SAN FRANCISCO–(BUSINESS WIRE)–RSA Convention – Gurucul, a frontrunner in unified safety and danger analytics expertise for on-premises and the cloud, right this moment introduced Gurucul Unified Safety & Threat Analytics, the primary cloud-native information science pushed platform that unifies key Cyber Protection Middle capabilities to allow contextual, risk-prioritized selections for automating safety controls. Gurucul is exhibiting the brand new Unified Safety Analytics product this week at RSA Convention 2020 in sales space #2027 in San Francisco.
Gurucul Unified Safety Analytics relies on 10 years of analysis and buyer success greatest practices deploying machine studying (ML) and synthetic intelligence (AI) methods with security-specific huge information. It applies safety analytics to make use of instances dealt with by SIEM, UEBA, community visitors evaluation, SOAR, cloud safety and menace looking in a single consolidated platform to detect each identified and unknown threats in real-time, establish dangerous consumer/entity behaviors, and mechanically reply to safety incidents.
In keeping with Forrester, “SA (Safety Analytics) platforms give S&R professionals the flexibility to detect, examine, and reply to cybersecurity threats extra shortly. Dashing detection and hastening the investigation course of allows quicker response, lessening the impression of cyberattacks”1.
Gurucul considerably reduces infrastructure, operations and software program licensing value overheads, and supplies a single-pane-of-glass with 360 diploma context for menace looking, investigations and incident response. The answer additionally simplifies information and community structure by lowering integration factors, information hops and bandwidth necessities. Its playbook administration and danger aggregation capabilities can be utilized to set off applicable remediation actions resembling blocking community visitors, isolating gadgets, implementing step-up authentication, blocking USB entry and disabling consumer accounts.
Gurucul Unified Safety and Threat Analytics helps organizations predict, detect and forestall cyber safety breaches by ingesting and analyzing large quantities of knowledge from just about any supply, together with community, IT programs, cloud platforms, purposes, IoT, and extra. It supplies a complete view of consumer / entity behaviors and detects dangerous outliers utilizing a library of superior ML fashions and identity-centric information science, machine studying, anomaly detection and predictive risk-scoring algorithms to establish irregular behaviors and actions indicative of safety threats. By producing contextual, risk-prioritized alerts in real-time, Gurucul Unified Safety & Threat Analytics can mechanically mitigate threats earlier than harm happens.
“Guidelines-based approaches to safety, whether or not they’re utilized to menace detection, investigation or response can now not maintain tempo with superior cyber threats together with account compromise and malicious insiders,” mentioned Nilesh Dherange, CTO of Gurucul. “By unifying the whole safety stack and making use of real-time machine studying and synthetic intelligence to collected information in a cloud native platform, Gurucul supplies unprecedented context and danger prioritized alerts for implementing automated, model-driven safety controls.”
Unified, Cloud-Native, Finish-to-Finish Safety Analytics
Gurucul Unified Safety Analytics is comprised of the next six core capabilities:
Person and Entity Habits Analytics (UEBA)
Gurucul pioneered the UEBA house, going far past easy insurance policies used to establish identified threats, by making use of huge data-based analytics, AI and machine studying to consumer and machine behaviors to establish unknown threats in real-time that will in any other case seem as “regular” exercise to rules-based engines. Gurucul has the most important library of machine studying fashions and Gurucul Studio™, the trade’s solely open software that permits customers to construct their very own conduct fashions with drag-drop functionality.
Community Site visitors Evaluation
Gurucul Community Site visitors Evaluation (NTA) applies behavioral analytics to community visitors to detect suspicious exercise that evades different safety instruments. It analyzes excessive velocity real-time stream and packet (pcap) information enriched by a number of different safety sources utilizing out-of-the-box ML fashions to detect and alert on new, unknown malware, zero-day exploits and assaults which can be sluggish to develop.
Gurucul combines a FlexConnector framework with out-of-the-box ingestion pipelines and a giant information lake to assist the gathering, processing, indexing and storage of large datasets for evaluation, investigation, safety, and compliance.
Gurucul supplies cloud-native, past next-generation SIEM capabilities by combining log aggregation with an open huge information platform, superior menace looking, compliance reporting and dashboards, visualizations, the trade’s main UEBA, clever SOAR and community visitors evaluation. Geared up with the trade’s largest library of pre-packed menace detection fashions, Gurucul supplies 83% protection of MITRE ATT&CK Framework techniques and methods. Gurucul’s analytics-driven cloud SIEM can scale to large quantities of knowledge in real-time and automate clever responses utilizing risk-prioritized alerts primarily based on an enormous library of machine studying fashions and danger scoring algorithms.
Gurucul allows automated response workflows with out-of-the-box, customizable playbooks to mitigate recognized threats. The Gurucul Unified Safety Analytics FlexConnector framework supplies integration with downstream safety options to set off applicable danger remediation actions. For instance, if a consumer’s danger rating reaches 90 they usually exhibit insider menace conduct, Gurucul SOAR can block their Web entry so information can’t be exfiltrated. Moreover, Gurucul can combine with third social gathering SOAR, SIEM, incident response and ticketing platforms to automate response actions.
Clever AI/ML Primarily based Risk Looking
With prebuilt menace libraries that embody fashions, queries, information options and playbooks Unified Safety & Threat Analytics helps a wide-range of menace looking makes use of instances like insider menace detection, information exfiltration, phishing, endpoint forensics, malicious processes, ransomware detection and community menace analytics, in addition to cyberthreat, human centric and entity associated menace situations. These pre-packaged libraries span greater than 1100 of the most typical menace queries to prioritize base actions and permit analysts to concentrate on the proactive investigation of latest and unknown menace patterns utilizing contextual information. In the meantime, new AI capabilities in Gurucul Miner™ assist uncover different impacted customers, gadgets and entities.
Availability and Pricing
Gurucul Unified Safety & Threat Analytics is out there instantly from Gurucul and its enterprise companions worldwide. Pricing relies on identities, with no mounted or variable value for information. For extra info go to https://www.gurucul.com/merchandise/unified-security-analytics.
1The Forrester Wave™: Safety Analytics Platforms, Q3 2018, Joseph Blankenship, September 21, 2018
Gurucul is a world cyber safety and fraud analytics firm that’s altering the way in which organizations shield their most useful belongings, information and knowledge from insider and exterior threats each on-premises and within the cloud. Gurucul’s real-time Unified Safety and Threat Analytics Platform combines machine studying conduct profiling with predictive risk-scoring algorithms to foretell, forestall and detect breaches. Gurucul expertise is utilized by International 1000 corporations and authorities businesses to struggle cyber fraud, IP theft, insider menace and account compromise in addition to for log aggregation, compliance and danger primarily based safety orchestration and automation. The corporate relies in Los Angeles. To be taught extra, go to https://gurucul.com/ and observe us on LinkedIn and Twitter.