We get a lot of briefing requests from market research firms. On this day, we were briefing a research director of a global firm on our Gurucul Fraud Analytics platform. We were demonstrating our product capabilities and showing our Reports module. Our CTO mentioned we have over 400 reports available out-of-the-box for compliance and regulation reporting across different categories. That’s when the research director said, “Only 400 reports? Is that all?” Then he laughed. And we laughed, too. Yes, that’s a lot of reports!
Out-of-the-Box Reports are Great
The great thing about out-of-the-box (OOTB) reports is that they are AVAILABLE NOW. You don’t need to configure them. You don’t need to do anything but run these reports, schedule these reports to run on a periodic basis, download them in PDF, text, or .CSV format, or send via email. There are report categories: Cloud Analytics Reports, Executive Reports, Security Operations Reports, User Reports, Compliance Reports, Network Threat Analytics Reports, Compliance Reports, Resource Reports, and more. And of course, there are literally hundreds of reports.
Here are just a few examples of OOTB reports offered by Gurucul:
- Active Accounts Associated with Inactive Users
- Application Privilege Access Abuse
- Groups Without Owners
- Entitlements Without Owner
- Dormant Entitlements
- High Risk Users
- Anomalies Detected
- Resource Activity Event
- Users with SOD Policy Violation
- Terminated Users Activities
- Risky Users This Week
- Orphan Accounts
- Location with High Risk Activities
- Top 50 High Risk Entitlements
- Top 5 Risky Systems or Applications
- Top 5 Risky Job Titles
Customized Reports are Even Better
OOTB reports are great, but customized reports offer better insight into user and entity activities, access and entitlements, and transactions that are of specific interest to the end client. With Gurucul, pretty much anything you can do with our products you can save as a customized report.
Our Investigate module enables a user to submit a specific a search query and filter the data based on the query. It’s a natural language contextual search capability we call Gurucul MinerTM. Our contextual search uses big data to mine linked users, accounts, entitlements, structured and unstructured data, along with risk score and peer group analytics. From a single console, you can use any query you like to investigate incidents and correlate data across channels.
We have various options to enable you to write your own query across a large number of criteria. When we say, “write your own query”, we really mean build a search query by right clicking search terms and adding them to the query with your mouse. It’s incredibly simple to use, and vastly more intuitive than writing SQL queries.
Unlike traditional threat hunting tools and SIEMs, Gurucul MinerTM uses artificial intelligence capabilities to uncover all behavior patterns and data relationships that map to the search profile. It conducts natural language searches across any combination of structured and unstructured data to provide a 360 degree view of user and entity behaviors based on HR/profile attributes, events, accounts, access permissions, devices, cases/tickets and anomalies.
Here’s the beautiful part: you can save and export results for reporting and compliance purposes. Once you create your query, you can save it as a report. You can choose the report name, description, the fields you want to export and whether you want to run it now or set it to run on a schedule. This is incredibly powerful stuff. In fact, many of our customers have stopped using our traditional reporting mechanism because Gurucul MinerTM gives them more flexibility and control over reporting dataset(s).
Get the Best of Both Worlds!
It’s good to start with pre-packaged reports since these have already been vetted by numerous customers in real-world scenarios. We’ve pretty much done our due diligence on what reports matter. Adding the ability to customize reports gives you the opportunity to create the best experience for your users and executives. The SOC team will care about different data and analytics than the Fraud team and the Identity team. Tweaking our reports or creating your own reports with data of significance to your organization is a definite advantage. In the end, it’s not about the number of reports, it’s about the quality of the report data and its relevance to the business.