Great Article from Tech Target on Behavioral Threat:
Real-time behavioral threat analytics is the next frontier in security. Learn how a behavioral threat assessment tool can protect your enterprise systems and data.
Behavior-based security software scans for deviations from the norm and has the intelligence to decide whether an anomaly poses a threat or can be ignored. Most behavior-based security programs come with a standard set of policies for which behaviors should be allowed and which should be considered suspicious, but also allow administrators to customize policies and create new policies.
A behavior-based security software product may be marketed as a behavior-based intrusion detection product, a behavior threat analysis (BTA) product or a user behavior analytics (UBA) products. Some products are sophisticated enough to apply machine learning algorithms to data streams so that security analysts don’t need to program in rules about what comprises normal behavior. Others include behavioral biometrics features that are capable of mapping specific behavior, such as typing patterns, to specific user behavior. Most products have advanced correlation engines to minimize the number of alerts and false positives.