Try our new research platform with insights from 80,000+ expert users
2022-05-12T17:11:00Z

Top 7 User Behavior Analytics (UEBA) Tools 2022

NC
  • 127
Published:May 12, 2022

PeerSpot’s crowdsourced user review platform helps technology decision-makers around the world to better connect with peers and other independent experts who provide advice without vendor bias.

Our users have ranked these solutions according to their valuable features, and discuss which features they like most and why.

You can read user reviews for the Top User Behavior Analytics - UEBA Tools to help you decide which solution is best for you.

Users compare and give feedback on User Behavior Analytics - UEBA Tools that they’ve used — based on product reviews, ratings, and comparisons.

#1 Cynet

Cynet is ranked as PeerSpot’s #1 User Behavior Analytics - UEBA Tool. Our users give Cynet an average rating of 8 out of 10.

Musole M., Head of Operations at Investrust Bank Plc., says of the product, “The detailed visibility it gives into the endpoint is excellent. We deployed it at a bank recently. So far, it's been great at showing us what has been happening in the environment.”

Gadi G., VP, CIO, CDO at a manufacturing company, mentions, “One of the main reasons we chose Cynet was because they have their own distribution system for all the computers. That's the reason it was implemented so quickly.” He adds, “Overall, I would rate Cynet a ten out of ten.”

George E. J., Director of Cyber Security Services at Assured Enterprises, notes, “The ability to work with small teams and provide value is its most valuable aspect. They provide so many different value propositions.”

#2 One Identity Safeguard

One Identity Safeguard is ranked as PeerSpot’s #2 User Behavior Analytics - UEBA Tool. Our users give One Identity Safeguard an average rating of 8 out of 10.

Walid S., Networking and Security Engineer at a tech services company, writes, “We deployed it into our company for controlling a client's behavior in our data center. It is very useful to control their connections, such as RDP.”

Mahfoudh B., Network & Security Engineer at Onetechpro, says, “Safeguard has the ability to record and retrieve in the full-video format.”

Mohamed E., a Service Security Lead at Salam Technology, says of the solution, “The scalability of One Identity Safeguard is good, we can add multiple devices. We have approximately 40 administrates using this solution in my organization.”

#3 Exabeam Fusion SIEM

Exabeam Fusion SIEM is ranked as PeerSpot’s #3 User Behavior Analytics - UEBA Tool. Our users give Exabeam Fusion SIEM an average rating of 8 out of 10.

George S., Strategic Account Specialist at FITS Consulting, says of the solution, “It's a very user-friendly product and it's a very comprehensive technology. The security on offer is very good. Cost-wise, compared to other technology, it's affordable.”

Another PeerSpot reviewer, a COO at a computer software company, mentions, “The solution is easy to use and on a whole, it is pretty valuable. The way it can connect with AWS is very useful, and the integrations are pretty good.”

A Senior Solutions Architect at a tech services company states, “I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful.”

#4 Rapid7 InsightIDR

Rapid7 InsightIDR is ranked as PeerSpot’s #4 User Behavior Analytics - UEBA Tool. Our users give Rapid7 InsightIDR an average rating of 8 out of 10.

Davide B., CoFounder and Head of Technology at Intuity, states, “The solution is very intuitive, it's easy to set up, is absolutely stable, and has a lot of integration with other security products.”

Midhun K., Head of Infrastructure at Pearl Data Direct, says of the solution, “Since it's cloud-based, the configuration is very simple, the collector will automatically sync to the cloud platform.

Another PeerSpot reviewer, a Technical Consultant at a computer software company, mentions, “InsightIDR's dashboard shows you live activity from the threat.” He adds, “It’s easy to scale because it is on the cloud platform.

#5 Splunk User Behavior Analytics

Splunk User Behavior Analytics is ranked as PeerSpot’s #5 User Behavior Analytics - UEBA Tool. Our users give Splunk User Behavior Analytics an average rating of 8 out of 10.

One PeerSport reviewer, an Owner at a computer software company, notes, “The solution appears to be stable, although we haven't used it heavily. You can use the demo version in order to try the solution for free.”

A Senior CyberSecurity Solutions Architect at a security firm says of the solution, “Scalability is excellent on all Splunk products that I've dealt with.” He adds, “I would rate this solution a nine out of ten.”

A Global Engineer at a financial services firm writes, “The automation is very good. The product is at the forefront of auto-remediation networking. It's great. The pricing of the solution is very reasonable.”

#6. Securonix Next-Gen SIEM

Securonix Next-Gen SIEM is ranked as PeerSpot’s #6 User Behavior Analytics - UEBA Tool. Our users give Securonix Next-Gen SIEM an average rating of 8 out of 10.

A Lead Security Engineer at a tech services company notes, “Features, like Spotter, are the most valuable. Spotter is a wide range of research for any of the incidents that happened under my clients' data.”

Sanjay K., Manager Security Operation Center at a tech services company, mentions, “The solution is stable. The initial setup was relatively uncomplicated.

#7. Microsoft Defender for Identity

Microsoft Defender for Identity is ranked as PeerSpot’s #7 User Behavior Analytics - UEBA Tool. Our users give Microsoft Defender for Identity an average rating of 10 out of 10.

