Gurucul, the 2022 Platinum ‘ASTORS’ Homeland Security Award Champion for Best Security Incident & Event Management Solution (SIEM), has launched a new generative AI capability called Sme (Subject Matter Expert) to accelerate threat detection, supercharge security investigations and automate responses.
Sme AI empowers Security Operations Center (SOC) analysts with powerful insights into a rich, correlated dataset across identity, security, network, enterprise, and cloud platforms. Sme AI will improve SOC team efficiency and help counter the ongoing challenges of limited resources and skill sets, overwhelming alert fatigue, false positives, and mis- or unprioritized alerts.
(See how you can stop chasing false positives by getting the products that do the work for you. Courtesy of Gurucul and YouTube.)
Gurucul pioneered the use of AI and ML in cybersecurity with STUDIO. This open analytics framework allows users to build advanced machine learning behavior models in-house and incorporate third-party AI frameworks and models into the platform.
Gurucul also led the way with automated threat-hunting capabilities, first announced in February 2020, which applied advanced ML algorithms to assess a wide range of behavioral attributes to identify anomalies, outliers, and indicators of compromise.
“Gurucul was founded more than a decade ago on the idea that the application of ML and AI on large data was an enabler for cybersecurity,” explains Saryu Nayyar, CEO at Gurucul.
“The recent widespread acceptance and use of Generative AI validates our continued investment and innovation in ML and AI.”
“Sme AI is purpose-built to support analysts in their day-to-day activities and help them detect, investigate and respond to threats so they can stay ahead of adversaries.”
“While attackers are using AI and manipulating common frameworks to build malware, the security community needs to invest and leverage purpose-built AI to fight this battle more effectively.”
Gurucul Sme AI will dramatically improve threat detection and response capabilities.
Gurucul Sme AI to Detect
-
Gurucul Sme AI provides proactive suggestions for detection and threat-hunting queries. This increases threat-hunting efficacy, reduces mean time to detection (MTTD), uncovers unknown threats and indicators, and quickly adapts to changing/dynamic/new datasets at a speed impossible for humans to manage alone.
-
Gurucul Sme AI creates new threat content based on recent trends and learnings across customers and industry verticals to dynamically build detection rules, models, queries, reports, and more.
-
Gurucul Sme AI is trained for cyber threat detection, insider threats, ITDR, identity, and access-based incidents, including account compromise, AD/LDAP attacks, etc.
Gurucul Sme AI to Investigate
-
Gurucul Sme AI auto-triages alerts based on historical triage patterns, investigation notes, types of detection, relevance, attack trends, etc. This helps analysts prioritize investigating the riskiest alerts, empowers users, and speeds up investigations by moving away from multiple screens, clicks, and queries and streamlining other interactions with the platform.
-
Gurucul Sme AI leverages contextually aware and enriched data for efficient investigations.
Gurucul Sme AI to Respond
-
Gurucul Sme AI easily automates key incident response activities, including creating custom reports, taking bulk actions, and multi-step workflows.
-
Gurucul Sme AI supports natural language-based, free-form search to simplify and accelerate typical tasks and reporting.
-
Gurucul Sme AI provides auto-response based on historical response actions to significantly reduce manual steps for critical alerts.
-
Gurucul Sme AI recommends new SOAR playbooks based on the alerts and response action trends.
“This feature is the most recent example of how Gurucul is upholding our guiding principles of improving the user experience and fostering better collaboration,” added Nilesh Dherange, CTO at Gurucul.
“We are constantly working to improve the reliability of our Sme AI by augmenting it with traditional ML techniques, scoping down attributes, workflows, and more.”
In Las Vegas, Gurucul will showcase its Sme AI capabilities at Booth #3041 at Black Hat USA 2023 today and tomorrow (August 9-10, 2023).
The launch of Sme AI comes quickly after the launch of the Gurucul Security Analytics and Operations platform, Powered by Snowflake, that will enable customers to seamlessly run Gurucul’s Next-Gen SIEM, Open XDR, UEBA, and Identity Analytics solutions on the Snowflake Data Cloud.
The Powered by Snowflake platform allows data, services, and applications to be optimally deployed between the Snowflake Data Cloud and Gurucul’s cloud-native infrastructure.
