Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

Gurucul Launches Sme AI for Advanced Threat Detection, Investigations and Rapid Mitigation

By Greg Tavarez

Gurucul stands out as a trailblazer in the cybersecurity space by pioneering the integration of AI and machine learning (ML) technologies.

Central to their innovation is the STUDIO platform, an open analytics framework designed to empower cybersecurity professionals. This framework facilitates the development of advanced ML behavior models in-house, enabling organizations to finely tailor their security strategies to tackle evolving threats effectively. Additionally, Gurucul's STUDIO platform goes beyond internal capabilities by allowing seamless integration of third-party AI frameworks and models.

An exemplary milestone in Gurucul's journey is their pioneering work in automated threat hunting, a concept unveiled in February 2020. By leveraging sophisticated ML algorithms, Gurucul's technology assesses an array of behavioral attributes within networks and systems. This proactive approach assists in identifying anomalies, outliers and indicators of compromise. Such an early warning mechanism proves invaluable in thwarting potential threats before they escalate into substantial security breaches.

Gurucul's visionary strides in the intersection of AI, ML and cybersecurity have left a mark on the industry. Now, Gurucul looks to make another mark with the launch of its new generative AI capability called "Sme" (Subject Matter Expert) to accelerate threat detection, supercharge security investigations and automate responses.

In the detection phase, Sme AI offers proactive suggestions for threat hunting queries, resulting in improved efficacy and reduced mean time to detection. This AI-driven approach uncovers unknown threats, adapts rapidly to evolving datasets and generates new threat content based on emerging trends and insights across various customer contexts and industry verticals. The AI model is not only tailored for cyber threat detection but also covers insider threats, ITDR, identity and access-related incidents, such as account compromises and AD/LDAP attacks.

Moving to the investigation stage, Sme AI automates the triage of alerts by considering historical patterns, investigation notes, detection types and attack trends. This automated process empowers analysts to prioritize high-risk alerts, streamlining investigations by reducing the need for multiple screens, clicks and queries. Leveraging contextually enriched data further bolsters the efficiency of investigations, ensuring comprehensive analysis of incidents.

In the response phase, Sme AI automates crucial incident response activities. This includes generating customized reports, executing bulk actions and managing multi-step workflows. The platform supports natural language-based search, simplifying and expediting routine tasks and reporting. Sme AI also offers auto-response capabilities based on historical response actions, significantly minimizing manual intervention required for critical alerts. The system even suggests new Security Orchestration, Automation, and Response, or SOAR, playbooks based on alert and response action trends, streamlining the incident response process.

The long story short is that Sme AI empowers SOC analysts with powerful insights into a rich, correlated dataset across identity, security, network, enterprise and cloud platforms. It improves SOC team efficiency and helps counter the ongoing challenges of limited resources and skill sets, overwhelming alert fatigue, false positives and mis- or unprioritized alerts.

“Sme AI is purpose-built to support analysts in their day-to-day activities and help them detect, investigate and respond to threats so they can stay ahead of adversaries,” said Saryu Nayyar, CEO at Gurucul. “While attackers are using AI and manipulating common frameworks to build malware, the security community needs to invest and leverage purpose-built AI to fight this battle more effectively.”

The launch of Sme AI comes quickly after the launch of the Gurucul Security Analytics and Operations platform, Powered by Snowflake, that will enable customers to seamlessly run Gurucul’s Next-Gen SIEM, Open XDR, UEBA and Identity Analytics solutions on the Snowflake Data Cloud.




Edited by Alex Passett
Get stories like this delivered straight to your inbox. [Free eNews Subscription]

MSPToday Editor

SHARE THIS ARTICLE
Related Articles

Real Estate Forecast 2025: Emerging Developments and Market Shifts

By: Contributing Writer    7/1/2025

Buying or selling property can be challenging. Rising mortgage rates and fluctuating home prices leave many uncertain about their next move. Business …

Read More

Protecting Business Assets with Smarter Security Frameworks

By: Contributing Writer    7/1/2025

Protecting your business is more challenging than ever. Cyber threats are increasing every day. Hackers target small and large businesses alike, searc…

Read More

Reimagining Public Transportation in the Era of Smart Mobility

By: Contributing Writer    7/1/2025

Public transportation can be frustrating. Buses stuck in traffic, late trains, and hard-to-navigate systems often leave people stressed or stranded. M…

Read More

SonicWall Powers Secure Access for Missouri MSP, Improving Cybersecurity and Network Access for Clients

By: Erik Linask    6/27/2025

With SonicWall, Stronghold Data delivers a modern, secure remote access solution that ensures access to networks and resources and improves cybersecur…

Read More

Guardz Unleashes AI-Driven ITDR to Combat Escalating Identity-Based Threats

By: Erik Linask    6/26/2025

The launch of Identity Threat Detection and Response (ITDR) gives MSPs the tools to defend SMBs against increasingly sophisticated attacks targeting u…

Read More