The User and Entity Behavior Analytics Module (UEBAM) is a collection of AI Engine rules designed to detect unusual or malicious user activity that is occurring within your organization.

The UEBA Module contains licensed content that is available only to customers with a valid subscription.



Module Revisions

The following table summarizes the changes that have been made since the last release (3.0) of the User and Entity Behavior Module.

AIE Rule ID

AIE Rule Name

New

1549

Compromise: UEBA and User-related Security Classification Event: Impacted User

Modified

1278

Compromise: UEBA Multiple User Threat Events

1307

Compromise: UEBA and Recent User Location

1308

Compromise: UEBA and Location Watch List

1309

Compromise: UEBA and User Recently Added to a Privileged Group

1310

Compromise: UEBA and User-related Security Classification Event

1312

Compromise: UEBA Threat Event

1336

Compromise: UEBA Threat Event and Identity Lists

1490

Exfiltration: UEBA and File (NGFW) Detection

1491

Exfiltration: UEBA and Sensitive Data (NGFW) Detection

 Unchanged

N/A


Removed

N/A