I’m working on a forecast for the UEBA market and it’s quickly bringing this fact into focus
By 2022 – there will be no more UEBA market.
Yes the UEBA market has been doubling every year and we estimate it grew from $50M in 2015 to $100M in 2016 and will double again to $200M in 2017. But then what?
Some UEBA vendors will survive as standalone platforms that in essence become ‘next generation SIEM’ platforms. How do we define ‘next gen SIEM’ platforms? SIEM plus smarter advanced analytics, plus user and entity behavior analysis, plus cognitive computing based (i.e. smarter) orchestration and response.
UEBA vendors who don’t make it to standalone next gen SIEM vendors will get folded into other security markets such as Endpoint Security, IAM, DLP, CASB where advanced analytics and behavioral profiling will help these products cut through the noise, resulting in lower alert volume and more accurate and actionable high priority alerts.
The eventual disappearance of a standalone UEBA market has been apparent all along. We knew when we started our first 2014 Market Guide on UBA and later graduated it to a 2015 Market Guide on User and Entity Behavior Analytics that this market represented a collection of technologies as noted in the UEBA definition. See 2014 Market Guide on User Behavior Analytics and 2015 Market Guide for User and Entity Behavior Analytics.
From the start, this collection of technologies has addressed many use cases and solved many problems. But it is quickly maturing and evolving – to the point where it will make UEBA as a standalone market obsolete.
Bottom line – Security is getting smarter with the integration of advanced analytics and user and entity behavioral profiling. That’s good for users and good for vendors who can keep up with this trend.
Comments or opinions expressed on this blog are those of the individual contributors only, and do not necessarily represent the views of Gartner, Inc. or its management. Readers may copy and redistribute blog postings on other blogs, or otherwise for private, non-commercial or journalistic purposes, with attribution to Gartner. This content may not be used for any other purposes in any other formats or media. The content on this blog is provided on an "as-is" basis. Gartner shall not be liable for any damages whatsoever arising out of the content or use of this blog.