Report Finds the UEBA Market is Maturing Around Vendors that Support Multiple Use Cases in Stand-Alone Solution
LOS ANGELES, Calif. – Dec. 19, 2016 – Gurucul, a leader in user and entity behavior analytics (UEBA) and identity analytics (IdA) for on-premises and the cloud, today announced it was mentioned as a representative vendor in Gartner’s Market Guide for User Entity Behavior Analytics (UEBA) (1) . Gartner identified Gurucul as a vendor that supports multiple use cases profiled in this research.
According to Gartner, “Security and risk management leaders should leverage user and entity behavior analytics to improve their organization’s threat detection capabilities across a variety of use cases… Look for UEBA products that give your organization integrated visibility into on-premises, cloud-based and bring your own device (BYOD) platforms and endpoints.”
Gurucul Risk Analytics (GRA) is a multi-use UEBA platform with an open architecture that supports a choice of big data for scale, the ability to ingest any dataset for desired attributes, prepackaged analytics open to adjustment, plus the ability to create custom machine learning models with no coding and a minimal knowledge of data science. Gurucul ingests and analyzes huge volumes of data generated when users access and interact with business applications, whether the data is in the company’s own data center or hosted in the cloud. The Gurucul GRA platform has been successfully deployed by government agencies and Global Fortune 500 companies.
“We believe our inclusion as a representative vendor in the Gartner Market Guide for UEBA validates why government agencies and the world’s leading financial, healthcare, retail and manufacturing brands rely on Gurucul to protect their intellectual property and confidential data,” said Saryu Nayyar, CEO of Gurucul. “Our continued innovations in analytics and machine learning models, ability to support any data source and provide choice of big data platform, allows our customers to improve their access risk and threat detection capabilities across a variety of use cases.”
Gurucul GRA provides the following for enterprise readiness and UEBA technology:
- Multi-use UEBA solution for threat, access and cloud analytics in hybrid environments
- Built upon big data with an open choice (e.g. Hadoop, Cloudera, Hortonworks, MapR, Elastic) for architectural scale on-premises and in the cloud
- Flexible metadata with flex data connector for any dataset and desired attributes
- Open architecture to import models, create custom models and adjust risk weightings
- Prepackaged analytics in over 200 machine learning models for over 30 use cases
- Dynamic peer groups eliminate issue of existing bad behavior in baselines
- Easy to use step-by-step rules engine and an open query tool for big data
- Role-based access controls by entity and function customizable to customer requirements
- Workflow with an internal ticketing system or integration with Remedy, ServiceNow or Salesforce
- Data masking through workflow for privacy, plus tokenization or encryption of data at rest
- RESTful API layer for bi-directional integrations enabling automated risk response
- Radical reductions in excess access and outliers to reduce surface area for UEBA
- Discovery of privileged access risks often outside lists and vaults for UEBA accuracy
Gurucul GRA has introduced several industry-first UEBA capabilities, including self-audit that empowers users to monitor their access for risk-ranked anomalous and suspicious activity, similar to the feedback loop that credit cards and credit monitoring agencies provide for their customers. The rich context that users provide goes beyond the knowledge of analysts in security operation centers to identify and confirm anomalies. Self-audits also provide security awareness and deterrence as key elements of an insider threat program.
Gurucul’s newest release of GRA includes another first: Gurucul STUDIO. The intuitive step-by-step graphical interface does the heavy lifting to enable customers to create their own custom machine learning models without the need for data science expertise or coding. This is ideal for regulated industries or government organizations that cannot share their data sources or use cases.
Along with providing customers the ability to make use of an open choice for big data, GRA also includes a flex data connector to ingest legacy (i.e. mainframe, building access systems) or new (i.e. SaaS apps, CASBs) data sources without coding or the need for professional services. This enables customers to analyze any dataset with desired attributes through machine learning models with predictive risk scoring outcomes.
Over Gurucul’s seven year history, industry firsts also include the ability to run natively on an open big data platforms, pioneering dynamic peer groups to greatly increase the accuracy of outliers and eliminate the issue of bad behavior in baselines, plus providing hybrid behavior analytics with a single risk view across on-premises and cloud environments.
(1) Gartner, Inc. “Market Guide for Market Guide for User and Entity Behavior Analytics” by Toby Bussa, Avivah Litan, Tricia Phillips, 8 December 2016.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gurucul is changing the way enterprises protect themselves against insider threats, account compromise and data exfiltration on-premises and in the cloud. The company’s user and entity behavior analytics and identity analytics technology uses machine learning anomaly detection and predictive risk-scoring algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and to identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider threats, cyber fraud, IP theft, external attacks and more. The company is based in Los Angeles. To learn more, visit www.gurucul.com and follow us on LinkedIn and Twitter.