Advanced Entity Analytics
editAdvanced Entity Analytics
editAdvanced Entity Analytics generates a set of threat detection and risk analytics that allows you to expedite alert triage and hunt for new threats from within an entity’s environment. This feature combines the power of the SIEM detection engine and Elastic’s machine learning capabilities to identify unusual user behaviors and generate comprehensive risk analytics for hosts and users.
Advanced Entity Analytics provides two key capabilities: