Building a Powerful User Behavior Analytics System Using Snowflake – Oskar Eriksson, Snowflake

Premium content

Login or register to unlock the content

Session Outline

User behavior analytics (UBA), also known as user and entity behavior analytics (UEBA), is catching increasing attention in the IT & security community as a proven behavior based insider risk detection solution. However, without the power of cloud and its big data handling capabilities from batch processes, real-time streams, and external data sources, it is difficult to assess normal conduct of users at an enterprise while being able to catch anomalous behaviors in real time.

Key Takeaways In this session I will present how Snowflake can be used to:

– Catch anomalies with different level anomalous scores yielded by Python inferencing UDF with multiple models which are trained on schedules to choose from;

– Carry out efficient feature engineering to capture user signatures;

– Detect time series phase changes via change point detection as a complementary tool to classical anomaly detection. Such a solution injects data from all possible sources: device usages, emails, logon/offs, and other internal footprints. With our platform it is easy to scale in accordance with the growth of the organization so that there is sustaining intelligence to support IT & security teams for finding early signs of internal risk.

Add comment