Threat Analytics Platform (TAP)



Millions of alerts are generated by best-of-breed technologies deployed within your organization and writing correlation rules and policies to find actionable events can only address one part of the problem statement – YOU CAN WRITE RULES TO LOOK FOR ISSUES YOU KNOW BUT WHAT ABOUT THE UNKNOWN?


Gurucul’s Threat Analytics Platform is built upon our core architecture PIBAE (Predictive Identity Based Behavior Anomaly Engine) to identify anomalous behaviors of malicious insiders and comprised accounts by leveraging contextual identity based behavior analytics, machine learning, and peer group modeling.

Our big data enabled solution analyzes identity as a threat plane to protect an organization’s intellectual property, sensitive information, and deterring an attacker from an under-the-radar cyber campaign or sophisticated insider activity like IP Theft, Brand Damage, and Fraud.  Gurucul provides a Hybrid Behavior Analytics (HBA) architecture with the breadth of Identity Access Intelligence to User Behavior Analytics, and the depth from cloud apps to on-premises behavior.



Powered by Predictive Identity Based Behavior Anomaly Engine that provides:

  • Largest Library of Machine Learning Algorithms
  • Most Granular & Self Tuning Risk Modeling Capabilities
  • Flexible Meta Data Framework
  • Signature-Less Technology
  • Fuzzy logic based link analysis
  • Built to Scale Using Big Data Foundation

Purpose Built to Identify Behavior Anomalies

Self-training algorithms are tailored to identify learned anomalous behaviors immediately upon deploying the technology.

Detailed Insight into All Anomalous Behaviors – Endpoints, Applications, Devices, and Users

Context Aware Visibility of An Attack Lifecycle

Out of the box timeline view to highlight the anatomy of an advanced attack whether it be an insider or external.

Advanced Visualization & Workflow Centric UI

Situational Awareness with 3rd Party Intelligence Feed and Threat Sharing

Gain additional context by integrating 3rd party feeds and share industry specific threat scenarios.

Purpose Built to Identify Day Zero Anomalies

Detailed Insight into All Anomalous Behaviors – Endpoints, Applications, Devices, and Users

Machine learning algorithms are executed on 254 attributes to build different anomalous behavior profiles across the entities.

Context Aware Visibility of An Attack Lifecycle

Advanced Visualization & Workflow Centric UI

Visually see and analyze the threat for faster incident response and customize the views based on your operational needs.

Situational Awareness with 3rd Party Intelligence Feed and Threat Sharing


  • Predict, detect, and deter insider threats & Fraud
  • Proactive and actionable alerting on anomalous behaviors
  • Rapid and Enhanced ROI from Defense-In-Depth Solutions (e.g. SIEM, DLP)
  • Reduce the investigation time by more than 80% using contextual identity and visual investigation
  • Proactively find and stop data exfiltration
  • Soundproof cyber security infrastructure using Machine learning and intelligence driven big data security analytics

Read the Whitepaper

Request a Meeting

Request a Meeting


What a name!

What a name!

GURUCUL (goo-roo-cool)  

The name Gurucul comes from Sanskrit (गुरुकुल). This word is a contraction of the Sanskrit word ‘guru’ which means teacher or expert and ‘cul’ means extended family or group. In ancient times this was the place of learning. As a security analytics company expertise and learning hold a very special meaning as it reflects in our name.