In April 2023, Gurucul announced an extension of the capabilities of its award-winning Security Analytics and Operations Platform to help organizations cost-effectively secure their increasingly complex cloud architectures, reach deeper insights faster, and enrich enterprise-wide visibility.
The latest innovations provide industry “firsts” like 500 days of searchable data, robust purpose-built security use cases, identity-based threat detection and response (ITDR) coverage, and unified observability for any cloud environment.
Gurucul was positioned furthest to the right for completeness of vision in the 2022 Gartner Magic Quadrant for Security Information and Event Management and ranked in the top three for all SIEM use cases in the 2022 Gartner Critical Capabilities for SIEM.
Gurucul is changing the way organizations protect their most valuable assets, data, and information from insider and external threats both on-premises and in the cloud.
Gurucul’s real-time Cloud-Native Security Analytics and Operations Platform provides customers Next Generation SIEM, Open XDR, UEBA, and Identity and Access Analytics in one unified platform, combining machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches.
Global 1000 companies and government agencies use Gurucul technology to fight cybercrimes, IP theft, insider threat, and account compromise, as well as for log aggregation, compliance, and risk-based security orchestration and automation for real-time extended detection and response.
To learn more, visit gurucul.com.
Gurucul Takes Platinum in Fifth ‘ASTORS’ Homeland Security Awards Program
American Security Today’s Annual ‘ASTORS’ Awards is the preeminent U.S. Homeland Security Awards Program, and now in its Eighth Year, continues to recognize industry leaders of Physical and Border Security, Cybersecurity, Emergency Preparedness – Management and Response, Law Enforcement, First Responders, as well as federal, state and municipal government agencies in the acknowledgment of their outstanding efforts to Keep our Nation Secure.
Gurucul
Best Security Incident & Event Management Solution (SIEM)
-
Gurucul Next-Gen SIEM
-
SIEM plays a major role for enterprises looking to reduce the overall security attack surface (and false positives) and resource burdens on security teams. But as attackers get more sophisticated and networks more complex, SIEM tools must evolve as well.
-
The conventional SIEM paradigm presents Events and Incidents identified by rules-based analytics without context. But Gurucul takes a different approach to SIEM.
-
Gurucul’s Next-Gen SIEM is cloud-native, built for speed and scale, and helps to modernize security operations by delivering ultra-high-fidelity detection and automated response. It leverages over 2500 Machine Learning Models powered by data science to produce actionable risk intelligence, and doesn’t rely on signatures, rules, or patterns.
-
It allows organizations to identify zero-day threats in real-time and is designed to provide both contextual and situational awareness to detect and stop malicious behavior before cyber criminals or rogue insiders can do harm.
-
Gurucul’s Next-Gen SIEM includes a variety of key features, including a cutting-edge lightweight SaaS architecture with cloud elasticity and predictable costs, real-time threat detection, the industry’s most advanced data-science powered Machine Learning behavior analytics, and the market’s most diverse security content library.
-
Furthermore, its advanced and intuitive UX provides contextual investigation and intelligent timeline views, blazing fast searches, and risk-based responses. The open, flexible, and extensible platform also unifies SIEM, XDR, UEBA, SOAR, NTA, and Identity and Access Analytics with a single seamless and consolidated view. It supports an open choice of big data repositories and can be deployed flexibly on any leading big data infrastructure.
-
This protects existing IT investments, eliminates data duplication, and reduces storage fees. Customers can simply layer Gurucul’s advanced security analytics engine on top of their existing or new Hadoop, Cloudera, Hortonworks, MapR and Elastic/ELK deployments.
-
Finally, Gurucul’s Next-Gen SIEM is built to scale. Many agencies have over 250,000 employees. One health insurance customer uses Gurucul to analyze 8 million identities and 500 big data nodes. Another health insurer is using Gurucul to apply advanced analytics to over 15 million identities belonging to employees, partners and customers, and a large financial institution has deployed Gurucul advanced security analytics with its custom cloud big data lake on AWS to risk score access and activity, reduce access risks, and detect unknown threats.
-
*Gurucul is a returning ‘ASTORS’ Award Champion, having secured Wins in the 2020, 2019, 2018, and 2016 Homeland Security Awards Programs, respectively.