User and Entity Behavior Analytics

The User and Entity Behavior Analytics Module (UEBAM) is a collection of AI Engine rules designed to detect unusual or malicious user activity that is occurring within your organization.

The UEBA Module contains licensed content that is available only to customers with a valid subscription.

UEBA Deployment Guide UEBA User Guide

Matrices

AI Engine Rules Lists

Module Revisions

The following table summarizes the changes that have been made since the last release (3.1) of the User and Entity Behavior Module.

AIE Rule ID	AIE Rule Name
New
1560	Compromise: UEBA Multiple O365 Files Del:1st
1561	Compromise: UEBA Multiple O365 Files Del:2nd
1562	Compromise: UEBA Multiple O365 Downloads
1563	Compromise: UEBA New Host & User Pass Change
1564	Compromise: UEBA User Score & Pass Modified