• Does your analytics platform support open choice for big data?• Get contextual visibility & low false positives for your information security team• Rules are great for known unknowns but not for unknown unknowns• Dynamic peer groups are essential for reducing false positives on anomalous behavior
A root of modern threat involves compromise or misuse of identities. Users have multiple accounts and entitlements, often in excess, providing an opportunistic environment for cyber crime, insiders and advanced attacks. A CIO’s goal is widespread data access and enablement, while CISOs struggle with declarative defenses and controls. The outcome is data breaches and escalating costs as preventive defenses decline in effectiveness. The rapidly growing volume of security data needs data science.
Why Choose Gurucul Risk Analytics?
Model good behavior to expose unknown bad through peer groups, clustering and outliers.
Analyze access and its abuse with identity-centric behavior analytics from big data.
Detect insider threats, account hijacking and abuse, plus data exfiltration.
Reduce and manage the account surface area with risk-based access controls.
Provide behavior analytics for on-premises and cloud application hybrid deployments.
Leverage predictive security analytics to risk-score incidents and drive ‘find-fix’ focus.
Gurucul Risk Analytics Components
Gurucul Risk Analytics has three components to address threat, access and cloud use, uniquely combining data science for user and entity behavior analytics (UEBA) and identity analytics (IdA)
• Risk-scored timeline to predict, detect and deter insider and advanced threats
• Identity-based threat plane behavior analysis for account hijacking and abuse
• Proactive and actionable alerting for anomalous behavior and risk scores
• High privileged access anomaly detection for misuse, sharing, or takeover
• Customizable dashboards, configurable policies and risk model optimization
• Work-centric UI with case management, or input to third-party solutions
• Self-audit portal deputizes users for risk awareness to detect identity theft
What makes Gurucul Risk Analytics more effective?
GRA’s core architecture is built on PIBAE™ (Predictive Identity-based Behavior Anomaly Engine)
GURUCUL STUDIOTM FOR GRA
Create custom machine learning models without coding and needing only a minimal knowledge of data science. Gurucul STUDIOTM provides a step-by-step graphical interface to select attributes, train models, create baselines, set prediction thresholds and define feedback loops. As part of Gurucul Risk Analytics (GRA), STUDIO supports an open choice for big data and a flex data connector to ingest any on-premises or cloud data source for desired attributes. Step outside the black box and create custom models for your own predictive security analytics needs
Gurucul Risk Analytics Successes
On the second day of using GRA, a manufacturing firm discovered two hijacked research accounts.
GRA reduced the number of accounts and entitlements by 83% for a financial firm, plus defined intelligent roles and provided dynamic access provisioning using behavior-based risk context.
GRA often finds high privileged access abuse and anomalous behavior in unexpected areas as unknown unknowns.
GRA reveals the common occurrence of departing employees and contractors accumulating data and information prior to exfiltration.
GRA eliminates terminated accounts with access to cloud applications.