ABCs of UEBA: D is for Data
The most effective User and Entity Behavior Analytics (UEBA) solutions leverage big data. Big data refers to large and complex data sets that traditional data processing application software cannot process effectively because of volume, velocity and variety. This was documented as part of big data’s original definition by Gartner’s Doug ... Read More
A Nut Worth Cracking
We talk to a number of market research firms and meet with a lot of analysts. On this particular day, we met with an analyst who had a colorful vocabulary. We were talking about our Behavior Based Security Analytics platform and where we could make ground-breaking strides. In reviewing some ... Read More
ABCs of UEBA: C is for Context
A man runs through the airport. Is he trying to catch a flight or fleeing from authorities? Context is key to understanding behavior. And, behavior is key to predicting risk. The biggest challenge that enterprises face today is the flood analysts deal with involving too many alerts with very little ... Read More
ABCs of UEBA: B is for Behavior
We like to say, “You can steal an identity, but you can’t steal behavior.” You might compromise my credentials, but you don’t know what time I normally login, the applications I typically use, the people I regularly email, etc. Behavior is the Leading Threat Indicator The key to predicting threats, ... Read More
You’re Paying Too Much for Your SIEM
Welcome to 2019! Have you made a New Year’s resolution? If there’s one resolution you should make and stick to in 2019, it’s to stop paying so much for your SIEM. Show SIEM the Money We talk to a lot of customers, prospects and industry analysts. A clear theme that ... Read More
ABCs of UEBA: A is for Analytics
Welcome to our new blog series: ABCs of UEBA. This is not a blog series for dummies. This is a view into what makes up UEBA from A to Z, from start to finish, thoroughly, and in detail. So, let’s get started! Analytics is the engine that fuels User and ... Read More
Detect Merchant Fraud with “Outlier Categorical Model”
It can’t be over yet! Or can it? Our final model in the #MachineLearningMadness blog series is up next and it’s a whopper! Gurucul Machine Learning Model: Outlier Categorical Model How does the Outlier Categorical Model machine learning model work, what does it do? This is a really powerful model ... Read More
Protect Classified Information with “Identity Classification”
Gurucul offers machine learning models to address many cyber security scenarios. Up next is… Gurucul Machine Learning Model: Identity Classification How does the Identity Classification machine learning model work, what does it do? Identity Classification is a supervised learning approach that learns from the data input given to it, and ... Read More
Top 10 Blog Posts of 2018
As we look back at 2018, let’s see which Gurucul blog posts had the most views. This tells us what resonated with you, our audience. Here is the countdown: 10. Detect Host Compromise With “Domains Generated Algorithmically” Our #MachineLearningMadness blog posts did very well overall. This post on our Domains ... Read More
The Incident Response Army is Rapidly Growing
The first rule of any CISO/CSO is to have your Incident Response program, process and personnel in place to deal with the always present set of security challenges, 7×24. Incident response is NOT an optional item in any CISO/CSO’s portfolio. Increased Demand for Incident Response Personnel The dramatically increased demand ... Read More