Live Cyber Attack Lab 🎯 Watch our IR team detect & respond to a rogue insider trying to steal data! Choose a Session


The Difference Between UBA and UEBA

Data Security

In October, Gartner released a new market guide for User and Entity Behavior Analytics (UEBA). I, like many others, wondered why there’s suddenly an “E” in UEBA. Last year’s market guide was simply User Behavior Analytics (UBA).

To understand this additional letter, it might be worthwhile to review the market definition of UBA. UBA’s primary market focused on security (the theft of data) and fraud (use of stolen information) technologies.

However, as data theft grew, so did the security technologies market. As a result, Gartner concluded that its growth and maturation required a distinct divergence from fraud detection technologies.

This led to renaming UBA to UEBA, where the letter “E”, according to Gartner:

…recognizes the fact that other entities besides users are often profiled in order to more accurately pinpoint threats, in part by correlating the behavior of these other entities with user behavior.

In other words, UEBA software correlates both user activity and other entities such as managed and unmanaged endpoints, applications (including cloud, mobile and other on-premises applications), networks, as well as external threats.

By using UEBA, you’re protecting against external threats that make their way inside the perimeter as well as the insider threats that already exist–you’re protecting your data from the inside out.

Hey! Did you know that Varonis is a named “representative vendor” in Gartner’s New Market Guide for User and Entity Behavior Analytics?

Cindy Ng

Cindy Ng

Cindy is the host of the Inside Out Security podcast.


Does your cybersecurity start at the heart?

Get a highly customized data risk assessment run by engineers who are obsessed with data security.