Session Outline

User behavior analytics (UBA), also known as user and entity behavior analytics (UEBA), is catching increasing attention in the IT & security community as a proven behavior based insider risk detection solution. However, without the power of cloud and its big data handling capabilities from batch processes, real-time streams, and external data sources, it is difficult to assess normal conduct of users at an enterprise while being able to catch anomalous behaviors in real time.

Key Takeaways

In this session I will present how Snowflake can be used to:

  • catch anomalies with different level anomalous scores yielded by Python inferencing UDF with multiple models which are trained on schedules to choose from;
  • carry out efficient feature engineering to capture user signatures;
  • detect time series phase changes via change point detection as a complementary tool to classical anomaly detection. Such a solution injects data from all possible sources: device usages, emails, logon/offs, and other internal footprints. With our platform it is easy to scale in accordance with the growth of the organization so that there is sustaining intelligence to support IT & security teams for finding early signs of internal risk.


Speaker Bio

Oskar Eriksson | Senior Sales Engineer | Snowflake

Oskar Eriksson is a statistician turned data scientist turned sales engineer at Snowflake. At Snowflake he supports customers with their advanced analytics and data science workloads in particular, and other data work in general. He spends most of his time outside of work complaining about the abuse of statistics in public discourse until his infant kids manage to distract him to go play instead.

November 9 @ 13:50
13:50 — 14:20 (30′)


Oskar Eriksson | Senior Sales Engineer | Snowflake