Virtualization Technology News and Information
Article
Search:
RSS
Follow VMblog.com:
Delivering a Friction-Free Experience for the Worker from Anywhere in the World
Gurucul Launches Industry's First Cloud-Native SOC Platform Pushing the Boundaries of Next-Gen SIEM and XDR with Identity Threat Detection and Response

Gurucul announced availability of the Gurucul Security Analytics and Operations Platform. A cloud-native, unified and modular platform for consolidating core security operations center (SOC) solutions with the vital addition of Identity Threat Detection and Response (ITDR) provides a unified next-gen SOC platform. The Gurucul platform converges the company's award winning Next-Gen SIEM, XDR, User and Entity Behavior Analytics (UEBA), Network Traffic Analysis (NTA), Security Operations and Automation Response (SOAR), and Identity Access Analytics (IAA) into a single pane of glass that is aligned with the evolving needs of the modern enterprise threat landscape - where identity has become the new perimeter.

Gurucul's innovative platform is purpose-built to automate and accelerate data collection, event and alert correlation, detection triage, investigation, and response to targeted attacks. It combines threat intelligence with an enterprise-class risk engine, delivering precise contextual detections, prioritized investigation, and risk-driven response actions that drastically reduce mean-time-to-detection (MTTD) and mean-time-to-response (MTTR). Gurucul's platform can also support the most complex deployments including on-premise, hybrid, and cloud (SaaS, private, GovCloud, and multi-cloud including multi-tenancy), addressing the needs of today's modern enterprise and managed detection and response (MDR) providers.

With increased sophistication around phishing, social engineering, credential theft, and supply chain attacks, it is more important than ever to go beyond current solutions that are overly concerned with endpoint security and focus on securing identities attached to multiple entities and devices. Based on remote work risks, accelerated cloud migration, and state-sponsored threat actor groups, there has been an increase not only in targeted and organized attack campaigns, but also insider risks and threats.

"The combination of an expanding attack surface with limited resources and constantly changing tools and techniques drives security operations teams' need for a comprehensive and consolidated platform approach. While the endpoint is critical, we must understand and work to secure the one constant, identity, which requires a new and innovative approach to threat detection, investigation and response programs," said Saryu Nayar, CEO of Gurucul. "Early and rapid detection occurs with a full set of endpoint, network, application, identity, cloud, and IoT telemetry context along with advanced analytics, including behavioral-based, and an extensive set of trained machine learning models. Gurucul has spent over 10 years developing specialized analytics and threat content that comprehensively covers all these datasets to eliminate manual tasks and enables automation across every stage of the security operations lifecycle."

As organizations are transforming their SOC to support multi-cloud deployments and zero trust programs, they are looking for an end-to-end solution to help them improve security analyst effectiveness in rapidly identifying and confirming, not just threats and alerts, but the entire attack campaign. While other SIEM or XDR solutions are just starting to scratch the surface of identity, Gurucul has been a provider of Identity Analytics solutions for over a decade with robust access analytics, broad integrations with various identity systems such as IAM, PAM, HRMS, CMDB, IDaaS etc., and risk-based access remediation and authentication. In conjunction with its UEBA capabilities, Gurucul helps customers get an understanding of current-state identity access and authorization policies, and access usage anomalies and risk exposures, to plan out a robust and secure zero trust strategy. The Gurucul platform is a critical part of any ongoing zero trust program as it will continuously monitor for anomalous user behaviors, access proliferation, and access misuse/violations, ensuring zero trust policies are not being evaded by either insider or external threat actors.

"Gurucul has detection and response capability for the entire cyber kill chain, covering a range of data telemetry across complex and distributed multi-cloud deployments as well as the enterprise," said Nilesh Dherange, CTO of Gurucul. "We've invested over a decade in building the most powerful suite of solutions in a single platform enabling real-time threat detection, investigation, and response for our customers with a quick ROI. The addition of identity and access based threat detection to its robust TDIR capabilities powered by advanced ML models, positions Gurucul to provide innovative solutions that address the ever-changing SOC needs."

The Gurucul platform uniquely provides a set of core capabilities that goes beyond current Next-Gen SIEM and XDR solutions that are critical in improving security operations effectiveness, including:

  • Deployment Options - On-premise, hybrid, cloud (including SaaS, private, GovCloud, and multi-cloud).
  • Multi-Cloud Threat Detection, Investigation, and Response - Real-time data ingestion, correlation, analytics, detection, and risk driven response across multiple clouds.
  • Automated Data Pipeline - An Automated Data Interpretation Engine to ingest structured and unstructured data from any source.
  • Gurucul STUDIO - Advanced and fully customizable analytics that include transparent machine learning models to accommodate custom use cases.
  • Enterprise-Class Risk Engine - All-encompassing analytics-driven risk scoring to accelerate investigation with high-fidelity alerts and automated responses.
  • Threat Intel & Content - The largest library of threat models, MITRE ATT&CK coverage, and curated threat intelligence powered by Gurucul Threat Labs.
  • Gurucul Miner - Contextual raw and normalized search across all data silos.
  • Risk Driven Security Control Automation - Out of the box case management, playbooks, workflows, and downstream integrations with the ability to customize.
  • Identity Threat Detection and Response - Identity-centric context across enterprise and multi-cloud environments, reduced identity and access threat plane, and automated threat detection early in the kill chain.

Availability and Pricing

The Gurucul platform is modular, delivering customized capabilities to match individual customer requirements. This includes full multi-tenancy, data segregation, flexible policy control and rapid scaling, especially suited for MDR providers. Customers can start with a single module and expand as needed with a simple license change, building towards a unified platform with no data replication or need to start over. Gurucul offers the following packaged software solutions including Next-Gen SIEM, Open XDR, UEBA, Identity Access Analytics that include or can be delivered with Network Traffic Analysis (NTA), Security Orchestration, Automation and Response (SOAR), and Fraud Analytics as stand-alone or add-on options. Gurucul's Security Analytics and Operations Platform is available immediately from Gurucul and its business partners worldwide.

Published Thursday, June 02, 2022 2:20 PM by David Marshall
Filed under:
Get This Featured White Paper: Mastering vSphere – Best Practices, Optimizing Configurations & More
You may also be interested in this white paper: How to Build a SANless SQL Server Failover Cluster Instance in Google Cloud Platform
Comments
There are no comments for this post.
To post a comment, you must be a registered user. Registration is free and easy! Sign up now!
Dev Slam
ContainerDays
vExpert
Calendar
<June 2022>
SuMoTuWeThFrSa
2930311234
567891011
12131415161718
19202122232425
262728293012
3456789