GACWR/OpenUBA
A robust, and flexible open source User & Entity Behavior Analytics (UEBA) framework used for Security Analytics. Developed with luv by Data Scientists & Security Analysts from the Cyber Security Industry. [BETA]
This framework helps security analysts understand and identify unusual or malicious user and entity behaviors within their systems. It takes in various security logs and activity data, and outputs anomaly alerts and insights based on transparent, customizable models. Security analysts who want to look "under the hood" of their behavioral analytics models to understand how they work, or data scientists looking to contribute new security models, will find this particularly useful.
470 stars. Available on PyPI.
Use this if you are a security analyst who needs transparency and control over the machine learning models used to detect threats, rather than relying on 'black box' solutions.
Not ideal if you prefer pre-configured, opaque UBA solutions where the underlying data science models are hidden and require no customization.
Stars
470
Forks
270
Language
Python
License
GPL-3.0
Category
Last pushed
Mar 01, 2026
Commits (30d)
0
Dependencies
3
Get this data via API
curl "https://pt-edge.onrender.com/api/v1/quality/ml-frameworks/GACWR/OpenUBA"
Open to everyone — 100 requests/day, no key needed. Get a free key for 1,000/day.
Related frameworks
nfstream/nfstream
NFStream: a Flexible Network Data Analysis Framework.
echowei/DeepTraffic
Deep Learning models for network traffic classification
faucetsdn/poseidon
Poseidon is a python-based application that leverages software defined networks (SDN) to acquire...
CESNET/cesnet-datazoo
CESNET DataZoo: A toolset for large network traffic datasets
CESNET/cesnet-models
CESNET Models: Neural networks for network traffic classification