Archive for May, 2016

Chuck Leaver – New Trends In Behavioral Analytics In Gartner Report

Written By Josh Linder And Presented By Ziften CEO Charles Leaver


The marketplace for business behavioral analytics is evolving – again – to support the security usage case. In the recent Gartner User and Entity Behavior (UEBA) Trends Report, Ziften is thrilled to be noted as a “Vendor to Watch.” We believe that our recognized relationships with risk intelligence feeds and visualization tools shows our inclusion within this research study note.

In the UEBA Market Report, Analysts Eric Ahlm and Avivah Litan explain that there is a prospective merging in the innovative risk and analytics markets. The idea of UEBA – which extends user behavioral analytics to now consist of organizations, business processes, and self-governing devices such as the Internet of Things – needs deep understanding and the capability to respond quickly and effectively.

At Ziften our recognized relationships with threat intelligence feeds and visualization tools reflects our inclusion within this research note. Our platform offers risk detection across numerous behavior vectors, rather than taking a look at a single-threaded signature feed. With integrations to orchestration and response systems, Ziften distinctively couples signature-based and behavioral analysis, while bridging the gap from protecting the endpoint to protecting the entity. Continuous tracking from the endpoint – including network flow – is crucial to understanding the complete threat landscape and crucial for a holistic security architecture.

We applaud Gartner on identifying 4 areas for security and analytic suppliers to concentrate on: User Habits, Host/App Habits, Network Habits, and External Communications Behavior. We are the only endpoint supplier – today – to monitor both network habits and external interactions habits. Ziften’s ZFLow ™ utilizes network telemetry to surpass the standard IPFIX flow data, and enhance with Layer 4 and Layer 5 os and user behavior. Our threat intelligence integration – with Blue Coat, iSIGHT Partners, AlienVault and the National Vulnerability Database – is second to none. Additionally, our distinct relationship with ReversingLabs provides binary analysis straight within the Ziften administration console.

Eventually, our continuous endpoint visibility solution is instrumental in assisting to find behavioral risks that are tough to associate without using advanced analytics.

Gartner Report

6 extra innovation pattern takeaways which Gartner readers should think about:

– Application of Analytics to Discovering Breaches Differs
– Data Science for Analytics Technologies Still Emerging
– The Need for Extended Telemetry Drives Analytics Market Merging
– Convergence Between Analytics-Based Detection Suppliers and Orchestration/Response Vendors Likely
– SIEM Technologies Positioned to Be Central to Consolidation for Analytics Detection
– Advanced Behavioral Analytics Providers Extending Their Reach to Security Buyers


Gartner does not endorse any supplier, service or product depicted in its research study publications, and does not encourage technology users to pick just those vendors with the highest scores or other classification. Gartner research study publications consist of the opinions of Gartner’s research company and should not be construed as declarations of fact. Gartner disclaims all warranties, expressed or indicated, with respect to this research, including any guarantees of merchantability or fitness for a particular purpose.