Gurucul Cloud-Native XDR Sets Standard new for Threat Detection & Response

Provides “Single Pane of Risk” by Centralizing Extended Data from Siloed Third Party Security Tools and Applying Behavior-based Machine Learning to Drive Automated Responses to Threats

LOS ANGELES – Dec. 17, 2020 – Gurucul, a leader in Unified Security and Risk Analytics technology for on-premises and the cloud, today announced Gurucul XDR, a cloud-native analytics-driven platform that improves threat detection and incident response by applying ML analytics and advanced risk scoring algorithms to cross-layered telemetry from existing security and IT systems, applications, platforms, networks and services. Gurucul extended detection and response (XDR) significantly improves security operations effectiveness and productivity with extended data linking, out-of-the-box integrations, contextual ML analytics and risk-prioritized alerting that enables intelligent investigations and risk-based response automation.

According to Gartner, “XDR products aim to solve the primary challenges with SIEM products, such as effective detection of and response to targeted attacks, including native support for behavior analysis, threat intelligence, behavior profiling and analytics.” Further, “the primary value propositions of an XDR product are to improve security operations productivity and enhance detection and response capabilities by including more security components into a unified whole that offers multiple streams of telemetry, presenting options for multiple forms of detection and concurrently enabling multiple methods of response.”

“Most XDR products are based on legacy platforms limited to siloed telemetry and threat detection, which makes it difficult to provide unified security operations capabilities,” said Saryu Nayyar, CEO of Gurucul. “Gurucul Cloud-native XDR is vendor-agnostic and natively built on a Big Data architecture that can process, contextually link, analyze, detect, and risk score extended data sets on a massive scale. It uses contextual Machine Learning models and an advanced risk scoring engine to provide real-time threat detection and actionable risk-prioritized alerts that accelerate investigations, threat hunting and automate risk responses.”

Gurucul and Jeff Pollard, vice president and principal analyst at research and advisory firm Forrester recently presented a webinar on how Cloud-Native Analytics Driven XDR Drives Better Threat Detection & Response, the recording is available here:

Putting the “X” into XDR

Gurucul XDR goes beyond traditional XDR solutions by unifying data from a broader cross-section of security components including endpoints, networks, servers, cloud platforms, applications, IoT, SIEM, identity sources, and more. The platform’s contextual telemetry-based ML analytics reduces false positives by distilling events into risk-prioritized alerts that enable security teams to detect and respond to threats faster and more efficiently. Meanwhile, Gurucul XDR’s out-of-the-box machine learning models support a wide range of horizontal and industry specific use cases. In addition, Gurucul XDR enables organizations to create custom behavior models without coding for unique predictive security analytics use cases.

Reducing Case Resolution Time by 67%

Gurucul XDR provides the following capabilities that are proven to improve incident response times by nearly 70%:

Surgical Response
  • Automate response actions with risk-based triggers and orchestration playbooks
  • Customize machine learning models to automate responses based on specific triggers
  • Automate workflows to execute the right response and mitigate threats
  • Based on newly discovered threat patterns, use pre-built threat categorizations to prioritize threat hunting
Intelligent Centralized Investigation
  • Based on unified risk score, prioritize users and entities for investigation
  • Visualize the entire kill chain to investigate incidents
  • Accelerate investigations using big data to mine linked users, accounts, entitlements, structured and unstructured data, along with risk score and peer group analytics
  • Search across any combination of structured and unstructured data for a 360 view of user and entity behavior
  • Unify telemetry logs for contextual searches on big data for root-cause analysis after-the-fact and reduce investigation time
Rapid Incident Correlation and Causation 
  • Contain threats across multiple layers faster with detailed correlation and contextual data
  • Leverage automated incident timelines that create smart links of the entire attack lifecycle for pre and post incident analysis
  • Effectively trace attack origin and reconstruct steps with intelligent risk-prioritized telemetry data
  • Use AI to uncover behavior patterns and data relationships that map to search profile

Gurucul XDR is available immediately from Gurucul and its business partners worldwide.

1Gartner, Inc., “Innovation Insight for Extended Detection and Response,” by Peter Firstbrook and Craig Lawson, 19 March 2020

About Gurucul

Gurucul is a global cyber security and fraud analytics company that is changing the way organizations protect their most valuable assets, data and information from insider and external threats both on-premises and in the cloud. Gurucul XDR combines machine learning behavior profiling with predictive risk-scoring algorithms to predict, prevent and detect breaches.  Gurucul technology is used by Global 1000 companies and government agencies to fight cyber fraud, IP theft, insider threat and account compromise as well as for log aggregation, compliance and risk based security orchestration and automation for real-time extended detection and response. The company is based in Los Angeles. To learn more, visit and follow us on LinkedIn and Twitter.