Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

By Greg Tavarez

Gurucul stands out as a trailblazer in the cybersecurity space by pioneering the integration of AI and machine learning (ML) technologies.

Central to their innovation is the STUDIO platform, an open analytics framework designed to empower cybersecurity professionals. This framework facilitates the development of advanced ML behavior models in-house, enabling organizations to finely tailor their security strategies to tackle evolving threats effectively. Additionally, Gurucul's STUDIO platform goes beyond internal capabilities by allowing seamless integration of third-party AI frameworks and models.

An exemplary milestone in Gurucul's journey is their pioneering work in automated threat hunting, a concept unveiled in February 2020. By leveraging sophisticated ML algorithms, Gurucul's technology assesses an array of behavioral attributes within networks and systems. This proactive approach assists in identifying anomalies, outliers and indicators of compromise. Such an early warning mechanism proves invaluable in thwarting potential threats before they escalate into substantial security breaches.

Gurucul's visionary strides in the intersection of AI, ML and cybersecurity have left a mark on the industry. Now, Gurucul looks to make another mark with the launch of its new generative AI capability called "Sme" (Subject Matter Expert) to accelerate threat detection, supercharge security investigations and automate responses.

In the detection phase, Sme AI offers proactive suggestions for threat hunting queries, resulting in improved efficacy and reduced mean time to detection. This AI-driven approach uncovers unknown threats, adapts rapidly to evolving datasets and generates new threat content based on emerging trends and insights across various customer contexts and industry verticals. The AI model is not only tailored for cyber threat detection but also covers insider threats, ITDR, identity and access-related incidents, such as account compromises and AD/LDAP attacks.

Moving to the investigation stage, Sme AI automates the triage of alerts by considering historical patterns, investigation notes, detection types and attack trends. This automated process empowers analysts to prioritize high-risk alerts, streamlining investigations by reducing the need for multiple screens, clicks and queries. Leveraging contextually enriched data further bolsters the efficiency of investigations, ensuring comprehensive analysis of incidents.

In the response phase, Sme AI automates crucial incident response activities. This includes generating customized reports, executing bulk actions and managing multi-step workflows. The platform supports natural language-based search, simplifying and expediting routine tasks and reporting. Sme AI also offers auto-response capabilities based on historical response actions, significantly minimizing manual intervention required for critical alerts. The system even suggests new Security Orchestration, Automation, and Response, or SOAR, playbooks based on alert and response action trends, streamlining the incident response process.

The long story short is that Sme AI empowers SOC analysts with powerful insights into a rich, correlated dataset across identity, security, network, enterprise and cloud platforms. It improves SOC team efficiency and helps counter the ongoing challenges of limited resources and skill sets, overwhelming alert fatigue, false positives and mis- or unprioritized alerts.

“Sme AI is purpose-built to support analysts in their day-to-day activities and help them detect, investigate and respond to threats so they can stay ahead of adversaries,” said Saryu Nayyar, CEO at Gurucul. “While attackers are using AI and manipulating common frameworks to build malware, the security community needs to invest and leverage purpose-built AI to fight this battle more effectively.”

The launch of Sme AI comes quickly after the launch of the Gurucul Security Analytics and Operations platform, Powered by Snowflake, that will enable customers to seamlessly run Gurucul’s Next-Gen SIEM, Open XDR, UEBA and Identity Analytics solutions on the Snowflake Data Cloud.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

ICYMI: News Around the MSP Industry

By: Greg Tavarez    5/17/2024

Here are a few articles compiled into one for readers interested in developments around the MSP space.

Read More

Wildix UK and Ireland Shake Up Leadership for Growth and Innovation

By: Greg Tavarez    5/16/2024

Wildix announced a strategic leadership transition designed to propel the company's market growth.

Read More

Are Resellers Leaving Money on the Table?

By: Special Guest    5/16/2024

The expert and correct installation of network infrastructure and other components is crucial to every IT project's success, adding tangible value by …

Read More

Bitwarden's New Standalone App Makes Two-Factor Authentication Simple

By: Greg Tavarez    5/15/2024

Bitwarden recently launched a standalone app for two-factor authentication to protect online services and applications from unauthorized access.

Read More

Cyware Quarterback: The AI Playmaker for Advanced Security Operations

By: Greg Tavarez    5/15/2024

Cyware Quarterback is a user-friendly, AI-powered interface that streamlines security tasks for enterprise clients and security information sharing gr…

Read More