Mark Shriner, Secure Talk Podcast host interviews Sanjay Raja, Gurucul VP of Product Marketing and Solutions in the Podcast: Optimizing Cyber Threat Detection & Response. Mark asks about Gurucul’s product offerings and what Sanjay sees in the marketplace for SIEMs, SOARs and more.
Below are a few highlights from the interview. You can listen to the full podcast on the Secure Talk website here.
Mark Shriner: If we hop in the elevator together and I ask you, what does Gurucul actually do, what would you tell me?
Sanjay Raja: It’s a platform that we’ve built that started out with focusing on user and entity behavior and understanding risky behavior, and then being able to highlight that in the beginning. Over time we’ve added a lot of other capabilities to the platform that allows us to identify malicious behavior starting out with that risk. That requires the understanding of devices, endpoints, network traffic, and all sorts of other activities. From there, the company has evolved into building a very strong security operations and insider threat platform. We are focused on confirming cyber-attacks, whether it’s an insider or outsider, more than just doing detection.
That’s really where our strength is – the ability to make it a lot easier to validate and confirm what a security operations team is seeing so that they can act more quickly. I’d say the biggest challenge of that today is a lot of manual processes and not getting enough data. Too much data coming in just over burdens security teams and even insider threat teams. Our ability to look through that noise and filter that noise, and really elevate what’s important, is really what the Gurucul platform is all about.
Mark Shriner: What is Gurucul’s unique selling point or positioning that you believe makes you deserve a seat at the table?
Sanjay Raja: When you look at security operations or any sort of security team and how they do their job, is that from beginning to end, there are a bunch of steps they have to go through. They call it a life cycle or journey they have to go through as part of their daily jobs. What Gurucul can do better than our competition, or vendors that are similar in the space, is from the beginning of that journey all the way to the end, we optimize every stage.
An organization’s biggest challenge is being able to stop a breach in time. It’s not just stopping it; it’s doing it quickly enough. Our ability to compress all those different stages around even deployment, gathering data, and being able to provide visibility to detect a threat to begin with.
To accelerate investigation, which is very often the long pole for any security organization, it’s very difficult for security teams to do that and prioritize incidents, and then build a response. It’s the fact that we’re doing this for the organization, the ability to customize detection and response and really make it work much better than other solutions, is the core of what we do.
I have to describe one thing in terms of how we differentiate ourselves from our competition. There are lots of different solutions like SIEMs and XDR vendors, and even other insider threat programs and endpoint detection response solutions. All those products are trying to serve the same purpose, which is – how do I enable a security team to be successful, faster, optimized and really prevent damage from tapping into an organization? That’s really what our goal is, and we feel we’ve developed a very differentiated platform to help security teams do that more effectively.
Want more? Listen to the full Podcast: Optimizing Cyber Threat Detection & Response (46:24):
Then contact us for more information or to schedule a demo of our Security Analytics and Operations Platform.