September Newsletter 2018


Quote of the Month

“You’re the only vendor to come talk to us after the sale.”

– SOC Manager, Gurucul Customer

The Backstory

Earlier this month, we met with our Executive Advisory Board. These are seasoned Chief Information Security Officers commanding enterprise security teams in various industries. In short, they are incredibly smart leaders who know exactly who they are and how they feel. They hold nothing back and this meeting was no different. We owe them a debt of gratitude for sharing their perspectives with us.

Credibility is Critical

At this meeting, credibility was a hot topic of conversation. How does a company establish and maintain credibility with its customers and prospects? How credible are we? Can we be believed and trusted?

Now, we’re not talking about street credibility. We are talking about business credibility. According to Wikipedia, credibility has two key components: trustworthiness and expertise. With respect to these components, how do we fare? Sometimes in life, you have to take a hard look at yourself to see where to improve. We went there.

Credibility of Product

The group agreed that credibility of product begins with the Proof of Concept (POC). If a company has a difficult time implementing our product during a POC, our credibility takes a hit. That generated a conversation about how to ensure a POC goes well.

An Advisory Board Member declared that use cases need to be crystalized. They need to be measured with pre-determined metrics. POCs that are too wide in scope can’t deliver results. His recommendation: go specific on use cases and knock them out of the park. Anything else that comes out of the POC is gravy on top.

A lesson we learned early on: data is critical. For a successful POC, we need to have the data up front and it needs to be good data. We have to truly define the POC and hold to that scope. This is how we are able to show results quickly in a POC. And, this is why we are winning POCs.

Credibility of Relationship

Everyone agreed that relationships deliver the best results. Are there things we don’t realize we’re doing? Are we building relationships with our customers of credibility and trust right from the beginning? If we go in and are wishy washy, that’s not credible.

One of the things we did at the RSA Conference a couple of years back was to provide “white glove” treatment to our customers. We didn’t see other companies giving clients the white glove treatment during the sales process to get value. That’s when we came up with Gurucul Labs.

Gurucul Labs is a Managed Security Analytics Service that provides customers a turn-key service to detect unknown unknowns using the Gurucul Risk Analytics (GRA) platform. The service is designed to leverage GRA advanced analytics capabilities in the most effective and efficient manner, and to align with customer-specific priorities. It’s a unique mix of people, process and technology. And, it has completely changed the customer experience. That’s how we are giving our customers the white glove treatment today.

Credibility is Earned

The meeting ended with a story about how we earned credibility with a new customer. This customer recently purchased our product. They bought the product. We installed it. We left. A few weeks later, our services team called the client to check in on how everything was going. This is a standard practice at Gurucul: following up with clients after the sale to ensure their deployments are running smoothly and to answer any questions they may have. Our customers’ success is our most important asset.

That was when the SOC program manager told us, “You’re the only vendor to come talk to us after the sale.” We were stunned. This company buys a lot of security products from numerous vendors. He told us we were the only security company that came back in after we installed to ask how our product was doing in his environment. We earned credibility with that customer in that moment.

We’d like to earn credibility with you, too. Contact us for a POC today!

Gurucul CEO Named Thought Leader Of The Year By SC Media

Saryu Nayyar Recognized with 2018 Reboot Leadership Award for Pioneering Concept of Identity as a Security Perimeter and User Behavior Analytics

Speaking of credibility, Gurucul is pleased to announce that our CEO Saryu Nayyar has been recognized as a Thought Leader in SC Media’s Reboot Leadership Awards 2018. The annual awards, from the publisher of SC Magazine, honor executive and professional leaders for their unique, inventive and inspiring contributions that improve security, shape the industry, provide thought leadership, and otherwise have a positive impact on cybersecurity.

Saryu is profiled in SC Magazine here.

“I’m honored to be recognized as a thought leader by SC Media for my work in raising awareness for identity as a threat vector and Gurucul’s innovations in behavior analytics, which are helping shape the future of security,” said Saryu Nayyar, CEO of Gurucul. “We are committed to pushing the boundaries of innovation in behavior analytics to detect advanced security threats and provide the context and risk metrics needed to automate front line security controls.”

Read more


Gurucul Named a Strong Performer for Security Analytics by Independent Research Firm

Gurucul Risk Analytics Evaluated in Report that Looks at 13 Providers that Matter Most and How They Stack Up

Gurucul has been named a strong performer in the recent report, The Forrester Wave™: Security Analytics Platforms, Q3 2018. According to the report, “customer feedback indicates that Gurucul’s machine learning models, risk scoring, and flexibility are strengths… Enterprises looking for a robust security analytics tool with strong security user behavior analytics (SUBA) and data protection should consider Gurucul”.

read more


Attend The Webinar: Automating Security Controls Using Models and Security Orchestration

Speaker: Kurt Lieber, CISO, Aetna


Thursday​, October​ 18​
10:00-10:45​ AM​ PT

Many organizations have adopted machine learning and data analytics to help them identify security anomalies. However, mere identification isn’t good enough in a world where Petya and other modern attacks can take down 15,000 servers in a single organization in under two minutes.

To combat these new types of malware, organizations need to be looking at Model Driven Security Orchestration, where the security responses to emerging threats and attacks are automated and driven at machine speed. In this presentation, Kurt Lieber will provide an overview of Aetna’s security orchestration program.


Attend this webinar to learn:

  • How Gurucul machine learning models automate front line security controls
  • Why behavior analytics provides the necessary context to predict risk
  • Lessons learned from real-world deployments
register now


How Digital Transformation Can Save Cybersecurity

An article by Saryu Nayyar, CEO of Gurucul

Traditional security controls, now too manual and slow to keep pace with digital business processes, customer experiences and workflows are being relegated to the compliance toolbox.

They will satisfy regulators, auditors, security assessors and stakeholders who view security through the lens of established frameworks designed to align business and IT practices, such as ISO 27001, NIST 800-53, and so on.

While these frameworks are necessary, they are incapable of keeping pace with a threat landscape that keeps evolving. Adversaries are easily able to evade traditional security measures, using massive compute resources and data science, and by sharing resources and information in criminal forums to discover new weaknesses.

The primary drawback of the current security model is organizations are forced to manually tweak their controls in response to new threats. This process can take hours or days.

Based on the concepts of digital transformation, an ‘unconventional’ and data-driven approach is needed to thwart new and unforeseen threats. This model has emerged from intensive research into threat actor tactics using multiple sources of security intelligence and sector-based information sharing and analysis centers (ISACs). Some of the most effective of these new controls are model-driven.

read more


What’s New

BLOG: Detect Host Compromise With “Domains Generated Algorithmically”. This powerful machine learning model can detect if a URL has been dynamically generated, which can sometimes be a potential problem. This model examines a URL string and detects if the URL is bogus or malicious, improving the hit rate of predicting the level of potential misuse or malware. Read More.
BLOG: Detect Privileged Access Abuse With “Linear Regression”. This machine learning model compares user’s online activities on one axis, and user accounts with similar entitlements on the other axis. Events that stray from the norm are questionable. This is one method used by Gurucul Risk Analytics to identify anomalous outlier activity. Read More.
BLOG: Discover Privileged Accounts With “Entitlement Classification”. This machine learning model places evaluated identities with similar entitlement profiles into buckets. Once this is done, you can compare behavioral baselines of these ‘bucketed’ identities and evaluate whether their current behavior is similar or different – to uncover potentially anomalous activity. Read More.
BLOG: Pinpoint Departing Users With “Predictive Flight Risk”. Data detected by the Predictive Flight Risk machine learning model can raise a user’s overall risk score, representing the likelihood that the user is tending toward resigning from the organization. Users who are planning to resign often exhibit tell-tale predictable behaviors prior to actually submitting their resignation. Read More.


Join Us

SecTor Canada. October 1​-3​, 2018​. Toronto, Ontario. Gurucul is pleased to be sponsoring the premier IT Security conference in Canada.

Money20/20. October 21​-24​, 2018​. Las Vegas, NV. Visit Gurucul at this financial event to learn more about how our Fraud Analytics can detect and stop Financial Fraud including: Money laundering, Credit Card fraud, Identity fraud, Mortgage fraud, etc.

FS-ISAC Fall Summit. November 11​-14​, 2018​. Chicago, IL. The Financial Services Information Sharing and Analysis Center (FS-ISAC) is the global financial industry’s go to resource for cyber and physical threat intelligence analysis and sharing.

H-ISAC Fall Summit. November 26​-30​, 2018. San Antonio, TX. “Never Stand Alone” is the theme for this event. Gurucul will stand with you in our speaking session and at the exhibit hall.

Share this page: