Gurucul Risk Analytics (GRA)

Promote this Nomination

Additional Info

Company (that provides the nominated product / solution / service)Gurucul
Company size (employees)100 to 499
Type of solutionHybrid

In 3 bullets, summarize why this product or service is different from the competition and deserves recognition:

Gurucul GRA is a proven big-data security analytics solution that has been successfully deployed by government agencies and global Fortune 500 companies across the financial, healthcare, technology, retail and manufacturing sectors to detect and deter insider threats, account compromise, fraud, IP theft, advanced external attacks and more. Customers include one of the world’s largest Internet payment companies, a top 5 US health insurer, large financial services firms, and government agencies.

Gurucul was the only vendor cited for meeting all five use cases outlined in the Market Guide for UEBA report by analyst firm Gartner: security management, insider threats, data exfiltration/DLP, identity access management, SaaS security, plus the extra qualifications for compliance and cyber fraud.

Gurucul has received industry recognition and accolades for its innovations in UEBA and security analytics. In 2017, Gurucul Risk Analytics (GRA) received the Best User Behavior Analytics Solution Award for the second consecutive year from Cyber Defense Magazine (CDM) and was selected winner for the Best User & Entity Behavior Analytics (UEBA) Solution by Government Security News (GSN). Also in 2017, Gurucul’s customer Sallie Mae (Nasdaq: SLM), the nation’s saving, planning, and paying for college company, was named a 2017 CSO50 Award honoree by CSO. Gurucul GRA was named Best Behavior Analytics/Enterprise Threat Detection in the 2016 SC Awards in both the US and Europe. The company was named SINET 16 Innovator in both 2014 and 2015, Gartner Cool Vendor in 2014, and won the 2016 CDM award for Best Insider Threat Prevention Solution, and more. In a product review of Gurucul GRA published by SC Magazine, editors spoke highly of Gurucul GRA: “This is, hands-down, the most sophisticated example of behavioral analytics we have seen to date. While they are not the only player in this space, their product is well thought-out and it really works well.”

Brief Overview

Gurucul Risk Analytics (GRA) is a multi-use UEBA platform with an open architecture that supports a choice of big data repositories for scale, has the ability to ingest virtually any dataset for desired attributes, and includes configurable prepackaged analytics. In addition, Gurucul STUDIO which is a part of GRA enables customers to create custom machine learning models to meet unique requirements without coding and with minimal data science knowledge. Gurucul GRA ingests and analyzes huge volumes of data generated when users access and interact with business applications, in both the data center and the cloud, to generate risk scores, identify security threats and prevent data breaches.

Gurucul is changing the way enterprises protect themselves against insider threats, account compromise, IP and data theft, external attacks, and data exfiltration on-premises and in the cloud. The company’s security intelligence and analytics technology uses machine learning, anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and to identify, predict and prevent breaches. Gurucul technology is successfully deployed worldwide, by government agencies and Global Fortune 500 companies.

By offering an open choice of big data lakes, the Gurucul Risk Analytics (GRA) platform, which itself runs on Hadoop can be deployed flexibly on any leading big data infrastructure. This helps customers protect existing IT investments, eliminate data duplication, and reduce storage fees. Customers can simply layer Gurucul’s advanced security analytics engine on top of their existing or new Hadoop, Cloudera, Hortonworks, MapR and Elastic/ELK deployments.

Unlike alternatives, Gurucul Risk Analytics (GRA) goes beyond rules, signatures and patterns with machine learning models based on big data from on-premises and the cloud, to learn normal base lines and apply advanced security intelligence and analytics that detects abnormal user and entity behavior. Additionally, GRA extends beyond traditional UEBA and provides the ability to reduce the attack surface area of access through identity analytics (IdA). Gurucul GRA applies a risk-based approach for certifications, access requests and approvals, plus removes excess access, access outliers and cleans-up orphan and dormant accounts. This holistic approach combining UEBA and IdA together identifies with precision the compromise and misuse of identity, which is the root of most modern cyber threats. This is underscored by the 2017 Verizon Data Breach Investigations Report (DBIR), which found that a whopping 81% of hacking-related breaches use either stolen and/or weak passwords making identity a core issue of modern threats.

Gurucul GRA leverages 300+ ready to use machine learning models for on-premises, cloud or hybrid environments. Over 30 data connectors speed ingestion of popular data sources, plus a flex connector enables any data source to ingest into GRA, with no waiting on roadmaps or professional services. GRA focuses on 33 primary use cases for threats, access and cloud. More advanced customers can customize risk weightings plus develop their own machine learning models without coding within GRA.

Customers of GRA have achieved the following benefits:

A financial firm reduced accounts and entitlements by 83% leveraging identity analytics (IdA) to reduce the surface area for identity to business requirements. Adopting a risk-based approach for identity access, the customer migrated to risk-based certifications, access requests and approvals plus deploying intelligent roles provided from GRA.

A large health insurance organization is using Gurucul on top of hundreds of Hortonworks big data nodes. It is applying advanced analytics to over 15 million identities belonging to employees, partners and customers that risk score activity and identify conditions that require further investigation by security analysts or automated risk response such as adaptive access management, issuing self audits or remediating privileged access outliers.
Meanwhile, a large financial institution has deployed Gurucul advanced security analytics with its custom cloud big data lake on AWS to risk score access and activity, reduce access risks and detect unknown threats.
Another insurance firm deployed Self Audits from GRA to over 60,000 end users to raise security awareness, provide deterrence and collaborate with users to detect identity theft and abuse. One privileged user detected an access anomaly when out of work on a weekday, the investigation later surfaced the account had been compromised 3.5 years.