Gurucul enables enterprises to protect against insider threats, account compromise, asset compromise, and data exfiltration. The company’s user behavior analytics and identity access intelligence technology uses machine learning and predictive anomaly detection algorithms to reduce the attack surface for accounts, unnecessary access rights and privileges, and identify, predict and prevent breaches. Gurucul provides a Hybrid Behavior Analytics (HBA) architecture with the breadth of Identity Access Intelligence to User Behavior Analytics, and the depth from cloud apps to on-premises behavior. Gurucul Risk Analytics (GRA) works on an open choice of big data lake.
Through integration, RSA Archer clients can leverage Gurucul to detect insider fraud, IP theft, external attacks, and risky anomalous behaviors. Security alerts can then be passed to RSA Archer to prioritize, manage and investigate.
Gurucul integration with RSA Archer enables organizations to:
Identify anomalous behaviors across users, accounts, applications, and devices using behavior analytics, machine learning, and peer group modeling using Gurucul STUDIO
Pass risk ranked security alerts including anomalous behavior indicators to RSA Archer for review and prioritization
Escalate high impact events to manage the incident response and the investigation process
Further reduce the effort required to triage cyber incident by leveraging contextual and enriched data from GRA Miner (Users, Identities, Accounts, Activities, Entitlements & Devices across enterprise and cloud)
Pull incident response/ remediation actions in GRA as feedback to re-baseline entity behaviors
Link RSA Archer incidents to GRA big data repository for additional investigations
Pull asset metadata (category, priority, allocation etc.) for impact analysis & entity risk scoring in GRA
Automate user, access and activity based controls & policies testing and risk scoring