Monthly Archives: May 2016

Charles Leaver – Gartner Research Reports On Behavioral Analytics New Trends

Written By Josh Linder And Presented By Ziften CEO Charles Leaver

The marketplace for business behavioral analytics is developing – again – to support the security usage case. In the recent Gartner User and Entity Behavior (UEBA) Trends Report, Ziften is thrilled to be noted as a “Vendor to Watch.” Our company believe that our established relationships with risk intelligence feeds and visualization tools shows our inclusion within this research note.

In the UEBA Market Report, Analysts Eric Ahlm and Avivah Litan explain that there is a potential merging in the advanced threat and analytics markets. The concept of UEBA – which extends user behavioral analytics to now include companies, business processes, and autonomous devices such as the Internet of Things – requires deep understanding and the capability to respond rapidly and effectively.

At Ziften our recognized relationships with threat intelligence feeds and visualization tools reflects our inclusion within this research note. Our platform provides risk detection throughout different behavior vectors, instead of taking a look at a single-threaded signature feed. With integrations to orchestration and response systems, Ziften distinctively couples signature-based and behavioral analysis, while bridging the gap from securing the endpoint to protecting the entity. Constant tracking from the endpoint – consisting of network flow – is critical to comprehending the complete threat landscape and vital for a holistic security architecture.

We applaud Gartner on identifying 4 areas for security and analytic vendors to focus on: User Behavior, Host/App Behavior, Network Habits, and External Communications Behavior. We are the only endpoint supplier – today – to monitor both network habits and external interactions habits. Ziften’s ZFLow ™ uses network telemetry to exceed the basic IPFIX flow data, and enhance with Layer 4 and Layer 5 operating system and user behavior. Our threat intelligence integration – with Blue Coat, iSIGHT Partners, AlienVault and the National Vulnerability Database – is the best in the field. Furthermore, our special relationship with ReversingLabs supplies binary analysis straight within the Ziften administration console.

Ultimately, our constant endpoint visibility system is pivotal in helping to find behavioral risks that are challenging to associate without making use of innovative analytics.

Gartner Report

Six additional innovation trend takeaways which Gartner readers need to think about:

– Application of Analytics to Finding Breaches Differs
– Data Science for Analytics Technologies Still Up and Coming
– The Required for Extended Telemetry Drives Analytics Market Convergence
– Merging Between Analytics-Based Detection Suppliers and Orchestration/Response Vendors Probable
– SIEM Technologies Positioned to Be Central to Consolidation for Analytics Detection
– Advanced Behavioral Analytics Providers Extending Their Reach to Security Buyers


Gartner does not back any vendor, product or service portrayed in its research study publications, and does not advise technology users to choose just those vendors with the greatest scores or other classification. Gartner research study publications consist of the viewpoints of Gartner’s research study organization and must not be construed as declarations of fact. Gartner disclaims all guarantees, revealed or indicated, with respect to this research study, including any warranties of merchantability or fitness for a particular purpose.