Sold by: Gurucul
Deployed on AWS
Gurucul Security Analytics and Operations platform is a flexible platform for modernizing security operations. Security teams can trust in Gurucul to provide greater visibility, reduce manual tasks, prioritize investigations, detect threats out-of-the-box, and provide targeted risk-driven response actions.
3
Overview
The Gurucul Security Analytics and Operations platform is a cloud-based SaaS offering that goes beyond current SIEM, XDR, and other SOC solutions to empower security analysts. With a consolidated set of capabilities, the platform helps to automate tasks beyond just collection and correlation and provides a full set of capabilities for threat detection, investigation, and response (TDIR) for Security Operations, Insider Threat and Identity teams. The Gurucul Platform is powered by Gurucul Risk Analytics (GRA), our set of the most advanced and comprehensive analytics and trained machine learning (ML) and Artificial Intelligence (AI) models. While other solutions use rule-based ML/AI, we are focused on ingesting as much data as possible, applying a wide area of analytics and using true ML/AI to adapt and learn to newer threats. The Gurucul Security Analytics and Operations platform supports all of our solutions including Analytics-Driven SIEM, User and Entity Behavior Analytics (UEBA), Risk-Driven SOAR, XDR, Identity Analytics, and Fraud Analytics.
Highlights
- A Truly Cloud-Native SOC Platform that Scales with Your Business: Eliminate tradeoffs between visibility and licensing costs by charging based on user/entity, not data ingestion.
- The Most Comprehensive Analytics and Self-Learning ML/AI: Leverage out-of-the-box included Threat content, over 2500+ transparent and customizable ML Models, and widest-breadth of analytics.
- Trusted and Transparent Automation Across Ingestion, Correlation, Detection, Prioritization, Investigation, and Response: Reduce prolonged manual efforts and deliver risk-driven context that lowers MTTD and MTTR from weeks or months to minutes and hours.
Details
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
Gurucul SaaS NG-SIEM | 1000 Units Gurucul Next-Gen Analytics-driven SIEM SaaS | $84,624.00 |
100 GB Gurucul SaaS | Analytics driven NGSIEM SaaS - 500 Days retention,100GB/day ingestion | $87,628.00 |
Gurucul SaaS UEBA | 1000 Units Gurucul UEBA SaaS (Insider, Privilege, Cyber, Cloud, ITDR) | $46,986.00 |
Vendor refund policy
No Refunds
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Machine Learning and Artificial Intelligence Models
Platform includes over 2500+ transparent and customizable ML models with true machine learning and AI capabilities that adapt and learn to newer threats, going beyond rule-based approaches.
User and Entity Behavior Analytics
Supports User and Entity Behavior Analytics (UEBA) capabilities for detecting anomalous behavior patterns across users and entities within the security environment.
Threat Detection, Investigation, and Response Automation
Provides automated threat detection, investigation, and response (TDIR) capabilities with trusted automation across ingestion, correlation, detection, prioritization, investigation, and response workflows.
Multi-Solution Security Platform
Consolidates multiple security functions including Analytics-Driven SIEM, Risk-Driven SOAR, XDR, Identity Analytics, and Fraud Analytics within a single unified platform.
Cloud-Native Architecture with Flexible Licensing
Cloud-based SaaS platform with scalable architecture that charges based on user/entity metrics rather than data ingestion volume.
AI-Powered Threat Detection and Response
Real-time threat detection and automated response capabilities augmented by advanced AI and automation across endpoints, cloud workloads, and identity infrastructure.
Cloud Workload Protection
Runtime threat protection for Amazon EC2 instances, EKS clusters, and AWS Fargate with autonomous blocking of malware, ransomware, and fileless attacks.
Extended Detection and Response
Correlated view of full attack stories across endpoints, identities, and cloud workloads using patented Storyline technology to automatically correlate and contextually group related events.
Identity Threat Detection and Response
Continuous monitoring and protection against credential theft, privilege escalation, and lateral movement attacks across Active Directory and cloud identity providers including Entra ID, Okta, Ping, SecureAuth, and Duo.
Generative AI Security Analysis
Generative AI security analyst that automates threat hunting, provides incident summaries, and accelerates investigations through machine-speed analysis.
Multi-Source Threat Data Integration
Correlates security events from Trellix Security Platform and over 500 third-party tools including 13 AWS integrations to create unified threat visibility across the security stack.
AI-Driven Alert Triage and Prioritization
Applies artificial intelligence-driven analytics to perform 100% alert triage, prioritize threats, and provide GenAI-powered insights for threat investigation and remediation guidance.
No-Code Automation for Investigation and Response
Provides UI-driven, point-and-click automation capabilities to offload repetitive security operations tasks and accelerate investigation and response workflows.
Pre-Built Analytics and Correlation Rules
Ingests data from multiple sources and correlates events using pre-built analytics and rules to reconstruct complete attack narratives and reduce manual investigation pivots.
Multi-Deployment Architecture Support
Supports cloud, hybrid, and air-gapped deployment models with an open integration ecosystem for flexible security infrastructure configurations.
Validated by AWS Marketplace
FedRAMP
GDPR
HIPAA
ISO/IEC 27001
PCI DSS
SOC 2 Type 2
No security profile
-
-
-
-
-
No security profile
Standard contract
No
No
Customer reviews
Nahoum A.
Tedious Cloud Integration reduces scalability
Reviewed on Dec 12, 2024
Review provided by G2
What do you like best about the product?
At a large enterprise, working as a security analyst, Gurucul’s REVEAL platform has proved beneficial to me. The machine-based analytics greatly decrease alert fatigue which is caused by the number of alerts by focusing on the high risk threats.
What do you dislike about the product?
Security data to be processed in REVEAL has to be moved to the cloud which is quite a tedious process. This poses a problem to our utilization of the scaling and versatility of cloud based security analytics.
What problems is the product solving and how is that benefiting you?
Gurucul solves the problem of having to go through countless security alerts by using machine learning to triage actual threats. This means that I have enough time to concentrate and use my experience to analyze only the most significant matters.
Sujeet Y.
GURUCUL SIEM Review
Reviewed on Sep 27, 2024
Review provided by G2
What do you like best about the product?
The dashboard is self explanatory and covers all the aspect related to security posture. The pre-built parser used for ingesting logs of various devices are reliable and there is no data loss from the bucket.
What do you dislike about the product?
The various threat intel integration feeds although, integrated but the alerts take significant amount of time to populate on the console. The TI feed ingesting parser needs modulation in itslef.
What problems is the product solving and how is that benefiting you?
Earlier we had seperate tools for SIEM ingesting purpose, threat hunting tool, and maintaining other security postures. But, with the Gurucul inception in our infra we are able to ingest and visualize all the security reated paramaeters on the single console. Additionally, the ML feeds provided for UEBA works on heuristic algorithm which is at par with industry standards.