Manager at a comms service provider with 10,001+ employees
Real User
Top 10
2023-11-10T09:17:00Z
Nov 10, 2023
We use Gurucul UEBA to monitor user behavior. If there are any deviations from expected user behavior, such as unusual activities, unauthorized login attempts, or actions that violate established policies, we want to identify and flag these events promptly as they occur. We were initially using a SIM tool that could not construct user behavior analytics, or more precisely, user personas. Consequently, we opted for Gurucul UEBA to develop user personas, enabling us to continuously monitor for any deviations in user activity. This includes identifying any activities that violate compliance policies or fall outside a user's baseline behavior. Gurucul UEBA automatically raises flags for such instances. We have implemented various customized use cases and models to meet our specific requirements, and these use cases are now in production and being monitored.
Threats are a moving target. Determined and persistent threat actors purposely stretch out their activity across weeks or even months, especially when most SIEM and XDR solutions are incapable of piecing together events across time. Even worse, is that these solutions primarily use rule-based Machine Learning, which is essentially pattern matching. This makes them especially ineffective in detecting new attacks and/or variants, which are highly successful in breaching organizations....
Regarding the use cases, I have created many use cases in Gurucul UEBA. It's easy to create use cases based on behaviors.
We use Gurucul UEBA to monitor user behavior. If there are any deviations from expected user behavior, such as unusual activities, unauthorized login attempts, or actions that violate established policies, we want to identify and flag these events promptly as they occur. We were initially using a SIM tool that could not construct user behavior analytics, or more precisely, user personas. Consequently, we opted for Gurucul UEBA to develop user personas, enabling us to continuously monitor for any deviations in user activity. This includes identifying any activities that violate compliance policies or fall outside a user's baseline behavior. Gurucul UEBA automatically raises flags for such instances. We have implemented various customized use cases and models to meet our specific requirements, and these use cases are now in production and being monitored.
I am using Gurucul for FIEM and UEBA. We are providing solutions to our customers using this tool.
We carried out proof of concepts with certain projects for our customers. We deployed it, improved it, and so on.