Gurucul, a leader in user and entity behavior analytics (UEBA) and identity analytics (IdA) and a 2016 Platinum ‘ASTORS’ Award Winner for Best Cyber Excellence Solution, is pleased to announce Gurucul Risk Analytics has been nominated to compete in the 2018 ‘ASTORS’ Homeland Security Awards Program.
Gurucul pioneered the cybersecurity category called user and entity behavior analytics (UEBA) and was the only vendor cited for meeting all five use cases outlined in the Market Guide for UEBA report by analyst firm Gartner:
- Security Management
- Insider Threats
- Data Exfiltration/DLP
- Identity Access Management
- SaaS Security
- plus Extra Qualifications for Compliance and Cyber Fraud
Gurucul Risk Analytics (GRA) is a multi-use UEBA platform with an open architecture that ingests virtually any dataset for desired attributes, and includes configurable out-of-the-box analytics.
GRA is changing the way government organizations and enterprises protect themselves against insider threats, account compromise, IP and data theft, external attacks, and data exfiltration on-premises and in the cloud.
The platform incorporates security intelligence, big data analytics, machine learning, anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, remove unnecessary access rights and privileges, and to identify, predict and prevent breaches.
(Gurucul is transforming the enterprise security with user behavior based machine learning and predictive analytics. Using identity to monitor for threats, Gurucul provides Actionable Risk Intelligence™. Courtesy of Gurucul and YouTube)
GRA monitors user behaviors to detect threats that appear as “normal” activity to traditional security products, including stolen login credentials and malicious authorized insiders.
It is a proven, mature UEBA platform that is successfully deployed worldwide by enterprises and government agencies.
While most UEBA solutions are on-premises only, or require another partner solution for cloud visibility, Gurucul GRA provides a cloud API-based solution for visibility into SaaS, IaaS, PaaS and IDaaS solutions to uniquely span on-premise and the cloud.
Organizations with IT resources that span the data center and cloud struggle to detect and prevent data exfiltration and privilege abuse.
Gurucul’s hybrid behavior analytics gives GRA 360 degree visibility to detect threats that evade cloud and data-center only security solutions.
GRA, which runs on Hadoop, supports an open choice of big data repositories and can be deployed flexibly on any leading big data infrastructure.
This protects existing IT investments, eliminates data duplication, and reduces storage fees.
Customers can simply layer Gurucul’s advanced security analytics engine on top of their existing or new Hadoop, Cloudera, Hortonworks, MapR and Elastic/ELK deployments.
Unlike alternatives, GRA goes beyond rules, signatures and patterns with machine learning models that learn normal base lines and apply advanced security intelligence and analytics to detect abnormal user behavior.
In addition to UEBA, GRA reduces the attack surface area of access through identity analytics (IdA).
(How Important is Identity as a Threat Plane? Learn More, courtesy of Gurucul and Vimeo)
GRA applies a risk-based approach for certifications, access requests and approvals to identify and remove excess access, access outliers, and orphan and dormant accounts.
By uniquely combining UEBA with IdA, GRA identifies with precision the compromise and misuse of identity, which is the root of most modern cyber threats.
Taking machine learning to the next level, GRA includes 300+ ready-to-use machine learning models for on-premises, cloud or hybrid environments.
Gurucul STUDIO, a unique part of GRA, enables organizations in high security industries like government, intelligence, law enforcement, etc. to define custom machine learning models to meet their specific requirements, customize risk weightings and develop their own machine learning models without any coding.
An industry-first, GRA’s Self-Audit capabilities empower government agency end users to monitor their own accounts for anomalous and suspicious access and activity.
Another area where GRA excels over the competition is in privileged access management (PAM). Traditional PAM solutions perform discovery at the account level.
However, many organizations assign high privilege entitlements to “normal” accounts as well.
Manually discovering high risk entitlements that exist outside of privileged accounts is impossible.
Consider an organization with 10,000 identities, where each identity has 10 accounts with 10 entitlements.
That would equal 1 million entitlements.
Gurucul GRA solves this big data security challenge using analytics and machine learning to scour through identities and accounts and identify privileged access down to the entitlement level across on-premises, cloud and hybrid environments.
For Federal Agencies, Gurucul Provides the Following Unique Capabilities and Value-Add:
- Predictive security analytics from user and entity behavior machine learning models
- Detection of account compromise, data exfiltration, access abuse and insider threats
- Identity analytics (IdA) to reduce the attack surface area due to excess access and access outliers
- Risk-based certifications for IAM (identity and access management), plus discovery of privileged access risks
- Self-audits for security awareness, deterrence and detection of identity and data theft
- Custom model development without coding or a minimal knowledge of data science
- Ability to model attributes from any desired dataset, including de-coupled big data
Finally, Gurucul GRA is Built to Scale.