Danny S., Enterprise Architect at NTT New Zealand Ltd., says of the product, “The feature that I most like is that it integrates with the other Defender components. Defender Identity is part of Microsoft 365, and there is Defender for Office 365, Defender for endpoints, and cloud edge security.”

A Security specialist at a manufacturing company notes, “So it has a feature where you can look into lateral movement parts, and it has a great graphing feature that shows you what kind of lateral movement risks are associated with certain accounts.”

Another PeerSpot reviewer, a Senior Infrastructure Security Engineer at a tech services company, mentions, “It is easy to set up. Based on the number of devices you would like to set up, you can use scripts, Group Policy, etc. It takes five minutes to set up.”

Explore related topics
User Entity Behavior Analytics (UEBA)
Product comparison that may be of interest to you
Microsoft Defender for Iden...
  • 21 Reviews
Securonix Next-Gen SIEM
  • 33 Reviews
Share
PeerSpot user
PeerSpot user
Buyer's Guide
User Entity Behavior Analytics (UEBA)
April 2025
Download Free Report
Find out what your peers are saying about IBM, Exabeam, Rapid7 and others in User Entity Behavior Analytics (UEBA). Updated: April 2025.
DOWNLOAD NOW
849,686 professionals have used our research since 2012.
Related Questions
Basov Mikhail - PeerSpot reviewer
Aug 17, 2023
Aug 17, 2023
What is One Identity Safeguard's lower-level architecture scheme?
One Identity Safeguard's lower-level architecture scheme is a three-tier architecture made up of the following layers: The Presentation layer presents data and is responsible for user interaction. It includes the web interface, client applications, and APIs. The Application layer is for business logic and data processing. It includes the Safeguard server, database, and other applications. The I...
See 1 answer
Anne Cubarrubia - PeerSpot reviewer
Aug 17, 2023
One Identity Safeguard's lower-level architecture scheme is a three-tier architecture made up of the following layers: The Presentation layer presents data and is responsible for user interaction. It includes the web interface, client applications, and APIs. The Application layer is for business logic and data processing. It includes the Safeguard server, database, and other applications. The Infrastructure layer provides the underlying infrastructure for the other layers. It includes the operating system, hardware, and networking components. The three-tier architecture is a common design pattern for enterprise software applications. It provides a separation of concerns between the different layers, which makes the application more scalable, reliable, and secure.
Read full answer
AG
Aug 14, 2023
Aug 14, 2023
Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your...
See 2 answers
Nurlan Temirbulatov - PeerSpot reviewer
Dec 7, 2022
Hello Avinash, it all depends on the timeline and urgency of the project. If you need to deploy a PAM tool that focuses on standing privileges, stopping lateral movement, and incorporating Zero Standing Privileges as part of Zero Trust, then please consider looking at Remediant. I've worked for BeyondTrust and have gone up against the other big players such as Delinea, Centrify, CyberArk, and HashiCorp. They more or less all offer similar solutions, but looking at your current requirements, Remediant really excels in delivering a simple, yet very effective tool in a matter of days and weeks, not months and years. 
Read full answer
DN
Aug 14, 2023
Based on your extensive list of requirements, CyberArk Privileged Access Manager appears to align well with your needs due to its comprehensive feature set, strong security controls, integration capabilities, and advanced analytics for privileged access. However, it's important to conduct in-depth evaluations, demos, and discussions with each vendor to ensure that the chosen tool meets all your specific needs and integrates seamlessly into your existing infrastructure. However, I recommend visiting the official website of Broadcom (the company that acquired Symantec's enterprise security business) or contacting their sales representatives to get the most up-to-date information about their PAM solutions, including any rebranding or changes that may have occurred. When evaluating any PAM solution, it's essential to consider factors such as security, integration capabilities, ease of use, vendor support, scalability, and alignment with your organization's specific needs and compliance requirements. It's also a good practice to request demonstrations, proofs of concept, and references from vendors to ensure that the solution meets your expectations. Remember to involve key stakeholders, such as IT, security, compliance, and management teams, in the decision-making process to ensure alignment with organizational goals and requirements.
Read full answer
Product Comparisons
Go!
Related Categories
User Entity Behavior Analytics (UEBA)
Top rated products
Microsoft Defender for Identity
  • 21 Reviews
Securonix Next-Gen SIEM
  • 33 Reviews
Splunk User Behavior Analytics
  • 23 Reviews
Rapid7 InsightIDR
  • 32 Reviews
Exabeam
  • 19 Reviews
Cynet
  • 40 Reviews
One Identity Safeguard
  • 45 Reviews
See all products
Related Questions
Aug 17, 2023
What is One Identity Safeguard's lower-level architecture scheme?
Aug 14, 2023
Which PAM tool do you prefer: CyberArk Privileged Access Manager, One Identity Safeguard, Delinea Secret Server, or BeyondTrust Privileged Remote A
Download Free Report
Download our free User Entity Behavior Analytics (UEBA) Report and find out what your peers are saying about Microsoft, Splunk, Rapid7, and more! Updated: April 2025.
DOWNLOAD NOW
849,686 professionals have used our research since 2012.