account variables such as historic access, location, and IP address to determine risk when authenticating. Zero trust network architectures are designed segment networks and monitor network activity. If threats are detected, a segment of the network or an individual endpoint will be restricted from network access.

    To qualify for inclusion in the User and Entity Behavior Analytics (UEBA) category, a product must:

    Use machine learning to develop baseline behaviors for individual users and resources within a network
    Monitor the users and resources with a network for insider threats and other anomalies
    Provide incident details and remediation workflows, or integrate with incident response solutions
    Integrate with existing security systems to enforce policies and develop automated incident management processes

    Top 5 User and Entity Behavior Analytics (UEBA) Software

    • IBM Security QRadar
    • InsightIDR
    • Idaptive Next-Gen Access
    • ActivTrak
    • Teramind

    Compare User and Entity Behavior Analytics (UEBA) Software

    G2 takes pride in showing unbiased reviews on user satisfaction in our ratings and reports. We do not allow paid placements in any of our ratings, rankings, or reports. Learn about our scoring methodologies.
    Sort By:
    Results: 47
    View Grid®
    Adv. Filters
    (190)4.3 out of 5
    Optimized for quick response
    Entry Level Price:FREE for 14 Days

    IBM Security QRadar helps security teams accurately detect, understand and prioritize threats that matter most to the business. The solution ingests asset, cloud, network, endpoint, and user data, correlates it against vulnerability information and threat intelligence, and applies advanced analytics to identify and track the most serious threats as they progress through the kill chain. Once a credible threat is identified, AI-powered investigations provide rapid, intelligent insights into the

    (36)4.4 out of 5
    Entry Level Price:$2,156 Per Month

    Rapid7 InsightIDR is a SaaS SIEM for modern threat detection and response. InsightIDR enables security analysts to work more efficiently and effectively, by unifying diverse data sources, providing early and reliable out of the box detections, and delivering rich visual investigations and automation to expedite response. With a lightweight cloud deployment and intuitive UI and onboarding experience, InsightIDR customers recognize an accelerated return on their investment and start seeing valuabl

    (94)4.4 out of 5
    Entry Level Price:$5 User/Month

    Idaptive Services secures enterprise identities against cyberthreats that target today’s hybrid IT environment of cloud, mobile and on-premises. Idaptive helps protect against the leading point of attack used in data breaches ― compromised credentials — through it’s Next Gen Access, which uniquely unifies single single-on (SSO), adaptive multi-factor authentication (MFA), enterprise mobility management (EMM) and user behavior analytics (UBA) into an integrated solution. Idaptive Services incl

    (141)4.4 out of 5
    Optimized for quick response
    Entry Level Price:$0 3 Users

    ActivTrak helps companies unlock productivity potential. Our award-winning workforce analytics and productivity management software provides data and expert insights that empower people, optimize processes, and maximize technology. With more than 8,000 customers and 250,000 users, ActivTrak is helping companies around the world embrace and embody the future of work.

    (28)4.1 out of 5
    Entry Level Price:$10/user (min 5 users)

    Teramind provides a user-centric security approach to monitor your employee's digital behavior. Our software streamlines employee data collection in order to identify suspicious activity, improve employee productivity, detect possible threats, monitor employee efficiency, and ensure industry compliance. We help reduce security incidents by providing real-time access to user activities by offering alerts, warnings, redirects and user lock-outs to keep your business running securely and efficientl

    A cloud-based software analytics platform that eliminates the artificial boundaries between IT, physical and personnel security integrating seamlessly into existing corporate SOC environments to provide: ‘whole-person' analysis of potential insider risk; end-to-end critical infrastructure security awareness, from single manufacturing facilities to sprawling global operations; proactive warnings of malware, fraud, sabotage and other cyber threats; and single-screen reporting and monitoring of inc

    (7)4.3 out of 5

    Citrix Analytics is an intuitive analytics service that allows you to monitor and identify inconsistent or suspicious activity on your networks. Using machine learning and advanced algorithms, it provides actionable insights into user behavior based on indicators across users, endpoints, network traffic, and files.

    (3)4.8 out of 5
    Optimized for quick response

    Exabeam is SIEM that helps security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with missed distributed attacks, unknown threats, and manual investigations and remediation. With the modular Exabeam Security Management Platform, analysts can use behavioral analytics to detect attacks, automate investigation and incident response, and reduce storage costs.

    (5)3.5 out of 5

    RSA NetWitness Logs & Packets is a security solution that identifies every threat and offers different solutions.

    (4)4.4 out of 5

    StealthDEFEND is the real-time threat analytics component of STEALTHbits’ Data Access Governance Suite. Leveraging unsupervised Machine Learning, StealthDEFEND eliminates excessive and undifferentiated warnings to surface truly meaningful trends and alerts on attempts to compromise your sensitive data. TOP FEATURES: - Unsupervised Machine Learning – Analyze a rich set of data with Machine Learning models that evaluate, correlate, and baseline the activity and behavior of users. - Seamless Sens

    Founded in 2002, InterGuard develops award winning employee monitoring software lets you track employee activity on their computers, phones and tablets- even when they work from home. Track attendance, idle/active time, productivity metrics. Includes screenshots, reports, alerts and more! ~ Headquartered in Westport, Connecticut ~ Deployed on more than 250k endpoints worldwide ~ More than 2000 active customers

    (2)4.5 out of 5

    The LogRhythm platform combines user and entity behavior analytics (UEBA), network traffic and behavior analytics (NTBA) and security automation & orchestration (SAO) in a single end-to-end solution

    (2)5.0 out of 5
    Entry Level Price:$0 3 Users/ 6 Months

    USTVnow site turns a computer, smartphones, tablets, Smart TVs devices into an interactive TV screen, allowing people not only to watch TV in different parts of the house but also empowering travelers and expatriates to watch their TV while traveling or residing abroad.

