Entity Lists in UEBA allow analysts to filter and focus dashboard results on specific assets or identities that are relevant to their investigation. With entity lists, security teams can narrow the behavioral context they view, improving focus and reducing noise during analysis.

Entity lists define a set of entities, such as users, hosts, or devices, that you can include or exclude from dashboards and detections. This can help you do the following:

• Focus dashboards on entities of interest

• Exclude known safe or low-priority entities

• Reuse curated lists for ongoing monitoring or comparison

When applied, entity lists update UEBA dashboards to include or exclude matching entities. This can help you investigate faster, get clearer behavioral insights, and triage more efficiently.