Gurucul announced Gurucul Labs, a managed security analytics service based on the Gurucul Risk Analytics (GRA) platform which provides the data science expertise many organizations lack to operationalize their investments in behavior based security analytics.
Gurucul Labs combines people, processes and technology to help organizations discover threats in real-time and expedite responses to malicious insiders, unusual usage activity, compromised accounts or hosts, network intrusions, data exfiltration and more.
The service provides machine learning algorithms and anomaly model tuning and refinement by data scientists based on intelligence gathered from the Carnegie Mellon US-CERT team, Gurucul’s other research partners, and global customers.
The Gurucul Labs service provides customers the following resources:
Security architect: To ensure a scalable security architecture (systems integration, cloud, hybrid, on-premise deployment architecture, security architecture) and security data validation.
GRA engineer: To facilitate GRA implementation, administration and maintenance activities.
Security analyst: To support security threat research, use case identification and design, triage of incidents, case investigation, fine tuning feedback, case management and reporting.
Fraud analyst: To research insider and third party fraud scenarios, suggest data tagging and access control, investigate fraud cases, perform impact analysis and suggest response actions.
Data scientist: To review data sets, behavior models and tuning suggestions.
“Many organizations lack the in-house resources and expertise to optimize their investments in behavior based security analytics,” said Nilesh Dherange, chief technology officer for Gurucul.
“Gurucul Labs eliminates this roadblock, and enables customers to operationalize the collective intelligence of Gurucul’s experts, research partners like the Carnegie Mellon US-CERT team and best practices from the Gurucul customer community — to protect their environments.”
Gurucul Labs highlights
Gurucul Labs provides an end-to-end security analytics platform administration and maintenance service that includes:
- Efficacy tracking and fine-tuning of analytical models to find true positive incidents for real-time threat detection and response,
- Configuration of threat use cases to address organization specific business and IT risks,
- Implementation and operationalization of machine learning models created in other systems using Gurucul STUDIO,
- Assist organizations in deploying GRA as a centralized analytics and risk engine to generate contextual risk prioritized alerts,
- On-going anomaly detection, findings triage, first level investigation, case management and reporting,
- User and role administration, data validation, system configuration and customization support,
- Ongoing system maintenance and health check including resource performance and utilization monitoring/optimization,
- Quarterly results effectiveness reports for senior management,
- Gurucul Labs scorecard to track anomalies, cases, model efficacy and data ingestion trends.