    (1)4.0 out of 5

    inDefend is a comprehensive solution that helps to detect various types of insider threats and also prevent the leakage of sensitive data through various communication channels on endpoints. This solution is built to achieve complete transparency over all the digital assets residing within the organization, thus, ensuring maximum security and solid safeguarding against all such threats across the organization.

    (1)4.5 out of 5

    Reduce risk of damage and get information in a succinct, real-time view of the attack timeline with Advanced Threat Analytics. Learn, analyze, and identify normal and suspicious user or device behavior with built-in intelligence.

    (1)4.5 out of 5

    Make smarter decisions with instant, meaningful visibility into API usage and customer adoption

    (1)2.0 out of 5

    Enable your organization to uncover risky user behavior in real-time, investigate incidents, and prevent data exfiltration

    0 ratings

    Application AuditTM enables enterprises to capture all relevant data about user access and behavior on the mainframe to mitigate cybersecurity risks and fulfill compliance mandates.

    0 ratings

    IntroSpect User and Entity Behavior Analytics (UEBA) and Network Traffic Analysis (NTA) solutions use AI-based machine learning and advanced analytics to help detect, investigate and respond to hidden inside attacks that have evaded perimeter defenses before they do damage.

    0 ratings

    Ava Reveal is a data loss and insider risk protection solution that also helps you raise security awareness levels in your organization and reduce negative business impact of these risks. Ava Reveal detects and responds to more incidents faster with the unique combination of policies and machine learning sensors. Reveal offers both out-of-the-box and configurable policies that you can customize to align with your security and compliance needs. For careless or accidental incidents, employees

    0 ratings

    BlackFog provides GDPR privacy and fileless cyberattack defense for real time protection against online threats. It focuses on non-signature based threat detection using outbound traffic monitoring to protect the device and privacy of the end user. It consists of 11 layers of defense against ransomware, spyware, malware and unauthorized data collection and profiling.

    0 ratings

    Varonis monitors and protects Box enterprise data at-a-glance.Extend security coverage with Box Security Events from Varonis and see what happening on your Box data, reduce risk, and investigate suspicious activity.

    0 ratings

    Veriato Cerebral is an integrated insider threat security platform, powered by advanced machine learning and AI. Cerebral integrates User Activity Monitoring (UAM) and User Behavior Analytics (UBA) into a powerful solution that allows you to quickly identify and react to signs of breach or fraud. Cerebral provides visibility into emails, chats, web surfing, document movement and more. Once alerted, you can view logs and related screenshot activity to determine if a true threat exists, cutting re

    0 ratings

    Cyber Hawk is your enabling technology for offering high value cybersecurity services. A Cyber Hawk subscription gets you an unlimited-use license to deploy Cyber Hawk at all of your client sites for one, low, fixed cost per year (see license terms for details).

    0 ratings

    Cynet 360 natively integrates XDR attack prevention and detection capabilities with automated investigation and remediation, via a single lightweight agent. Cynet 360 technology is complemented by a proactive 24\7 MDR service at no extra cost, placing end to end breach protection within reach for even the smallest security teams.

    0 ratings

    Simplify security investigations: detect suspicious activity on your data, get insight into privileged account behavior, and investigate security incidents directly in your dashboard.

    (1)5.0 out of 5

    Data Security platform detects insider threats and cyberattacks by analyzing data, account activity, and user behavior; prevents and limits disaster by locking down sensitive and stale data; and efficiently sustains a secure state with automation.

    0 ratings

    Detect, learn and predict fraudulent activity using behavioral analysis and machine learning. DetectTA analyzes user behavior and sends alerts on any deviations from established regular behavioral patterns. This cutting-edge machine intelligence can be combined with user-defined analytics, rules, policies, and workflows for comprehensive coverage and flexibility.

    0 ratings

    Advanced User Behavior Intelligence is a Smarter Approach to Detecting Insider Threats

    0 ratings

    Acceptto’s eGuardian® engine is the driver behind It’sMe™ multi-factor authentication products and the platform component that delivers Cognitive Continuous Authentication™.

    Select Grid® View
    Select Company Size
    G2 Grid® for User and Entity Behavior Analytics (UEBA)
    Filter Grid®
    Filter Grid®
    Select Grid® View
    Select Company Size
    Check out the G2 Grid® for the top User and Entity Behavior Analytics (UEBA) Software products. G2 scores products and sellers based on reviews gathered from our user community, as well as data aggregated from online sources and social networks. Together, these scores are mapped on our proprietary G2 Grid®, which you can use to compare products, streamline the buying process, and quickly identify the best products based on the experiences of your peers.
    High Performers
    Idaptive Next-Gen Access
    IBM Security QRadar
    Market Presence