Gurucul REVEAL empowers organizations with full control over data

Gurucul announced REVEAL, a unified security analytics platform. REVEAL delivers Threat Detection, Investigation and Response (TDIR) regardless of data type, volume and residency through a combination of its AI/ML analytics, an intelligent data engine with unified data fabric, native data optimization, federated search capabilities, an enterprise risk engine for prioritized alerts, and a disruptive pricing model.

One of the biggest challenges security operations teams face is getting control over data and achieving full visibility for threat detection and compliance in a cost efficient way. They must manage massive data volumes that reside in multiple locations. Centralizing all this data so that a SIEM or other security tool can use it quickly becomes expensive. In addition, data may need to stay in certain clouds or geographic locations to meet compliance standards and provide audit-ready reports.

To be successful, security teams must be able to collect the data needed for threat detection and behavior profiling, retain it for as long as necessary for behavior profiling and compliance, have it contextually linked for threat hunting, and apply advanced analytics. But doing this at enterprise scale can quickly become cost prohibitive.

Enterprises are trying to manage this complex process with third party tools or bolt-on capabilities to reduce SIEM data costs by routing log data to different destinations, but it can add more risk and result in a loss of visibility for threat detection and compliance.

“Gurucul is disrupting the industry with the only cost-optimized unified security analytics platform that guarantees a 50% cost reduction,” said Saryu Nayyar, Gurucul CEO. “We do it by combining Gurucul’s Data Optimizer with our AI-Powered Next Generation SIEM and Federated Search. Organizations can continually optimize their data to rebalance what goes into the SIEM for analysis to maximize ROI. One platform delivers effective threat detection and 100% visibility and searchability into all data.”

Gurucul achieves this major milestone with the following innovations as part of its REVEAL platform:

  • Native data optimization gives organizations granular control over security and IT data. It can filter, transform, deduplicate, normalize, enrich data, and then route it to specific destinations based on its intended purpose, including data lakes, SIEMs and low-cost cold storage. The out of the box filtering based on MITRE ATT&CK Framework, ML models and comprehensive threat detection content guarantees a 40% data reduction.
  • Intelligent data engine and unified data fabric provides full visibility by interpreting any data collected from any data source in any format, including structured and unstructured data. No data is ever lost – filtered, unfiltered and raw messages are retained, enabling stronger compliance.
  • Gurucul federated search allows analysts to run queries from a single console across any data source including data lakes, cloud object storage, databases, identity systems, threat intel sources, and SIEMs – including Splunk. This eliminates the cost associated with duplicating and transferring data. Instead, data stays where it is needed and is searchable regardless of location or data store.
  • Free retention and search on non-critical data. REVEAL includes free cold storage for all raw messages and data filtered out. All data is available online for searches eliminating the need and cost associated with rehydrating or thawing data.

REVEAL empowers organizations with full control over data and significant cost savings – at least 50% to address the issues of skyrocketing data volumes, shrinking budgets and limited security resources.

More about

Don't miss