The Gurucul Security Analytics and Operations Platform drives high-efficacy threat detection and automated response with machine learning-based behavior analytics. The following integrations with CrowdStrike are focused on detecting risky anomalous behavior before a malicious actor can do harm:
- ML-based models for detecting anomalous user and device behavior (severity, volume-based, repeated risk devices, out-of-context user behavior, unusual sites in context to use and peer behavior, etc.)
- Provide enriched context, along with other event sources, to detect compromised hosts, in-memory malicious processes, and unusual or unknown software, etc.
- Attain a 360-degree view of users, permissions, devices, software, etc.
- Alert-prioritization using risk-scoring
- Threat intelligence enrichment
- Monitor container security and cloud workloads