Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

By Greg Tavarez

Gurucul stands out as a trailblazer in the cybersecurity space by pioneering the integration of AI and machine learning (ML) technologies.

Central to their innovation is the STUDIO platform, an open analytics framework designed to empower cybersecurity professionals. This framework facilitates the development of advanced ML behavior models in-house, enabling organizations to finely tailor their security strategies to tackle evolving threats effectively. Additionally, Gurucul's STUDIO platform goes beyond internal capabilities by allowing seamless integration of third-party AI frameworks and models.

An exemplary milestone in Gurucul's journey is their pioneering work in automated threat hunting, a concept unveiled in February 2020. By leveraging sophisticated ML algorithms, Gurucul's technology assesses an array of behavioral attributes within networks and systems. This proactive approach assists in identifying anomalies, outliers and indicators of compromise. Such an early warning mechanism proves invaluable in thwarting potential threats before they escalate into substantial security breaches.

Gurucul's visionary strides in the intersection of AI, ML and cybersecurity have left a mark on the industry. Now, Gurucul looks to make another mark with the launch of its new generative AI capability called "Sme" (Subject Matter Expert) to accelerate threat detection, supercharge security investigations and automate responses.

In the detection phase, Sme AI offers proactive suggestions for threat hunting queries, resulting in improved efficacy and reduced mean time to detection. This AI-driven approach uncovers unknown threats, adapts rapidly to evolving datasets and generates new threat content based on emerging trends and insights across various customer contexts and industry verticals. The AI model is not only tailored for cyber threat detection but also covers insider threats, ITDR, identity and access-related incidents, such as account compromises and AD/LDAP attacks.

Moving to the investigation stage, Sme AI automates the triage of alerts by considering historical patterns, investigation notes, detection types and attack trends. This automated process empowers analysts to prioritize high-risk alerts, streamlining investigations by reducing the need for multiple screens, clicks and queries. Leveraging contextually enriched data further bolsters the efficiency of investigations, ensuring comprehensive analysis of incidents.

In the response phase, Sme AI automates crucial incident response activities. This includes generating customized reports, executing bulk actions and managing multi-step workflows. The platform supports natural language-based search, simplifying and expediting routine tasks and reporting. Sme AI also offers auto-response capabilities based on historical response actions, significantly minimizing manual intervention required for critical alerts. The system even suggests new Security Orchestration, Automation, and Response, or SOAR, playbooks based on alert and response action trends, streamlining the incident response process.

The long story short is that Sme AI empowers SOC analysts with powerful insights into a rich, correlated dataset across identity, security, network, enterprise and cloud platforms. It improves SOC team efficiency and helps counter the ongoing challenges of limited resources and skill sets, overwhelming alert fatigue, false positives and mis- or unprioritized alerts.

“Sme AI is purpose-built to support analysts in their day-to-day activities and help them detect, investigate and respond to threats so they can stay ahead of adversaries,” said Saryu Nayyar, CEO at Gurucul. “While attackers are using AI and manipulating common frameworks to build malware, the security community needs to invest and leverage purpose-built AI to fight this battle more effectively.”

The launch of Sme AI comes quickly after the launch of the Gurucul Security Analytics and Operations platform, Powered by Snowflake, that will enable customers to seamlessly run Gurucul’s Next-Gen SIEM, Open XDR, UEBA and Identity Analytics solutions on the Snowflake Data Cloud.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Foxit Brings AI to Document Analysis with New Research Agent

By: Erik Linask    7/3/2025

PDF and eSignature solutions provider unveils an intelligent tool designed to transform how users extract actionable insights from dense, complex docu…

Read More

OpenMSP Brings New Profitability to MSPs Driving an Open Source Revolution

By: Erik Linask    7/3/2025

OpenMSP, a community-driven platform seeks to liberate MSPs from unsustainable software licensing costs by leveraging open-source alternatives and AI-…

Read More

TD SYNNEX's Apptium Acquisition a Win for MSPs.

By: Erik Linask    7/3/2025

TD SYNNEX's acquisition of Apptium will simplify complexities of the XaaS, economy, offering MSPs new agility, accelerated time to revenue, and stream…

Read More

Real Estate Forecast 2025: Emerging Developments and Market Shifts

By: Contributing Writer    7/1/2025

Buying or selling property can be challenging. Rising mortgage rates and fluctuating home prices leave many uncertain about their next move. Business …

Read More

Protecting Business Assets with Smarter Security Frameworks

By: Contributing Writer    7/1/2025

Protecting your business is more challenging than ever. Cyber threats are increasing every day. Hackers target small and large businesses alike, searc…

Read More