Gurucul behaviour-based network traffic analysis detects unknown threats

Gurucul behaviour-based network traffic analysis detects unknown threats

Gurucul has announced the Gurucul Network Behaviour Analytics (NBA) solution

Gurucul, a leader in behaviour based security and fraud analytics technology for on-premises and the cloud, has announced the Gurucul Network Behaviour Analytics (NBA) solution, the industry’s most advanced Network Traffic Analysis product.

It leverages Gurucul’s advanced Machine Learning analytics to provide identification of advanced and unknown cyberthreats.

The Gurucul Network Behaviour Analytics solution delivers flexible entity modelling to monitor and identify unusual, risky behaviour from any entity.

This includes traditional devices like workstations, servers and firewalls, as well as extended network devices such as Robotic Process Automation (RPA) processes, IoT devices (CCTV, vending machines), OT infrastructure (automation sensors used in manufacturing and utility industries) and point of sale (POS) devices.

Most organisations tend to rely on network monitoring tools for checking the health of the network. These tools detect and report failures of devices or connections. However, they cannot repair problems, nor can they find unknown threats.

By applying behavioural analysis to network traffic, a network traffic analysis solution can help organisations identify suspicious activities that conventional cybersecurity tools would overlook.

“The adoption of cloud, mobile and IoT technologies is creating a much larger attack surface, while exposing organisations to entirely new categories of security threats including malicious bots and scripts,” said Nilesh Dherange, Chief Technology Officer for Gurucul.

“As a result, addressing entity-based security threats in the network has become imperative. With very few inherent means to monitor devices and their behaviours, Gurucul’s network traffic analysis technology provides valuable detection, risk-scoring and alerting capabilities to pre-empt malicious activity.”

Gurucul Network Behaviour Analytics

Gurucul Network Behaviour Analytics identifies unknown threats using advanced Machine Learning algorithms on network flows and packet data.

The solution uses entity models to create behaviour baselines for every device and machine on the network based on network flow data such as source and destination IPs/machines, protocol and bytes in/out. It also leverages DHCP logs to correlate IP specific data to machines and users.

Gurucul Network Behaviour Analytics comes with pre-packaged machine learning models pre-configured and tuned to run on high frequency network data streams to detect real-time anomalies and to risk rank threats. Tied into the Gurucul User and Entity Behaviour Analytics (UEBA) platform, the solution provides 360-degree visibility across network, identity, access and activity on enterprise applications or systems.

This contextual linked data and extensive library of out-of-the-box behaviour and threat models help identify advanced and unknown threats like zero-day exploits, fileless malware, and ransomware. It does so by detecting unusual behaviour on a given entity (e.g. server, IP, device), related lateral movement within the network, command and control (C2) communication, suspicious account activity from a compromise account and access misuse.

The product’s data processing and analytics framework quickly detects threats in real-time, as well as uncovers APT / Stealth attacks which lay dormant between various stages of a cyberattack. 

Browse our latest issue

Intelligent Data Centres

View Magazine Archive