CISOs are up against ever-increasing and sophisticated cyber-attacks, while trying to ensure usability and user experience to support on-going digital transformation initiatives. To meet these needs, it is imperative to use a cutting-edge technology which offers advanced security capabilities. Using Gurucul’s machine learning behavior analytics, and big data context, instead of a simple rule-, pattern- or signature-based controls, will enable your organization to securely simplify user access to digital content.
Why Choose the Gurucul Consumer Behavior and Security Analytics Solution?
Gurucul Risk Analytics (GRA) uses patent pending machine learning algorithms and pattern matching expressions to link identity, access, activity and device specific data to build contextual visibility. Gurucul supports consumer application scale, providing an open choice of big data to store structured and unstructured data. In addition, Gurucul STUDIOTM provides flexibility to use out-of-the-box anomaly models or to build and customize business specific models based on underlying supervised or unsupervised machine learning algorithms and analytical techniques.
As a part of consumer application architecture and navigation flow, end users access applications from any endpoint device such as a laptop, smartphone, tablet, etc. A user’s endpoint data, including device ID, configuration, location, application context, etc., is captured and passed to Gurucul Risk Analytics for user and entity behavior analytics (UEBA) to identify anomalous activities and generate a user risk score. Applications use this risk score to influence the user experience including authentication and authorization decisions.
Gurucul Consumer Behavior and Security Analytics Highlights
GRA uses several analytics components to build user behavior context
GRA uses several application context points including application navigation, events, event description, categories, as well as the data values, to detect or prevent malicious and fraudulent user activity.
In addition to the user’s registered device information, additional contextual data such as device ID, configuration, location, application, browser details, access history, and device holding patterns are used to detect abnormal usage indicators.
Security Infrastructure Analytics
Security Infrastructure uses events and alerts generated by security solutions including firewalls, authentication systems, IDS/IPS, antivirus (AV), etc., to detect anomalous activity. Threat feeds including known blacklists, devices, threat actors, and malware information.
GRA can analyze and leverage network monitoring logs to look for malicious traffic based on unusual ports and protocols, bytes transferred, IP patterns, etc.