ActivTrak headquartered in Austin provides their workforce behavior and performance tracking analytics solution.
$0
user/month
Splunk User Behavior Analytics (UBA)
Score 6.7 out of 10
N/A
Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.
The main advantage again observe was the ability to work without a dedicated on-premises server with a per-user cost basis, not worrying about data storage, SAN, and infrastructure overhead, screenshot instead of videos was a great choice.
We have a hybrid environment for a few departments so we use ActivTrak to track their productivity on their work-from-home days and it provides a clear analysis between the productive vs non-productive times during their work days. We have less than 10 people that we monitor so I'm not sure how well-suited the system is or if there are any better options for larger companies. It certainly suits our needs though.
Splunk User Behavior Analytics application is necessary when any company wants to capture the threat based on user behavior instead of just counting the number of occurrences of particular event. With Splunk UBA, we can analyse number of anomalies captured and which in turn creating threats which are nearly true positive.
Automatic time zones using the time zone of the device, to remove the constant need to change time zone per report.
Would be useful if you could define websites/applications directly from the top websites/application page instead of being redirected.
There have been problems with the monitoring application showing as not installed or detected on a machine that has it installed which is fixed by uninstalling and reinstalling the software. However, it is hard to identify user machines that have stopped working. We used to receive emails about PCs that have stopped reporting but not anymore.
We are in agreement that the tool is very handy as a security companion. The system collects and retain relevant historical data to be queried when you desire e.g. in security reviews once a week.
ActivTrak is a great product that just keeps growing. Having used it for quite some time, we have been able to see ActivTrak grow and evolve as a product. The ActivTrak webinars are also helpful to get to know and learn the product. ActivTrak really just works with little effort needed after the initial installation
Support is always fast and the agents are ready at all times to help when an issue arises, if the tier 1 agent isn't able to provide a solution to the issue they're asked about they quickly escalate the issue to tier 2 or 3 to ensure that the appropriate support is given to the issue at hand to have it quickly solved. No issue we've had so far has taken more than two days to be solved.
Systrak was purchased as an application performance monitoring system but it's usage morphed into user activity tracking once the pandemic hit and everyone went home to work. Even though it did provide a good bit of data about user activities, the data collection was on the client and was not accessible if the client machine was not on and connected to a network. The agent was also not as stable at ActivTrak so there were frequently large gaps of time in the user reports which was not accounted for. This made the system unusable for employee consultations and HR activities.
Easier we were using Splunk Enterprise on heavy forwarder on which all the add-on were installed and were using Splunk Cloud with respect to search head and indexers stack. And with Splunk Enterprise Security premium app, we were relying on correlation rules which were throwing more number of false positive but after implementing Splunk UBA, we are now getting real-time true positive threat or incidents.
Defensive capabilities immediately avoided data exfiltration from an outgoing employee.
Trends for underperforming or underdeveloping users can be spotted, analyzed by managers, and used within their overall development management to help staff reach their best potential.
Costing for targeted use is relatively low and therefore a "no brainer."
