New Products Based on Predictive Identity Based Behavior Anomaly Engine Pinpoint Insider Abuse and Hijacked Accounts to Prevent Fraud, Data Breaches
LOS ANGELES, March 26, 2015 – Gurucul, the identity-based threat detection and deterrence company, today announced two new products within the Gurucul Risk Analytics (GRA) suite which detects and prevents insider and external attacks with user behavior analytics. Gurucul Access Analytics Platform™ provides visibility and remediation for excessive and misaligned access permissions, while Gurucul Threat Analytics Platform™ detects account abuse and compromise. Since advanced attacks must exploit an identity to gain access to sensitive information and systems, GRA continuously monitors hundreds of attributes to identify, rank and alert on risks across users, accounts, applications and devices.
GRA is deployed by Fortune 500 companies in the financial, technology, retail, healthcare and manufacturing sectors. Gurucul customers include a leading internet payment company, a top three health insurance provider, a global semiconductor manufacturer and one of the oldest financial services companies in the US. The company was named a Gartner Cool Vendor in Identity and Access Management for 2014.
According to Gartner, Inc., “User behavior analytics (UBA) is transforming security and fraud management practices because it makes it much easier for enterprises to gain visibility into user behavior patterns to fin¬d offending actors and intruders… Unless your organization has strong analytical resources, favor UBA platforms that come with canned analytics, a rule engine and are easily con¬figured to support customized workflow, dashboards, data mining, reporting and interfaces to other systems.
Using Identity as a Security Perimeter
Gurucul is transforming enterprise security by treating user identities as a threat surface. GRA is based on the Gurucul Predictive Identity Based Behavior Anomaly Engine (PIBAE), which uses identity data and machine learning algorithms to establish baseline behavior for each user/device. This baseline is compared to peer group activity to detect anomalous patterns. GRA then uses
- Gartner, Inc. “Cool Vendors in Identity and Access Management, 2014”, 02 May 2014, Ray Wagner, Earl Perkins, Neil MacDonald
- Gartner, Inc. “Market Guide for User Behavior Analytics”, 25 August 2014, Avivah Litan, Mark Nicolett
predictive modeling to assign identities a risk score and generate alerts. This 360 degree, contextual view of identities enables Gurucul to detect targeted, under-the-radar attacks, and insider threats.
To address threats associated with access privilege misconfigurations and user account abuse or hijacking, Gurucul has introduced two new integrated products that can be deployed individually or together as part of the GRA Suite:
Access Analytics Platform (AAP): can predict and prevent risk associated with excessive and misaligned access permissions granted to users including High Privileged accounts. It also provides a comprehensive real-time view of identities, access, and activities across all applications, systems and resources. This provides a centralized view for managing, securing and governing identities and their access permissions, and executing risk based compliance.
Threat Analytics Platform (TAP): identifies and predicts malicious insiders and comprised accounts using behavior analytics, machine learning, and peer group modeling to assign a contextual risk score to identities (users/machines). It helps deter, detect and block fraud by proactively alerting on anomalous behaviors. TAP also provides a real-time contextual view of attack chains and extensive reporting capabilities.
“The root of virtually every major data and network breach can be traced back to a compromised identity,” says Saryu Nayyar, CEO of Gurucul. “Gurucul Risk Analytics continuously gathers security intelligence from every identity within an organization to detect and even predict risks very early in the kill chain – so both insider and external threats can be prevented or contained.”
The Gurucul Access Analytics Platform and Threat Analytics Platform are available immediately from Gurucul and its business partners worldwide.
Gurucul is changing the way enterprises protect themselves against threats inside their IT infrastructures from employees, third-party providers and external intruders. The company’s user behavior analytics technology uses machine learning and predictive anomaly detection algorithms to anticipate, identify and prevent breaches. Gurucul technology is used globally by organizations to detect insider fraud, IP theft, external attacks and more. Gurucul is based in Los Angeles. To learn more, visit us at www.gurucul.com and follow Gurucul on LinkedIn, Facebook and Twitter (@Gurucul).
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.