IMPORTANT: No additional bug fixes or documentation updates will be released for this version. For the latest information, see the current release documentation.

›

Advanced Entity Analytics

edit

Advanced Entity Analytics

edit

Advanced Entity Analytics generates a set of threat detection and risk analytics that allows you to expedite alert triage and hunt for new threats from within an entity’s environment. This feature combines the power of the SIEM detection engine and Elastic’s machine learning capabilities to identify unusual user behaviors and generate comprehensive risk analytics for hosts and users.

Advanced Entity Analytics provides two key capabilities:

Entity risk scoring
Advanced behavioral detections

« Update v8.11.21 Entity risk scoring »