{"id":1081,"date":"2018-02-05T15:00:19","date_gmt":"2018-02-05T19:00:19","guid":{"rendered":"https:\/\/solutionsreview.com\/endpoint-security\/?p=1081"},"modified":"2018-02-05T16:24:57","modified_gmt":"2018-02-05T20:24:57","slug":"nico-popp-evolution-user-entity-behavior-evolution-ueba","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/","title":{"rendered":"Nico Popp: The Evolution of User and Entity Behavior Analytics (UEBA)"},"content":{"rendered":"<p style=\"text-align: justify\"><img loading=\"lazy\" decoding=\"async\" class=\"alignnone size-full wp-image-1082\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\" alt=\"nico popp symantec UEBA evolutioon behavior analytics\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg 800w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod-300x150.jpg 300w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod-768x384.jpg 768w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod-540x270.jpg 540w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod-162x81.jpg 162w, https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Behavior analytics is already a major component of next-generation endpoint security solutions and cybersecurity in general. With the number of potential endpoints expanding under the bring-your-own devices corporate revolution, solutions must be able to recognize malicious activity as quickly as possible. But what place does it have in endpoint protection now? To find out more about the evolution of this security technology and where it might be heading in the near-future, we spoke to Nico Popp, the Senior Vice President of Information Protection of <a href=\"https:\/\/www.symantec.com\" target=\"_blank\" rel=\"noopener\">Symantec<\/a>. Here\u2019s our conversation, edited slightly for readability:<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>Solutions Review: How did behavioral analytics first begin?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Nico Popp: Generation one of behavior analytics was designed to help consumers: E-commerce companies seeking to give a better shopping experience to their end users collected information about what users were doing on their websites and used behavior analytics to turn the data into good business results. Those results included recommendations to buy certain products. Every time someone visits a website and clicks on a page, he\/she generates a log entry which is full of valuable information.<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a class=\"left-cta\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/free-endpoint-protection-buyers-guide\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft wp-image-2099\" src=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2019\/01\/endpoint-security-speedbump-cta.jpg\" alt=\"Download Link to Endpoint Security Solution Buyer's Guide\" width=\"175\" height=\"301\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The problem was companies were producing giant mountains of logs, hits on pages, etc\u2014they didn\u2019t know what to do with all that data, and they weren\u2019t getting value out of the logs. Some business leaders realized they could get a competitive advantage if they used that data to give their customers a better experience. That\u2019s where analytics came into play. Companies like Amazon and Netflix began using analytics behind the scenes to make smarter recommendations to customers.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Bottom line is: companies had a mountain of data from which they wanted to get value.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Many years later, companies faced the same problem in cybersecurity. They were collecting information but were not putting the data to good use. Using tactics that had proven successful in other industries, cyber leaders used behavior analytics to make sense of the large amount of data they were collecting about what people were doing inside their companies\u2014which included identifying behavioral patterns\u2014so that they could detect behaviors that were abnormal and potentially an indication someone was trying to cause harm.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SR: How do user and entity behavior (UEBA) analytics differ from traditional behavior analytics?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">NP: User and Entity Behavior Analytics (UEBA) is essentially the same as behavior analytics, but encompasses more than the traditional behavior analytics capabilities. UEBA technologies detect when a user\u2019s or entity\u2019s (i.e. a laptop) behavior is abnormal compared to themselves, their peers, and the overall business unit. UEBA detects the behavior, qualifies if the behavior is business-justified or unusual, and either prioritizes the threat for investigators to act on immediately, or if it\u2019s business justified white-labels the behavior so that it\u2019s not flagged again. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">UEBA technologies can detect the main types of insider threats including malicious insiders seeking to do harm, non-malicious insiders who innocently click on links they shouldn\u2019t click on, and insiders who have had their credentials compromised by external bad actors.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SR: Where is behavioral analytics now as opposed to those early days? What innovations do you consider the most significant in the technology\u2019s evolution?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">NP: In the early days, behavior analytics had its challenges, especially when deciphering what\u2019s considered abnormal behavior vs. abnormal [but] okay [behavior] vs. abnormal bad [behavior]. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For example, three times in three days \u201cJane\u201d in Accounting sent a document containing private client information to her home email address. Behavior analytics technologies would detect the behavior as abnormal. However, let\u2019s say Jane\u2019s manager gave her permission to send that information to her home email address because she was going to be working from home for a few weeks. The early behavior analytics tools would have generated the alert, adding yet another alert to investigators\u2019 gigantic pile. Investigators would then waste their time chasing a false positive. Today\u2019s behavior analytics have evolved so that they engage contextual information from the business to understand if the behavior was business-justified or not.