I’m working on a forecast for the UEBA market and it’s quickly bringing this fact into focus
By 2022 – there will be no more UEBA market.
Yes the UEBA market has been doubling every year and we estimate it grew from $50M in 2015 to $100M in 2016 and will double again to $200M in 2017. But then what?
Some UEBA vendors will survive as standalone platforms that in essence become ‘next generation SIEM’ platforms. How do we define ‘next gen SIEM’ platforms? SIEM plus smarter advanced analytics, plus user and entity behavior analysis, plus cognitive computing based (i.e. smarter) orchestration and response.
UEBA vendors who don’t make it to standalone next gen SIEM vendors will get folded into other security markets such as Endpoint Security, IAM, DLP, CASB where advanced analytics and behavioral profiling will help these products cut through the noise, resulting in lower alert volume and more accurate and actionable high priority alerts.
The eventual disappearance of a standalone UEBA market has been apparent all along. We knew when we started our first 2014 Market Guide on UBA and later graduated it to a 2015 Market Guide on User and Entity Behavior Analytics that this market represented a collection of technologies as noted in the UEBA definition. See 2014 Market Guide on User Behavior Analytics and 2015 Market Guide for User and Entity Behavior Analytics.
From the start, this collection of technologies has addressed many use cases and solved many problems. But it is quickly maturing and evolving – to the point where it will make UEBA as a standalone market obsolete.
Bottom line – Security is getting smarter with the integration of advanced analytics and user and entity behavioral profiling. That’s good for users and good for vendors who can keep up with this trend.