Advanced Entity Analytics

edit

Advanced Entity Analytics

edit

[preview] This functionality is in technical preview and may be changed or removed in a future release. Elastic will work to fix any issues, but features in technical preview are not subject to the support SLA of official GA features.

Advanced Entity Analytics generates a set of threat detection and risk analytics that allows you to expedite alert triage and hunt for new threats from within an entity’s environment. This feature combines the power of the SIEM detection engine and Elastic’s machine learning capabilities to identify unusual user behaviors and generate comprehensive risk analytics for hosts and users.

Advanced Entity Analytics provides two key capabilities: