Gurucul, a provider of unified security and risk analytics technology, is introducing automated intelligent threat hunting that uses artificial intelligence (AI) and machine learning (ML) to detect behaviors associated with cyber attacks and data breaches.
“One of the biggest challenges associated with threat hunting is the manual labor involved in piecing together data from various sources to trace the origin, tactics and techniques across different stages of an attack,” said Nilesh Dherange, CTO of Gurucul. “By combining link analysis and chaining, Gurucul automatically connects all of the events linked to an incident and provides hybrid/borderless context without the need for analysts to run multiple queries or use different applications.”
Gurucul provides agentless, out-of-the-box integrations that collect, ingest, and enrich data from disparate sources at massive scale, ensuring performance and providing real-time, end-to-end visibility and context.
The new AI/ML behavior analytics for guided proactive hunting of unknown threats, enriched with MITRE ATT&CK Framework tactics and techniques as well as risk scoring, pre-built playbooks and case management capabilities reduce detection and response times by 67%, according to the vendor.
Gurucul provides prebuilt threat libraries that include models, queries, data features, and playbooks to support a wide-range of threat hunting uses cases like insider threat detection, data exfiltration, phishing, endpoint forensics, malicious processes, ransomware detection, and network threat analytics, as well as cyberthreat, human centric and entity related threat scenarios.
These prepacked libraries help analysts prioritize base activities and focus on the proactive investigation of new and unknown threat patterns using contextual data. Meanwhile, new AI capabilities in Gurucul Miner help discover impacted users, devices and entities.
Gurucul AI enabled threat hunting capabilities apply advanced ML algorithms to assess a wide range of behavioral attributes to identify anomalies, outliers and indicators of compromise.
It uses more than 1600 pre-built cybersecurity and threat hunting models that cover hundreds of the most commonly used cloud, IoT, business, infrastructure, database and network applications in enterprises.
For more information about this release, visit https://gurucul.com/.