Overview

Gurucul Risk Analytics (GRA) is a multi-use UEBA platform with an open architecture that supports a choice of big data repositories for scale, has the ability to ingest virtually any dataset for desired attributes, and includes configurable prepackaged analytics. In addition, Gurucul STUDIO which is a part of GRA enables customers to create custom machine learning models to meet unique requirements without coding and with minimal data science knowledge. Gurucul GRA ingests and analyzes huge volumes of data generated when users access and interact with business applications, in both the data center and the cloud, to generate risk scores, identify security threats and prevent data breaches.

Gurucul is changing the way enterprises protect themselves against insider threats, account compromise, IP and data theft, external attacks, and data exfiltration on-premises and in the cloud. The company’s security intelligence and analytics technology uses machine learning, anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and to identify, predict and prevent breaches. Gurucul technology is successfully deployed worldwide, by government agencies and Global Fortune 500 companies.

By offering an open choice of big data lakes, the Gurucul Risk Analytics (GRA) platform, which itself runs on Hadoop can be deployed flexibly on any leading big data infrastructure. This helps customers protect existing IT investments, eliminate data duplication, and reduce storage fees. Customers can simply layer Gurucul’s advanced security analytics engine on top of their existing or new Hadoop, Cloudera, Hortonworks, MapR and Elastic/ELK deployments.

Unlike alternatives, Gurucul Risk Analytics (GRA) goes beyond rules, signatures and patterns with machine learning models based on big data from on-premises and the cloud, to learn normal base lines and apply advanced security intelligence and analytics that detects abnormal user and entity behavior. Additionally, GRA extends beyond traditional UEBA and provides the ability to reduce the attack surface area of access through identity analytics (IdA). Gurucul GRA applies a risk-based approach for certifications, access requests and approvals, plus removes excess access, access outliers and cleans-up orphan and dormant accounts. This holistic approach combining UEBA and IdA together identifies with precision the compromise and misuse of identity, which is the root of most modern cyber threats. This is underscored by the 2017 Verizon Data Breach Investigations Report (DBIR), which found that a whopping 81% of hacking-related breaches use either stolen and/or weak passwords making identity a core issue of modern threats.

Gurucul GRA leverages 300+ ready to use machine learning models for on-premises, cloud or hybrid environments. Over 30 data connectors speed ingestion of popular data sources, plus a flex connector enables any data source to ingest into GRA, with no waiting on roadmaps or professional services. GRA focuses on 33 primary use cases for threats, access and cloud. More advanced customers can customize risk weightings plus develop their own machine learning models without coding within GRA.

Customers of GRA have achieved the following benefits:

A financial firm reduced accounts and entitlements by 83% leveraging identity analytics (IdA) to reduce the surface area for identity to business requirements. Adopting a risk-based approach for identity access, the customer migrated to risk-based certifications, access requests and approvals plus deploying intelligent roles provided from GRA.

A large health insurance organization is using Gurucul on top of hundreds of Hortonworks big data nodes. It is applying advanced analytics to over 15 million identities belonging to employees, partners and customers that risk score activity and identify conditions that require further investigation by security analysts or automated risk response such as adaptive access management, issuing self audits or remediating privileged access outliers.
Meanwhile, a large financial institution has deployed Gurucul advanced security analytics with its custom cloud big data lake on AWS to risk score access and activity, reduce access risks and detect unknown threats.
Another insurance firm deployed Self Audits from GRA to over 60,000 end users to raise security awareness, provide deterrence and collaborate with users to detect identity theft and abuse. One privileged user detected an access anomaly when out of work on a weekday, the investigation later surfaced the account had been compromised 3.5 years.