Security Analytics Software

Best Security Analytics Software include:

Palo Alto Networks WildFire and McAfee Advanced Threat Defense.

Security Analytics Software Overview

What is Security Analytics Software?

Security analytics software are tools which provide proactive or exploratory network security via behavioral machine learning or analytics techniques. Alternately described as SA Platforms or network traffic analytics software, these tool collect, normalize, and analyze network traffic for threat behavior. Vendors specializing specifically in SA offer machine learning tools for applying security models to traffic across enterprise assets. While highly related to SIEM, security analytics software may provide more advanced tools for data mining or freeform analytics.

Features of Security Analytics Software

Security analytics platforms provide the following features, or target for analysis:
  • Ingested data from SIEM or other sources
  • User and entity behavior analytics (UEBA)
  • Automated or on-demand network traffic analysis
  • Model observed behavior against threat intelligence
  • Configure analytics to observe behavior against policy
  • Application access and analytics
  • DNS analysis tool
  • Email activity
  • Network packets
  • Identity and social persona
  • File access
  • Geolocation, IP context

Security Analytics Products

(1-25 of 49) Sorted by Most Reviews

LogRhythm NextGen SIEM Platform
45 ratings
18 reviews
The LogRhythm NextGen SIEM Platform, from LogRhythm in Boulder, Colorado, is security information and event management (SIEM) software which includes IR via the SmarResponse Automation Framework, UEBA via the CloudAI security analytics tool, NetMon network forensics, and other features providing a t…
Sumo Logic
34 ratings
10 reviews
Sumo Logic is a log management offering from the San Francisco based company of the same name.
Palo Alto Networks WildFire
15 ratings
5 reviews
Palo Alto Network’s WildFire is a malware prevention service. It specializes in addressing zero-day threats through dynamic and static analysis, machine learning, and advanced sandbox testing environments.
Logz.io
7 ratings
4 reviews
Logz.io in Boston offers their enterprise-grade log analytics application, oriented towards providing data security and eliminating the need for capacity management.
Splunk User Behavior Analytics (UBA)
1 ratings
1 reviews
Splunk supplies security analytics as a standalone solution or priced as an add-on for users of its popular SIEM products, to protect enterprises against unknown threats and malicious behavior, via the Splunk User Behavior Analytics (UBA) application.
IBM QRadar Advisor with Watson
1 ratings
1 reviews
IBM QRadar Advisor with Watson supports QRadar SIEM with Watson's AI guided automation as well as providing advanced analytics capabilities for evaluating suspicious user activity, conducting threat validation, and other analytics based tasks.
McAfee Advanced Threat Defense
8 ratings
1 reviews
McAfee Advanced Threat Defense enables organizations to detect advanced, evasive malware and convert threat information into immediate action and protection. Unlike traditional sandboxes, it includes additional inspection capabilities that broaden detection and expose evasive threats. Tight integrat…
Juniper Advanced Threat Prevention (JATP), formerly Cyphort
Juniper Advanced Threat Prevention (the JATP appliances) finds and blocks both known and unknown network cyberthreats. It uses SecIntel, Juniper’s security intelligence feed, along with sandboxing and machine learning to identify day-one threats. The ATP solution includes and supercedes the former …
Interset
Interset, developed by the company of the same name in Ottawa which was acquired by Micro Focus in February 2019, is a security analytics platform bringing artificial intelligence and machine learning to insider threat detection or related behavior-related security policy violations and threats.
Securonix SNYPR Platform
Securonix, from the Los Angeles-based company of the same name, offers the SNYPR Platform, an advanced analytics platform providing real time insights with identity data, threat hunting, and other security analytics capabilities. The SNYPR platform combines this with Securonix Response Bot, inciden…
Symantec Security Analytics (formerly Blue Coat)
Sophisticated, targeted attacks can take weeks, months or longer to discover and resolve. Incidence response teams need tools that quickly uncover the full source and scope of an attack to reduce time-to-resolution, mitigate ongoing risk and further fortify the network. According the the vendor, Sym…
Exabeam Security Intelligence Platform
Exabeam headquartered in San Mateo, offers their security intelligence and SIEM platform, the Exabeam Security Intelligence Platform, featuring unlimited security data collection (Exabeam Data Lake), threat detection via Exabeam Advanced Analytics, security response and orchestration via Exabeam Inc…
DNSentinel
SRC headquartered in New York offers DNSentinel, a security analytics tool which allows the user to perform domain name analysis, or perform data mining on passive DNS data.
Gurucul Risk Analytics (GRA)
Gurucul Risk Analytics (GRA) is a behavior based security analytics platform from Gurucul headquartered in El Segundo.
Bay Dynamics Risk Fabric Platform
Bay Dynamics headquartered in New York offers their Risk Fabric Platform to enterprises, which provides high level security risk analytics, user behavior analysis, kill chain analysis, and provides threat reporting and matrix.
Securonix Next-Generation SIEM
Securonix headquartered in Addison offers the Securonix Next-Generation SIEM deployment, combining log management as well as user and entity behavior analytics (UEBA), for a complete SOC solution.
Securonix User and Entity Behavior Analytics (UEBA)
Securonix headquartered in Addison offers the Securonix User and Entity Behavior Analytics (UEBA) tool, the company's core security analytics application providing AI-based and machine learning funcitons for analyzing and providing context to security data.
Devo Data Operations Platform
The Devo Data Operations Platform, from Devo headquartered in Cambridge, provides big data analytics capabilities to machine data and security operations.
Hillstone CloudView
Hillstone Security headquartered in Santa Clara offers Hillstone CloudView, a SaaS security management and advanced analytics solution for entities deploying Hillstone Security's firewalls or threat detection solutions.
LogRhythm UEBA
LogRhythm UEBA is the company's security analytics application for advanced threat detection via analysis of user behavior. LogRhythm offers their UEBA product standalone, or it can be integrated into the enterprise's SIEM product for additional functionality.
RSA NetWitness UEBA
RSA NetWitness UEBA is a security analytics application and part of the NetWitness network security and SIEM suite, from RSA Security.
Huntsman Enterprise SIEM
Huntsman Security, an Australian company offers the Huntsman Enterprise SIEM security platform, designed to provide a complete SIEM solution with a built-in behavior anomaly detection engine / UEBA engine (Huntsman BAD), which is an integral part of the Enterprise SIEM solution.
McAfee Investigator
McAfee Investigator is a security analytics application.
ArcSight Investigate
Micro Focus offers ArcSight Investigate, a proactive security and threat analytics and search application.
ArcSight User Behavior Analytics
Micro Focus offers the ArcSight User Behavior Analytics application, providing real-time anomalous behavior detection and threat detection.