Gurucul Launches Cloud-Native SOC Platform to Improve Efficiency for Security Analysts

Gurucul has launched the Gurucul Security Analytics and Operations Platform. A cloud-native, unified and modular platform for consolidating leading Security Operations Center (SOC) solutions with the essential addition of Identity Threat Detection and Response (ITDR) provides a unified next-generation SOC platform .

Gurucul Platform Converges Next Generation SIEM, XDR, User and Entity Behavior Analysis (UEBA), Network Traffic Analysis (NTA), Security Operations and Automated Response (SOAR) and Identity Access Analytics (IAA) in a single pane of glass that aligns with the changing needs of the modern enterprise threat landscape – where identity has become the new perimeter.

Gurucul’s innovative platform is specifically designed to automate and accelerate data collection, event and alert correlation, detection triage, investigation and response to targeted attacks. It combines threat intelligence with an enterprise-class risk engine, delivering accurate contextual detections, prioritized investigations, and risk-focused response actions that dramatically reduce mean time to detection (MTTD) and mean time to response (MTTR) .

Gurucul’s platform can also support the most complex deployments, including on-premises, hybrid and cloud (SaaS, private, GovCloud and multi-cloud, including multi-tenant), meeting business needs. modern day and managed detection and response (MDR) providers.

With increased sophistication around phishing, social engineering, credential theft, and supply chain attacks, it’s more important than ever to move beyond current solutions that are overly concerned with security. endpoint security and focus on securing identities attached to multiple entities and devices. Based on the risks of remote working, accelerated migration to the cloud, and state-sponsored threat actor groups, there has been an increase not only in targeted and organized attack campaigns, but also internal risks and threats.

“The combination of an expanding attack surface with limited resources and ever-changing tools and techniques is driving security operations teams to need a comprehensive, consolidated platform approach. While the endpoint is critical, we must understand and work to secure the one constant, identity, which requires a new and innovative approach to threat detection, investigation and response programs,” said Saryu Nayar, CEO of Gurucul.

“Early and rapid detection occurs with a full set of endpoint, network, application, identity, cloud, and IoT telemetry contexts, as well as advanced analytics, including behavior, and a full set of trained machine learning models. Gurucul has spent over 10 years developing specialized analytics and threat content that comprehensively covers all of these datasets to eliminate manual tasks and enable automation at every stage of the security operations lifecycle.

As organizations transform their SOC to support multi-cloud deployments and zero-trust programs, they are looking for an end-to-end solution to help them improve security analyst efficiency by quickly identifying and confirming, not just threats and alerts, but the entire attack campaign. While other SIEM or XDR solutions are just beginning to scratch the surface of identity, Gurucul has been an Identity Analytics solution provider for over a decade with robust access analytics, broad integrations with various security systems identity such as IAM, PAM, HRMS, CMDB, IDaaS, etc., and remediation and risk-based access authentication.

In conjunction with its UEBA capabilities, Gurucul helps clients understand the current state of identity access and authorization policies, and access usage anomalies and risk exposures, to plan a trust strategy zero robust and secure. The Gurucul platform is an essential part of any ongoing zero trust program, as it will continuously monitor abnormal user behavior, access proliferation and access abuse/violations, ensuring that zero trust policies do not are not circumvented by internal or external actors.

“Gurucul has detection and response capability for the entire cyber attack chain, spanning a range of data telemetry across complex and distributed multi-cloud deployments as well as the enterprise,” said Nilesh Dherange, CTO of Gurucul. “We have invested over a decade building the most powerful suite of solutions on a single platform enabling real-time threat detection, investigation and response for our customers with rapid ROI. . Adding identity and access-based threat detection to its robust TDIR capabilities powered by advanced ML models, positions Gurucul to deliver innovative solutions that meet ever-changing SOC needs.

The Gurucul platform provides a core feature set that goes beyond current Next-Gen SIEM and XDR solutions that are essential for improving the efficiency of security operations, including:

  • Deployment options – On-premises, hybrid, cloud (including SaaS, private, GovCloud and multi-cloud).
  • Multi-cloud threat detection, investigation and response – Real-time data ingestion, correlation, analysis, detection and risk-based response across multiple clouds.
  • Automated data pipeline – An automated data interpretation engine to ingest structured and unstructured data from any source.
  • Gurucul STUDIO – Advanced and fully customizable analytics that include transparent machine learning models to adapt to custom use cases.
  • Enterprise-class risk engine – Risk scoring based on global analysis to accelerate investigation with high-fidelity alerts and automated responses.
  • Threat intelligence and content – The largest threat model library, MITER ATT&CK coverage, and threat intelligence curated by Gurucul Threat Labs.
  • Gurucul Miner – Raw and normalized contextual search across all data silos.
  • Automation of risk-based security controls – Out-of-the-box case management, playbooks, workflows, and downstream integrations with the ability to customize.
  • Identity threat detection and response – Identity-centric context in enterprise and multicloud environments, reduced identity and access threat plane, and automated threat detection early in the kill chain.

Availability and prices

The Gurucul platform is modular, offering customized capabilities to meet individual customer needs. This includes full multi-tenancy, data segregation, flexible policy control and rapid scaling, especially suitable for MDR vendors. Customers can start with a single module and expand as needed with a simple license change, evolving to a unified platform with no data replication or starting over.

Gurucul offers the following packaged software solutions including Next-Gen SIEM, Open XDR, UEBA, Identity Access Analytics which include or can be bundled with Network Traffic Analysis (NTA), Security Orchestration, Automation and Response (SOAR) and Fraud Analytics in as a stand -options alone or complementary.

Gurucul’s Security Analytics and Operations Platform is available immediately from Gurucul and its business partners worldwide.