Report Recommends Vendors who Profile Users, their Peer Groups, Devices and use Machine Learning to Detect Anomalies
LOS ANGELES – Gurucul, the user behavior analytics and identity access intelligence company, today announced that it was the only vendor to meet all five primary domain and use cases and the compliance and fraud qualifications in the Market Guide for User and Entity Behavior Analytics (UEBA) published by Gartner, Inc. on September 22nd. UEBA enables organizations to detect malicious and abusive behavior that otherwise goes unnoticed by existing security monitoring systems, such as SIEM and DLP.
According to the Gartner report organizations should: “Favor UEBA vendors who profile multiple entities including users and their peer groups, and devices, and who use machine learning to detect anomalies. These features enable more accurate detection of malicious or abusive users… and look for UEBA solutions that give your organization integrated visibility into on-premises, cloud-based and BYOD platforms and endpoints.”
Gurucul met all five use cases outlined in the report: security management, insider threats, data exfiltration/DLP, identity access management, SaaS security, plus the extra qualifications for compliance and cyber fraud.
The Gurucul Risk Analytics (GRA) platform uses identity-centric UEBA and access intelligence to help organizations detect and deter insider threats, cyber fraud and advanced external attacks. Several Fortune 500 companies in the financial, healthcare, technology, retail and manufacturing sectors including one of the world’s largest Internet payment companies, a top 5 US health insurer and large financial services firms have successfully deployed Gurucul.
“Gartner predicts that over the next three years, leading UEBA platforms will become preferred systems for security operations and investigations at some of the organizations they serve. Primarily because it is often much easier to discover certain security events and analyze individual offenders in UEBA than it is in many legacy security monitoring systems,” said Saryu Nayyar, CEO of Gurucul. “Gurucul Risk Analytics is currently being used by customers to address all five use cases outlined in the Gartner UEBA report, plus we are seeing increasing use of our platform for detecting and preventing cyber fraud.”
According to the report’s author, Avivah Litan, Gartner vice president and Distinguished Analyst, “the ease and time of a UEBA implementation, and its future effectiveness, largely depend on:
- The sophistication of the vendor’s analytics, that is, whether it incorporates statistical models and machine learning as opposed to just rules
- How much of the analytics comes prepackaged, that is, the vendor knows which data to collect for the various use cases, and which variables and attributes are important to the analytics
- How easy it is for the vendor to automatically integrate the required data
- How focused the organization’s use case is, how many datasets the use case requires and how well the organization’s use case aligns with the vendor’s domain expertise
- How much organizational involvement is required, for example, to write rules, clean up data such as dormant accounts and account privileges, and to assign weights to variables selected for evaluation
- How scalable the vendor’s solution and architecture is relative to the organization’s current and future requirements”
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Gurucul is changing the way enterprises protect themselves against fraud, insider threats and external intruders. The company’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches. Gurucul technology is used globally by organizations to detect insider fraud, IP theft, external attacks and more. Gurucul is based in Los Angeles. To learn more, visit us at www.gurucul.com and follow Gurucul on LinkedIn, Facebook and Twitter (@Gurucul).