Your browser is out of date

Update your browser to view this website correctly. Update my browser now

×

Niara User and Entity

Solutions Gallery > User and Entity

Machine learning

Niara’s user and entity behavior (UEBA) analytics use supervised and unsupervised machine learning techniques to detect anomalous behaviors and find attackers without up-front configuration. Supervised learning models, trained on large volumes of real world data, are applied to quickly surface indicators of compromise that would otherwise remain undetected. Niara’s unsupervised machine learning models ensure that the system is self-learning, continually adapting and accurately identifying anomalies even as attacks evolve.

Adaptive learning

While Niara’s machine learning models deliver value immediately upon deployment, analyst-provided feedback enables the platform to transparently adapt to the uniqueness of the local environment in a learning loop. Niara automatically learns the local enterprise context through analyst classification on alerts (e.g., the development server admin regularly downloads large files, hence those activities should not be interpreted as anomalous) and delivers remarkably noise-free results, which is not possible with solutions that cannot adapt.

Analytics modules

Niara’s user and entity behavior (UEBA) analytics use security information in packet, flow, log, file, alert and threat feed data, to provide the most accurate information for attack detection. Analytic modules include authentication, remote access, resource access, file, protocol, and peer-to-peer analytics, enabling Niara to not only detect anomalies, but more reliably attribute malicious intent to them. Analytics are presented graphically using interactive visualizations. And with integrated forensics, Niara makes it easy to get complete context on why something was flagged as high risk.

Entity profiles

By providing Entity360 risk profiles that profile entities (i.e., users and hosts), Niara enables comprehensive attack detection – e.g., discovering compromised headless devices, anomalous access to servers and applications, etc. Entity risk profiles provide a consolidated visual representation of all security-relevant information associated with an entity (e.g., results of user behavior analytics or UBA), making it easy for analysts of all experience levels to observe anomalies and patterns.

High-fidelity results

Niara’s use of unsupervised and supervised learning models enable anomalous behaviors to be linked to malicious intent more reliably. Niara’s analytics modules are multi-dimensional, profiling multiple orthogonal behaviors to make the system less prone to false positives. The outcome? Analysts can make better decisions because they have high confidence that any detected anomalies are indeed real.

Data fusion

A big data foundation allows Niara to ingest diverse data sources (i.e., packets, flows, logs, files, alerts, threat feeds) regardless of volume, fuse it into a single stream while simultaneously reducing its size, distill it into graphical summaries that provide rich context, and correlate it all back to entities for unparalleled visibility across an organization. Niara provides cost effective horizontal scalability and the ability investigate across time as far as needed, be it weeks, months, or years.

Key highlights

Category
Lower Business Risk

About Niara
Niara is building a security monitoring platform that helps discover compromised users and malicious insiders, efficiently prioritizes alerts for rapid investigation and supports advanced threat hunting efforts.

Video

Boost threat hunting using security analytics

Learn more about the solution

Yes, I would like to be contacted by Cloudera for newsletters, promotions, events and marketing activities. Please read our privacy and data policy.
Yes, I consent to my information being shared with Cloudera's solution partners to offer related products and services. Please read our privacy and data policy.

I agree to Cloudera's terms and conditions.

Your form submission has failed.

This may have been caused by one of the following:

  • Your request timed out
  • A plugin/browser extension blocked the submission. If you have an ad blocking plugin please disable it and close this message to reload the page.