Gurucul introduces self-driving SIEM powered by AI enhancements

Gurucul announced a quantum leap forward with a self-driving SIEM powered by extensive AI enhancements and infused within a revamped AI-centric user interface for improved and effective execution of collect, detect, investigate, threat hunt and response workflows to its Unified Data and Security Analytics Platform—REVEAL.

Supercharged with multiple AI agents throughout the entire threat management lifecycle, these new autonomous capabilities greatly reduce intensive engineering, maintenance and operational tasks, resulting in a “self-driving” SIEM that augments and amplifies engineers, analysts and investigators to proactively focus on meaningful work while AI takes care of the mundane.

AI-powered data pipeline management: Gurucul’s native data optimizer already reduces costs by at least 40%. with the new upgrades, it now includes pipeline ai agents that autonomously discover, classify, normalize and filter to further assist customers in controlling and optimizing their security data fabric. Smart filtering reduces storage and processing, while AI minimizes the need for manual data management, onboarding and tuning.

AI-informed proactive detection engineering: AI agents independently detect evolving attack chains to inform new machine learning detection models, signatures and rules. Furthermore, AI proactively optimizes existing models and recommends additional data sources to automatically unlock more detection use cases. It enables dynamic model and rule content creation in real-time.

AI-amplified analyst experience: The virtual AI analyst empowers security teams with expert guidance and enriched insights to streamline investigations and improve efficiency. By automatically triaging alerts and appending contextual information—such as attack blast radius impact, 98% MITRE ATT&CK framework alignment, and external threat intelligence—the AI agent reduces the time analysts spend on manual tasks. Leveraging its understanding of user behavior, threat intelligence, and the broader security ecosystem, the AI analyst provides adaptive learning capabilities that refine insights based on similar data sets, detections and actions in past, as well as analyst feedback and interactions. Additionally, analysts can utilize natural language processing (NLP) for accelerated search, on-demand Sme AI copilot, and content creation, including detailed incident reports.

AI-triggered adaptive response: Gurucul’s AI-powered orchestration and response can dynamically modify and execute playbooks based on real-time information and evolving threat conditions to ensure that the response can be automated and is always optimized for the unique nuances of every incident or attack.

Sme AI Copilot: Generative AI powered Sme AI copilot, initially announced in August 2023, has several new advanced prompts, additional promptbooks, enhanced natural language search, powerful insights with shorter investigation times, comprehensive incident analysis and reporting capability added.

Neda Pitt, CISO, BELK, said: “This is yet another reason why I chose to replace my legacy SIEM with the Gurucul platform. Even before these AI enhancements, the platform outperformed any other SIEM I’ve encountered. Now, with these agentic AI capabilities, I’m glad I made the bet on the future of the industry. Gurucul is paving the path toward the autonomous SOC. My analysts have upleveled their productivity and I can’t wait for them to get to the next level with AI removing the busy work.”

“Gurucul has redefined what I expect from an AI-powered Next-Gen SIEM. It operates as a true force multiplier for my SOC — prioritized alerts, high efficacy detections deeply aligned to our threat posture and proactive responses. Another capability that truly stands apart is in its risk-based approach to identity: the precision with which they score and surface risky users has become a cornerstone of our insider threat program,” said Steward Alpert, CISO and CTO, Hornblower.

“As an MSSP we are always looking for ways to maximize value for our customers while optimizing the workflows for our analysts and reducing costs. We picked Gurucul because they provide a truly differentiated platform that not only helped reduce our data management costs leveraging Snowflake but also helped us stay ahead of the threat landscape with advanced detection capabilities. It’s innovations like these new agentic AI capabilities that validate our decision to switch to Gurucul. They continue to offer modernization that increases value delivery for our customers while maximizing the output of our SOC,” said Jason Elmore, CEO, Tuearis Cyber.

“Alert overload, the sophistication of threats and operational bottlenecks are some of the most pressing challenges in security operations today. We have built a small army of Agentic AI agents that go to work for you across the entire data and threat lifecycle boosting analyst workflows to address these critical pain points. We are flipping the idea of the resource intensive traditional SIEM on its head to optimize SecOps resources and reduce time spent on data management, detection engineering, false positives, triage, investigation and response. We’re continuing to disrupt the status quo, set the bar high, and solve real customer problems. These ground-breaking advancements with purpose-built AI use cases are helping SOC teams do their critical work efficiently with swift responses against modern threats,” said Saryu Nayyar, CEO, Gurucul.

Gurucul release v12.4 with enhanced Sme AI copilot and Agentic AI multi-agent workflows has been available since December 2024.