All About Microsoft Sentinel UEBA
Вставка
- Опубліковано 2 кві 2023
- Attackers frequently try to display their actions as normal activities and in the balance between ordinary user activity and obvious attacker doings - there is a grey area. This grey area may pose imminent threats to your organization but could be overlooked. Learn how UEBA builds comprehensive profiles of the user and entity across time and peer group horizons to best find anomalies and suspicious activity.
00:12:26 Demo - Наука та технологія
Does UEBA costs extra? IF so how much or how to calculate?
No special license is required to add UEBA to Microsoft Sentinel, and there's no additional cost for using it. However, the more data you ingest, and the longer you choose to retain it, will lead to higher costs.
Thank you. My understanding is UEBA will create new table/s hence new data or extra data, which would lead to extra costs. Is this right? @@theacademyhub
UEBA generates new data and stores it in new tables that UEBA creates in your Log Analytics workspace (LAW). Additional data storage charges will apply, based on the volume of data ingested and retained by UEBA and similar to other Microsoft Sentinel capabilities. So yes, it would lead to extra costs.