Gurucul Extends Cloud Security UBA to Protect MS Office 365

Visibility Across Cloud and On-Premises Hybrid Environments can Protect Confidential Data in SharePoint Online that Spans both Infrastructures

LOS ANGELES, CA – Gurucul, the user behavior analytics and identity access intelligence company, today announced a new version of its Cloud Analytics Platform (CAP) that supports the recently updated Microsoft Cloud API. By accessing new data inputs via this API, Gurucul CAP has further refined its machine learning models and predictive security analytics while adding new bi-directional integration capabilities for enforcement such as disabling user accounts when a risk or threat is detected. CAP is part of Gurucul Risk Analytics (GRA) that includes Threat and Access Analytics Platforms for complete visibility of cloud and on-premises hybrid environments.

Most enterprises will maintain confidential and intellectual property in both on-premise repositories and SharePoint Online |Office 365 for years to come. However, cloud-only security solutions have limited visibility into on-premises infrastructures in the same manner that log event management and SIEM products lack visibility into Cloud applications. As a result, multi-vendor User Behavior Analytics for hybrid environments has divided context and visibility which limits their effectiveness. Gurucul GRA provides an enterprise wide User and Entity Behavior Analytics (UEBA) solution for hybrid environments with the full context and visibility machine learning requires with big data infrastructure.

Gurucul CAP combines an API-based Cloud-Access Security Broker (CASB) architecture, UEBA and Identity Access Intelligence (IAI) capabilities for Microsoft Office 365 to predict and detect insider threats, account compromise, access abuse and data exfiltration. Gurucul can also monitor for access and privilege risks as well as anomalous user behavior across Office 365 applications even when they access on-premises resources with the full Gurucul Risk Analytics suite. Gurucul provides two (CASB and UEBA) of the top ten technologies that Gartner Inc. says organizations must have in their arsenal if they want to win the cybersecurity battle in 2016.

CASB Architecture with Enterprise Proven UEBA for Office 365

According to Verizon’s 2016 Data Breach Investigations Report, 63 percent of confirmed breaches involved stolen credentials. To predict and detect account compromise and access abuse for Office 365, SharePoint Online, OneDrive for Business and Azure Active Directory, Gurucul combines an API-based CASB with UEBA and IAI big data machine learning models. Since confidential data accessed using SharePoint Online often still resides both on-premises and in the cloud, Gurucul’s all in one solution provides the context and visibility across both infrastructures needed to predict and detect data exfiltration, insider threats and account compromise. Through bi-directional integration with Office 365, Gurucul can respond to risks and threats by revoking cloud and on-premises account access across the enterprise.

In one recent customer deployment involving Office 365, Gurucul was able to detect the following data exfiltration risks and privilege access abuses. Authorized users logged into Office 365 to download sensitive files with their credentials and privileges. First, a set of users archived the files for transfer to USB devices for exfiltration, second another group of users uploaded files to cloud data sharing apps, and third some users placed the files on internal file servers for other users to access often without permission to access them legitimately.

“Cloud applications like Office 365 continue to erode traditional enterprise security perimeters, leaving identity as the last line of defense against data breaches,” said Saryu Nayyar, CEO of Gurucul. “By combining hybrid environment visibility in one integrated solution, Gurucul can detect and protect against threats that move between cloud and on-premises infrastructures. This unique visibility allows us to apply big data machine learning models across the cloud and data center as if they were one environment, so we can identify anomalies associated with account compromise and insider abuse.”

Gurucul is the leader in UEBA and Identity Access Intelligence (IAI). The Gurucul GRA platform predicts and prevents attacks, by insiders or outsiders, that exploit user identities as a threat surface for compromising data center and cloud apps. It was recently named Best Behavior Analytics/Enterprise Threat Detection platform in both the 2016 SC Awards US and SC Awards Europe. Gurucul GRA combines IAI to reduce excess access rights and access outliers that open up identities to phishing and account compromise attacks, and UEBA to perform user behavior anomaly detection to identify account abuse, compromise and suspicious activity.

Gurucul CAP with support for Microsoft Office 365 is available immediately from Gurucul and its INSIDER business partners worldwide.

About Gurucul
Gurucul is changing the way enterprises protect themselves against insider threats, account compromise and data exfiltration on-premises and in the cloud. The company’s UEBA and identity access intelligence technology uses machine learning anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and to identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider threats, cyber fraud, IP theft, external attacks and more. The company is based in Los Angeles. To learn more, visit and follow us on LinkedIn and Twitter.