Compliance mandates are difficult to manage with traditional security tools. Lack of visibility, disparate security solutions, siloed data, manual processes, and departmental obfuscation combine to make the act of proving compliance painful and ineffective. Organizations need to continuously provide monitoring, detection, and reporting that simplifies the audit process to disclose security incidents, avoid failing audits, and eliminate the possibility of fines.
Gurucul’s platform helps to facilitate compliance with standards and regulations such as ISO/IEC 27001, NIST 800-53, DFARS, ITAR, PCI DSS, HIPPA, the IoT Cybersecurity Act, and others.
- Monitor Access to Sensitive / Regulatory Data
Access activities to customer, patient and PII data
Access to audit trails and log files to detect potential tampering
Access attempts to customer, patient and PII data
Monitor and review of identity and access controls for systems
- Monitor and Report on User and System Activity
Monitor changes to systems identity and access controls including privilege escalation, access CRUD activities to individual and privileged access accounts
Monitor System Objects (accounts, transactions, tables, databases)
Track actions taken by any privileged access: root/administrative accounts, service accounts, individual user accounts with admin privileges
- Facilitate Data Protection with Data Masking
Determine and mask PII or sensitive information using field level classification and controls
Enable masking on a per field basis, including identities controlled by Gurucul’s role-based access controls
Provide access to sensitive information on a need-to-know basis by using workflow rules and approvals to change what is or is not masked
Support data encryption
Block sensitive data from being imported into the platform with the option of providing reference link to the original record so information is not duplicated
- Generate Compliance Reports
Leverage a comprehensive search and reporting platform with underlying big data architecture
Leverage out-of-the-box compliance reports
Build custom reports or draw the required data using simple natural language-based contextual search and export reports
Include evidence of infringements, supporting data for investigations, and validation of compliance
Maximize collection of security and compliance telemetry across entire infrastructure
Consolidate different types of security telemetry to show a full range of compliance and simplify audit requirements
Continue to meet and exceed security monitoring requirements with cloud migrations
Optimize and automate collection and retention of all relevant security data for auditing purposes
Leverage compliance-specific machine learning (ML) models and reporting
Increase Quality and Reduce Quantity of Data Retained
Increase the amount of telemetry and data ingested but lower the amount necessary to retain based on normalization, analytics, and targeted context.
Review Logs from All Other System Components Periodically
Based on the organization’s policies and risk management strategy, as determined by the organization’s annual risk assessment.
Follow Up Exceptions and Anomalies
identified during the review process
Retain Audit Trail History For At Least One Year
with a minimum of three months immediately available for analysis
Monitor and Analyze Security Alerts and Information
and distribute to appropriate personnel
TOP USE CASES
Gurucul can be used to comply with PCI DSS for monitoring access to network resources and cardholder data. According to PCI DSS, logs and security events must be reviewed for all system components to identify anomalies or suspicious activity. Gurucul reviews all events of monitored systems, identifies anomalous and risky activities, and has a built-in case management system. Cases are assigned to appropriate staff within the platform itself and the product integrates with 3rd party case management systems to ensure exceptions are documented and followed up.
Gurucul provides log storage in a format that supports compliance with PCI DSS. It supports storage and archiving of raw log data and allows online searching of raw logs which are stored on Apache Hadoop HDFS or your choice big data platform. Customers can retain raw logs for many years.
Just like other compliance mandates, Gurucul offers the necessary risk, access, audit, and integrity controls to enforce the HIPAA Privacy and Security Rules. Our healthcare customers are able to:
- Prevent health care fraud and abuse
- Guarantee security of health information
- Demonstrate privacy surrounding the use of individually identifiable health information
- Record and examine access and activity in information systems that contain or use e-PHI
The Gurucul platform provides holistic visibility and monitoring of any anomalous behavior due to unauthorized or abnormal access, accidental data loss or unlawful attempts of data exfiltration, account or identity compromise, or privilege access misuse. Driven by mature machine learning algorithms, it provides customers with 360° visibility and monitoring of user activities on IT and business applications and platforms deployed in enterprise or cloud environments. It uses advanced linking algorithms and expressions to enrich raw data received from various sources including HR and identity stores, IAM systems, application logs, threat intelligence feeds, security alerts from other point solutions like DLP and EPP, risk management platforms and asset inventories. ML models are run on the enriched contextual data to monitor any abnormal user behavior and provide risk-based actionable intelligence to drive appropriate remediation actions.