Best Security Analytics Software include:
Palo Alto Networks WildFire, McAfee Advanced Threat Defense, Microsoft Advanced Threat Analytics (formerly Aorato), KnowBe4 PhishER, Rapid7 InsightIDR, Cisco SecureX (formerly Threat Response), Trend Micro Deep Discovery, Bitdefender Network Traffic Security Analytics, Juniper Advanced Threat Prevention (JATP), formerly Cyphort, and Cisco Threat Grid.
What is Security Analytics Software?Security analytics software are tools which provide proactive or exploratory network security via behavioral machine learning or analytics techniques. Alternately described as SA Platforms or network traffic analytics software, these tool collect, normalize, and analyze network traffic for threat behavior. Vendors specializing specifically in SA offer machine learning tools for applying security models to traffic across enterprise assets. While highly related to SIEM, security analytics software may provide more advanced tools for data mining or freeform analytics.
Features of Security Analytics SoftwareSecurity analytics platforms provide the following features, or target for analysis:
- Ingested data from SIEM or other sources
- User and entity behavior analytics (UEBA)
- Automated or on-demand network traffic analysis
- Model observed behavior against threat intelligence
- Configure analytics to observe behavior against policy
- Application access and analytics
- DNS analysis tool
- Email activity
- Network packets
- Identity and social persona
- File access
- Geolocation, IP context