Many customers have over 250,000 employees, and one health insurance customer uses GRA to analyze 8 million identities and 500 big data nodes.
- Another health insurer is using Gurucul on top of hundreds of Hortonworks big data nodes to apply advanced analytics to over 15 million identities belonging to employees, partners and customers.
- A large financial institution has deployed Gurucul advanced security analytics with its custom cloud big data lake on AWS to risk score access and activity, reduce access risks and detect unknown threats.
- Another insurance firm deployed Self Audits from GRA to over 60,000 end users to raise security awareness, provide deterrence and collaborate with users to detect identity theft and abuse.
Gurucul Risk Analytics has three components to address threat, access and cloud use, uniquely combining data science for user and entity behavior analytics (UEBA) and identity analytics (IdA)
Provides Behavior-Based Predictive Risk Scoring
• Risk-scored timeline to predict, detect and deter insider and advanced threats
• Identity-based threat plane behavior analysis for account hijacking and abuse
• Proactive and actionable alerting for anomalous behavior and risk scores
• High privileged access anomaly detection for misuse, sharing, or takeover
• Customizable dashboards, configurable policies and risk model optimization
• Work-centric UI with case management, or input to third-party solutions
• Self-audit portal deputizes users for risk awareness to detect identity theft
Provides Risk-Based Compliance and Provisioning
• Real-time 360-degree contextual view of identities, access and activities
• Identity analytics and roles from behavior analytics machine learning
• Radical reduction of accounts and access entitlements using behavior-based access
• High privileged access detection, plus obsolete, orphan and unused access reporting
• Risk-based certifications and dynamic access provisioning reduces effort and errors
• Access outlier discovery based on usage and dynamic peer group analytics
Provides Visibility into Cloud Access and Anomalies
• Full contextual visibility into cloud applications for identities, access and activities
• Cloud-to-cloud ready to use connectors for popular SaaS applications
• High Privileged Access (HPA) anomaly detection with detailed insight into outlier access
• Risk scores highlight compromise, hijacking, insider threats, and data leakage
• Manage accounts using identity access intelligence and risk-based certifications
• Leverage for hybrid deployments of on-premises and cloud behavior analytics
Why Consider Gurucul Risk Analytics (GRA)?
- Analyze access and its abuse with identity-centric behavior analytics from big data
- Model good behavior to expose unknown bad through peer groups, clustering and outliers
- Leverage predictive security analytics to risk score incidents and drive ‘find-fix’ focus
- Optimize resources and time with machine learning algorithm compute cycles
- Reduce and manage the account entitlement surface area with risk-based access controls
- Provide behavior analytics for on-premises, cloud applications and hybrid deployments
- Detect insider threats, account hijacking and abuse, plus data exfiltration
The company’s Founder and CEO Saryu Nayyar is passionate about developing and applying advanced technology to solve the biggest cyber security challenges government agencies and enterprises face.
Saryu’s vision that identity has become a security perimeter, with the advent of cloud applications and mobile computing, has become reality and has helped drive Gurucul’s innovation and market leadership.
Saryu collaborated with other industry luminaries to publish a book that explores the challenges posed by this new security landscape and offers practical guidance for security professionals. “Borderless Behavior Analytics – Who’s Inside? What’re They Doing?”
Gurucul Competes in 2018 ‘ASTORS’ Homeland Security Awards Program
- Platinum ‘ASTORS’ Award Winner
- Gurucul Risk Analytics (GRA)
- Best Cyber Excellence Solution
AST focuses on Homeland Security and Public Safety Breaking News, the Newest Initiatives and Hottest Technologies in Physical & IT Security, essential to meeting today’s growing security challenges.
The 2018 ‘ASTORS’ Homeland Security Awards Program, is organized to recognize the most distinguished vendors of Physical, IT, Port Security, Law Enforcement, Border Security, First Responders, (Fire, EMT, Military, Support Services Vets, SBA, Medical Tech) as well as the Federal, State, County and Municipal Government Agencies – to acknowledge their outstanding efforts to ‘Keep our Nation Secure, One City at a Time.’
As an ‘ASTORS’ competitor, Gurucul Risk Analytics will be competing against the industry’s leading providers of Innovative Vulnerability Management Solutions.
To Learn More about the ‘ASTORS’ Homeland Security Awards Program, see 2017 ‘ASTORS’ Homeland Security Award Winners Honored at ISC East.
Over 100 distinguished guests from National, State and Local Governments, and Industry Leading Corporate Executives from companies allied to Government, gathered from across North America and the Middle East to be honored from disciplines across the Security Industry in their respective fields which included:
- The Department of Homeland Security
- The Department of Justice
- The Security Exchange Commission
- State and Municipal Law Enforcement Agencies
- Leaders in Private Security