Manager at a comms service provider with 10,001+ employees
Real User
Top 20
2023-11-10T09:17:00Z
Nov 10, 2023
Regarding the prioritization of threats, Gurucul UEBA needs to enhance its alert severity assignment process within the system. This is one area where Gurucul UEBA could improve. Additionally, it would be beneficial if the tool itself could provide or assign user-based or asset-based CI ratings to allow for a more accurate assessment of alert severity. In our environment, we forward these logs, events, and alerts to SIM, where the CI rating is already present. Therefore, if we need to closely investigate a UEBA case directly, it becomes problematic. Gurucul UEBA should proactively incorporate asset-based or user-based CI severity into its design. Gurucul UEBA needs to be more user-friendly. I would like Gurucul UEBA to be able to integrate with legacy-based identity systems and systems that are performing network-based access control. This would require additional integration and playbook models.
User and Entity Behavior Analytics (UEBA) is a type of cybersecurity solution that uses machine learning to monitor and analyze the behavior of users and entities (such as devices, applications, servers, etc.) in a network. UEBA can detect anomalous or malicious activities in real time and alert security teams or take automated actions.
UEBA solutions work by analyzing activity from network users and other entities, such as hosts, applications, data repositories, and network traffic. They...
Regarding the prioritization of threats, Gurucul UEBA needs to enhance its alert severity assignment process within the system. This is one area where Gurucul UEBA could improve. Additionally, it would be beneficial if the tool itself could provide or assign user-based or asset-based CI ratings to allow for a more accurate assessment of alert severity. In our environment, we forward these logs, events, and alerts to SIM, where the CI rating is already present. Therefore, if we need to closely investigate a UEBA case directly, it becomes problematic. Gurucul UEBA should proactively incorporate asset-based or user-based CI severity into its design. Gurucul UEBA needs to be more user-friendly. I would like Gurucul UEBA to be able to integrate with legacy-based identity systems and systems that are performing network-based access control. This would require additional integration and playbook models.
Gurucul can improve on the online documentation. They should educate the end users more to allow them to do everything themselves.
It could be more stable.