Building a Powerful User Behavior Analytics System Using Snowflake – Oskar Eriksson, Snowflake


Session Outline

User behavior analytics (UBA), also known as user and entity behavior analytics (UEBA), is catching increasing attention in the IT & security community as a proven behavior based insider risk detection solution. However, without the power of cloud and its big data handling capabilities from batch processes, real-time streams, and external data sources, it is difficult to assess normal conduct of users at an enterprise while being able to catch anomalous behaviors in real time.

Key Takeaways

– Catch anomalies with different level anomalous scores yielded by Python inferencing UDF with multiple models which are trained on schedules to choose from.

– Carry out efficient feature engineering to capture user signatures.

– Detect time series phase changes via change point detection. This injects data from all sources: device usages, emails, logon/offs, and other internal footprints. With our platform, it is easy to scale in accordance with the growth of the organization so that there is sustaining intelligence to support IT & security teams for finding early signs of internal risk.

Add comment