Gurucul enables enterprises to protect against insider threats, account compromise, asset compromise, and data exfiltration. The company’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches. Gurucul provides a Hybrid Behavior Analytics (HBA) architecture with the breadth of Identity Access Intelligence to User Behavior Analytics, and the depth from cloud apps to on-premises behavior. Gurucul Risk Analytics (GRA) works on an open choice of big data lake.
Through integration, RSA Archer clients can leverage Gurucul to detect insider fraud, IP theft, external attacks, and risky anomalous behaviors. Security alerts can then be passed to RSA Archer to prioritize, manage and investigate.
Gurucul integration with RSA Archer enables organizations to:
- Identify anomalous behaviors across users, accounts, applications, and devices using behavior analytics, machine learning, and peer group modeling using Gurucul STUDIO
- Pass risk ranked security alerts including anomalous behavior indicators to RSA Archer for review and prioritization
- Escalate high impact events to manage the incident response and the investigation process
- Further reduce the effort required to triage cyber incident by leveraging contextual and enriched data from GRA Miner (Users, Identities, Accounts, Activities, Entitlements & Devices across enterprise and cloud)
- Pull incident response/ remediation actions in GRA as feedback to re-baseline entity behaviors
- Link RSA Archer incidents to GRA big data repository for additional investigations
- Pull asset metadata (category, priority, allocation etc.) for impact analysis & entity risk scoring in GRA
- Automate user, access and activity based controls & policies testing and risk scoring
Solution and Platform Information
- Solution Area: RSA Archer IT & Security Risk Management
- Impacted Use Cases: RSA Archer Security Incident Management
- On-Demand Application (ODA) Requirements: One (1) ODA is required for this integration.
- Supported Platform Version: This offering has been validated on RSA Archer Platform release 6.2.
For More Information
To learn more about the Gurucul RSA Ready certified integration: