Visibility into Access and Activity Enables Privileged Employees and Partners to Instantly Detect Compromise and Threats
LAS VEGAS – Gurucul, the user behavior analytics and identity access intelligence company, today announced at Black Hat USA 2015 the addition of ID theft protection capability to the Self-Audit portal of its Gurucul Risk Analytics (GRA) platform. ID theft protection enables privileged insiders to receive alerts and review activity assigned high-risk scores across all their internal and cloud accounts to detect anomalies. By deputizing employees and business partners with access to sensitive systems and data into the security process, Gurucul enables organizations to identify hard to detect threats including account takeovers before wide spread damage can occur.
Gurucul will demonstrate the Self-Audit Portal this week at Black Hat booth 1126.
Developed with one of Gurucul’s Fortune 500 customers, the GRA Self-Audit Portal uses as an advantage the fact that users have more context and details about their activities than IT can collect and analyze. At several customers, GRA Self-Audit dramatically improved detection and response times, since alerts validated by users occurred early in the attack kill chain and exhibited a very low false positive rate.
The ID theft protection capability in GRA Self-Audit Portal provides alerts on anomalous behaviors and visibility into activity for internal and cloud accounts, device, geo-location and more. It can also map activity against peer groups and by resource type. Using data science, including machine learning, behavior modeling and risk analysis, Gurucul scores and ranks access and activity to identify threats. Users can drill down into high risk activities to review the events and objects affected, and determine whether they were legitimate actions on their part or evidence of account hijacking.
“Instead of looking for known-bad threat indicators in an ocean of good, Gurucul GRA uses identity intelligence and data science to model good behavior in order to expose unknown threats,” said Saryu Nayyar, CEO of Gurucul. “The addition of ID theft protection to the GRA Self-Audit portal takes this process one step further by enlisting privileged users. Since they can immediately recognize anomalous activity associated with their accounts when they see it, this helps contain threats that only they could detect in the early stages of an attack including account takeovers.”
The Gurucul GRA Platform
Gurucul is transforming enterprise security by treating user identities, access and activities as a threat surface. Gurucul GRA is based on the Gurucul Predictive Identity Based Behavior Analytics Engine (PIBAE), which uses identity data and machine learning algorithms to establish baseline behavior for each user/entity/device. This baseline is compared to dynamic peer group activity to detect anomalous patterns. GRA then uses predictive modeling with time-based norms to assign identities, access and activities a risk score and generate alerts. This 360 degree, contextual view of identities enables Gurucul to detect targeted, under-the-radar attacks, and insider threats.
Availability and Pricing
The new ID theft protection feature in the Self-Audit portal is available immediately, at no additional cost, to all Gurucul GRA customers.
About Gurucul
Gurucul is changing the way enterprises protect themselves against fraud, insider threats and external intruders. The company’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider fraud, IP theft, external attacks and more. Gurucul is based in Los Angeles. To learn more, visit us at www.gurucul.com and follow Gurucul on LinkedIn, Facebook and Twitter (@Gurucul).