Gurucul Protects Cloud Apps with Identity-based Threat Detection

Cloud Analytics Platform Detects Hijacked Accounts and Insider Abuse to Prevent Data Leakage and Compliance Violations

April 20, 2015

4 Min Read


LOS ANGELES, April 16, 2015 – Gurucul, the identity-based threat detection and deterrence company, today announced a new addition to the Gurucul Risk Analytics (GRA) suite which protects cloud applications from insider and external attacks with user behavior analytics. The Gurucul Cloud Analytics Platform™ (CAP) detects insider access abuse and account hijacking by continuously monitoring activity against hundreds of attributes using machine-learning algorithms. This information is collected cloud-to-cloud using out of the box connectors to most cloud applications like Salesforce, Office365, Box, Concur, and Workday.  Gurucul CAP can alert organizations on anomalous behaviors, prevent data leakage, perform cloud application discovery, and provide continuous insight into cloud infrastructure access and activities.

The company will demonstrate Gurucul CAP at RSA Conference 2015 booth 2509 in the South Expo Hall.

Cloud applications and infrastructures pose even greater security challenges than their on-premise counterparts since organizations have limited visibility into and control over when and how cloud access is used. This increases the risk of data breaches, data loss, account hijacking, insider abuse and other threats associated with the use of shared technology.

 "We have a new perimeter, and it lives in the Cloud.  Cloud based applications for critical business services introduce new risks and threats, which require innovative detection and mitigation techniques,” said Teri Takai, Chief Information Officer, Executive Vice President, Meridian Health Plan. “While some operational and infrastructure concerns are less relevant in the cloud, issues such as data breaches, data loss and malicious insiders, are even more prevalent. Gurucul's CAP solution addresses this need by applying behavioral modeling techniques and advanced security analytics to the cloud.”

 Identity-based Security for the Cloud

 Gurucul CAP treats cloud identities as a threat surface. CAP is based on the Gurucul Predictive Identity Based Behavior Anomaly Engine (PIBAE), which uses identity as the core and overlays activity, alerts, intelligence and access information combined with machine learning techniques and big data analytics, to provide predictive security analytics and zero day risks. These machine-learning algorithms run against hundreds of attributes to determine baseline behavior for an identity and compare it against dynamically created peer groups to detect anomalous patterns. These patterns are matched against internal risk modeling algorithms to assert a risk score for an identity.  This behavior modeling approach enables Gurucul to provide organizations with actionable risk intelligence and insight into their cloud infrastructure by identifying insider threats, compromised accounts, data leakage and assisting in investigation and forensics.

 Unlike other cloud security products that rely solely on log data from reverse proxy gateways, Gurucul’s user behavior analytics engine enables CAP to deliver the following benefits:

 •             360 Degree View of Identity, Access, Activity, and Alerts for Cloud Applications - Correlate data across multiple cloud applications to create contextual identity – who is the user, what access they have, what activity are they performing, and associated alerts

 •             Purpose Built to Instantly Identify Risky Behaviors - Self-training machine learning algorithms are tailored to identify anomalous behaviors immediately upon deploying the technology.

•             Intelligent Access Analytics - Real-time analytics on accounts and access to identify anomalies, improve access control, and data governance.

 •             Automated Self Audit - End user awareness with a customizable online view of their activity (similar to a bank or credit card statement) to identify anomalies and potential misuse of identities.

 •             Cloud Application Discovery - Insight into known / approved and unknown / unapproved access to cloud applications, providing detailed visibility of access, activities and risk profiles.

 “Cloud applications are outside the reach of most enterprise security measures, yet all that is needed to comprise sensitive data is a username and password,” says Saryu Nayyar, CEO of Gurucul. “The Gurucul Cloud Analytics Platform continuously monitors identity-based activity within cloud applications using machine learning algorithms to predict and detect risky behaviors. Gurucul can recognize malicious activity by insiders or compromised accounts using this cloud user behavior analytics technology.”

 The Gurucul Cloud Analytics Platform is available immediately from Gurucul and its business partners worldwide.

 About Gurucul

Gurucul is changing the way enterprises protect themselves against threats inside their IT infrastructures from employees, third-party providers and external intruders. The company’s user behavior analytics technology uses machine learning and predictive anomaly detection algorithms to anticipate, identify and prevent breaches. Gurucul technology is used globally by organizations to detect insider fraud, IP theft, external attacks and more. The company is a Gartner Cool Vendor and CTR MVP Award winner. Gurucul is based in Los Angeles. To learn more, visit us at and follow Gurucul on LinkedIn, Facebook and Twitter (@Gurucul).


Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights