While Gurucul detects and performs threat-hunting use cases with its machine learning and data science techniques, the platform also introduces much more relevant context and incorporates risk scoring as it integrates with the Zscaler Security Service Edge (SSE) platform. Gurucul assigns a risk score for every user and entity for which anomalies are triggered. Gurucul uses a risk-based approach to help analysts prioritize incidents for investigation, which enables customers to achieve a 90%-95% efficiency rate for true positive and impactful incidents to improve the variety and quality of investigations.
The Gurucul Security Analytics and Operations Platform drives high-efficacy threat detection and automated response with machine learning-based behavior analytics. There are several integrations with Zscaler solutions, all focused on detecting risky anomalous behavior before a malicious actor can do harm.
- ML-based models for detecting network and behavior anomalies
- Provide enriched context, along with other event sources, to detect compromised users and hosts
- Alert prioritization using risk-scoring
- Threat intelligence enrichment for known malicious sites and dark web activity