Gurucul’s poly-cloud and multi-cloud offering accelerates security teams’ ability to mitigate threats
In Las Vegas, at Black Hat USA 2022, Gurucul announced advanced Poly-Cloud architecture support, enhanced multi-cloud deployments, and cross-cloud detection and response across all common cloud stacks including Amazon Web Services, Microsoft Azure, and Google Cloud Platform.
Gurucul supports best of breed cross-cloud services for improved user experience, flexibility, availability, and reduced cost for faster detection and response and blazing fast searches for better threat hunting. Gurucul’s poly-cloud support allows organizations to be cloud-agnostic without any lock-in with a cloud service provider, facilitating AWS, Google, Azure, and private clouds to operate concurrently.
Gurucul has advanced its multi-cloud capabilities across all major cloud providers by providing a unified view of security and risk across multiple cloud environments. Customers now reap all the benefits of SaaS with their own cloud infrastructure irrespective of the provider.
In addition to deployment support, these new cross-cloud capabilities provide correlation, advanced linking, and behavior baselines on access and activity across cloud environments. New out-of-the-box threat content and risk scoring provide detection and automated response to advanced hybrid and multi-cloud distributed attacks. This enables organizations to go beyond just hunting for isolated threats, such as malware at a cloud endpoint, identifying the entire scope of the attack campaign across multi-cloud workloads, lowering mean-time-to-detect (MTTD) and mean-time-to-respond (MTTR).
Gurucul’s multi-cloud threat detection capabilities sit natively within public/private cloud environments with no reduction in capabilities. Gurucul collects, ingests, and enriches data from multi-cloud deployments at massive scale, ensuring performance and providing real-time, end-to-end visibility and context.
In addition, Gurucul’s cloud analytics and out-of-the-box threat content include context from traditional security solutions, such as network and endpoint, immediately helping security operations teams identify cloud security issues, including distributed multi-cloud attack campaigns. This goes well beyond other solutions that only find isolated threats in the cloud or simply correlate isolated threat activity forcing already burdened SOC staff to manually investigate and determine if an attack campaign is underway.
“As we have seen new attacks, such as multi-RAT campaigns, increasingly embed themselves across multiple cloud services, threat actors are able to evade current SIEM and XDR solutions,” said Nilesh Dherange, CTO of Gurucul. “Furthermore, most security vendors have simply ‘lifted and shifted’ their on-prem solutions into the cloud in order to provide a SaaS solution that is locked into a single vendor, severely limiting their ability to be effective across multiple cloud service providers, making it very difficult for organizations to reduce their attack exposure while meeting digital transformation objectives.”
“Organizations worldwide are facing sophisticated ransomware attacks on the digital supply chain and deeply embedded vulnerabilities,” said Peter Firstbrook, research vice president at Gartner. “The pandemic accelerated hybrid work and the shift to the cloud, challenging CISOs to secure an increasingly distributed enterprise – all while dealing with a shortage of skilled security staff.”
Gurucul significantly reduces infrastructure, operations, and software licensing cost overhead, and provides a single-pane-of-glass with 360-degree context across enterprise, hybrid and multi-cloud environments for correlation, threat detection, threat hunting, investigations, and incident response. The solution also simplifies data and network architecture by reducing integration points, data hops and bandwidth requirements. Its playbook management and risk aggregation capabilities can be used to trigger appropriate remediation actions such as blocking network traffic, isolating cloud workloads and devices, enforcing step-up authentication, blocking USB access, and disabling user accounts on SaaS, IaaS and PaaS.
The Gurucul cloud-native Security Analytics and Operations Platform includes Next-Generation SIEM, with its debut as a Strong Visionary in the 2021 Gartner Magic Quadrant for SIEM, XDR, UEBA and Identity & Access Analytics. By generating contextual, risk-prioritized alerts in real-time, Gurucul’s security operations solution accelerates security teams’ ability to mitigate threats before damage occurs through automated response actions.
Availability and pricing
Gurucul’s poly-cloud and multi-cloud advancements along with cross-cloud threat detection capabilities are available immediately from Gurucul and its business partners worldwide.