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">The biggest transformation we are seeing now with UEBA is that it is being integrated with already existing technologies to optimize their value. For example, data loss prevention (DLP) technologies are high on cyber leaders\u2019 priority lists due to the upcoming <\/span><a href=\"https:\/\/solutionsreview.com\/identity-management\/numbers-gdpr-data-management\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">GDPR mandate<\/span><\/a><span style=\"font-weight: 400\">, transition to the cloud, and the <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/3-best-ways-secure-corporate-iot-devices\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">internet-connected everything<\/span><\/a><span style=\"font-weight: 400\">. However, while DLP technologies were effective at keeping valuable data inside a company, they were producing a flood of alerts, overwhelming analysts who already had limited manpower and time. By integrating DLP with UEBA, analysts receive a prioritized list of only the alerts that matter most so that they know exactly which incidents they need to investigate each day. UEBA also helps reduce false positives and noise so analysts do not waste their time chasing fires that don\u2019t exist.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SR: How are behavioral analytics being integrated into traditional, pre-existing cybersecurity technologies?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">NP: In addition to data loss prevention, UEBA can be integrated with many other cyber tools, a couple which include multi-factor authentication and cloud access security broker (CASB) solutions. UEBA and multi-factor authentication work well together in stopping stolen credential threats.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Let\u2019s say a bad actor steals an employee\u2019s credentials and tries logging into a corporate database that contains highly valuable information and isn\u2019t one the real employee normally accesses during that time of day. UEBA and multi-factor authentication would work together to detect the unusual behavior and block the user from accessing the database unless he verified his identity through another mechanism such as a push notification with a biometric\u2014i.e. thumb scan\u2014request sent to his phone. When the real employee responds, \u201cno, he did not attempt to access that database,\u201d the user\u2019s account would shut down preventing the criminal from gaining access. UEBA would also go a step further and prioritize the alert for investigators.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">With a CASB integration, UEBA becomes increasingly important. With BYO devices having direct-connect to cloud apps and data repositories, simply using user credentials opens organizations up to new threat vectors. Knowing who is connecting to your cloud apps and understanding behavior is a must for data protection and compliance reasons. UEBA provides unique benefits by providing a risk level for the users accessing cloud apps; understanding if the user authenticated with multi-factor authentication, accessed the app from a secure location and if they are acting within the \u2018norm\u2019 of a remote employee, and blocking the user if they are risky, can greatly strengthen an organization\u2019s security posture.<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SR: What types of insider threats do behavioral analytics detect?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">NP: UEBA detects malicious insiders (employees and third-party vendors) who are trying to harm the company, non-malicious insiders who click on suspicious links or open suspicious attachments without realizing the risk they are posing to the company, repeat offenders who continuously practice poor security hygiene even after going through training, and compromised credentials. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>SR: What do you think is the future of the technology?<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">NP: Today\u2019s UEBA incorporates supervised and unsupervised <\/span><a href=\"https:\/\/solutionsreview.com\/endpoint-security\/1054-2\/\" target=\"_blank\" rel=\"noopener\"><span style=\"font-weight: 400\">machine learning<\/span><\/a><span style=\"font-weight: 400\"> so it learns as it goes. It ingests, analyzes, and ranks information to understand behavioral patterns and creates a baseline for what\u2019s considered normal behavior. It also watches how analysts use the technology to understand context and make future recommendations. The UEBA of the future will be even smarter. Continued advancement and further incorporation of both methods of machine learning will make it even faster to understand context and make intelligent recommendations.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Thanks again to Nico Popp for taking the time to speak with us! You can check out Bay Dynamics\u2019<\/span><a href=\"https:\/\/baydynamics.com\/resources\/7-things-ueba-detects\/\" target=\"_blank\" rel=\"noopener\"> <span style=\"font-weight: 400\">infographic<\/span><\/a><span style=\"font-weight: 400\"> to learn more about the types of insider attacks UEBA detects.<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/insightjam.com\"><img decoding=\"async\" title=\"Insight Jam Ad\" src=\"https:\/\/solutionsreview.com\/wp-content\/uploads\/2023\/11\/ij2.jpg\" alt=\"Insight Jam Ad\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Behavior analytics is already a major component of next-generation endpoint security solutions and cybersecurity in general. With the number of potential endpoints expanding under the bring-your-own devices corporate revolution, solutions must be able to recognize malicious activity as quickly as possible. But what place does it have in endpoint protection now? To find out more [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":1082,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[2,335],"tags":[322,22,13,170,500,17,47,501],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)<\/title>\n<meta name=\"description\" content=\"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)\" \/>\n<meta property=\"og:description\" content=\"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/solutionsreview\" \/>\n<meta property=\"article:published_time\" content=\"2018-02-05T19:00:19+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2018-02-05T20:24:57+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:creator\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:site\" content=\"@InfoSec_Review\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"6 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#article\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\"},\"author\":{\"name\":\"Ben Canner\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"headline\":\"Nico Popp: The Evolution of User and Entity Behavior Analytics (UEBA)\",\"datePublished\":\"2018-02-05T19:00:19+00:00\",\"dateModified\":\"2018-02-05T20:24:57+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\"},\"wordCount\":1289,\"commentCount\":0,\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\",\"keywords\":[\"Behavioral Analytics\",\"Endpoint Protection\",\"Endpoint Security\",\"Machine Learning\",\"Nico Popp\",\"Resources\",\"Symantec\",\"UEBA\"],\"articleSection\":[\"Best Practices\",\"Featured\"],\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#respond\"]}]},{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\",\"name\":\"Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\",\"datePublished\":\"2018-02-05T19:00:19+00:00\",\"dateModified\":\"2018-02-05T20:24:57+00:00\",\"description\":\"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg\",\"width\":800,\"height\":400,\"caption\":\"nico popp symantec UEBA evolutioon behavior analytics\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/endpoint-security\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Nico Popp: The Evolution of User and Entity Behavior Analytics (UEBA)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#website\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"name\":\"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors\",\"description\":\"All the Latest News, Best Practices and Buyer&#039;s Guides for Endpoint Security and Protection\",\"publisher\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#organization\",\"name\":\"Solutions Review\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"contentUrl\":\"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png\",\"width\":200,\"height\":200,\"caption\":\"Solutions Review\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/\"},\"sameAs\":[\"https:\/\/www.facebook.com\/solutionsreview\",\"https:\/\/x.com\/InfoSec_Review\",\"https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review\",\"https:\/\/www.youtube.com\/user\/SolutionsReview\"]},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/endpoint-security\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)","description":"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/","og_locale":"en_US","og_type":"article","og_title":"Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)","og_description":"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.","og_url":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/","og_site_name":"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors","article_publisher":"https:\/\/www.facebook.com\/solutionsreview","article_published_time":"2018-02-05T19:00:19+00:00","article_modified_time":"2018-02-05T20:24:57+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_card":"summary_large_image","twitter_creator":"@InfoSec_Review","twitter_site":"@InfoSec_Review","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"6 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#article","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/"},"author":{"name":"Ben Canner","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"headline":"Nico Popp: The Evolution of User and Entity Behavior Analytics (UEBA)","datePublished":"2018-02-05T19:00:19+00:00","dateModified":"2018-02-05T20:24:57+00:00","mainEntityOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/"},"wordCount":1289,"commentCount":0,"publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg","keywords":["Behavioral Analytics","Endpoint Protection","Endpoint Security","Machine Learning","Nico Popp","Resources","Symantec","UEBA"],"articleSection":["Best Practices","Featured"],"inLanguage":"en-US","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#respond"]}]},{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/","name":"Nico Popp: The Evolution of User and Entity Behavior Evolution (UEBA)","isPartOf":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg","datePublished":"2018-02-05T19:00:19+00:00","dateModified":"2018-02-05T20:24:57+00:00","description":"To find out more about the evolution of UEBA, we spoke to Nico Popp, the Senior Vice President of Information Protection at Symantec.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#primaryimage","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2018\/02\/beahvior-analytics-mod.jpg","width":800,"height":400,"caption":"nico popp symantec UEBA evolutioon behavior analytics"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/endpoint-security\/nico-popp-evolution-user-entity-behavior-evolution-ueba\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/endpoint-security\/"},{"@type":"ListItem","position":2,"name":"Nico Popp: The Evolution of User and Entity Behavior Analytics (UEBA)"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#website","url":"https:\/\/solutionsreview.com\/endpoint-security\/","name":"Best Endpoint Protection Security (EPP) Tools, Software, Solutions &amp; Vendors","description":"All the Latest News, Best Practices and Buyer&#039;s Guides for Endpoint Security and Protection","publisher":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/endpoint-security\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#organization","name":"Solutions Review","url":"https:\/\/solutionsreview.com\/endpoint-security\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/","url":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","contentUrl":"https:\/\/solutionsreview.com\/endpoint-security\/files\/2016\/05\/SR_Icon.png","width":200,"height":200,"caption":"Solutions Review"},"image":{"@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/logo\/image\/"},"sameAs":["https:\/\/www.facebook.com\/solutionsreview","https:\/\/x.com\/InfoSec_Review","https:\/\/www.linkedin.com\/company\/cyber-security-solutions-review","https:\/\/www.youtube.com\/user\/SolutionsReview"]},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/endpoint-security\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/endpoint-security\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/1081"}],"collection":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/comments?post=1081"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/posts\/1081\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media\/1082"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/media?parent=1081"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/categories?post=1081"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/endpoint-security\/wp-json\/wp\/v2\/tags?post=1081"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}