There’s a wide range of tools CISOs need to leverage in having a multi-layered security strategies. A number of vendors are adding another: Employees.
The latest to adopt the idea is Gurucul, provider of predictive risk analytics solutions, which today announced the addition of a self-audit portal to its GRA platform that allows privileged internal or external staff to keep an eye on what devices and applications have been accessed with their credentials.
“The user knows context better than IT,” Tom Clare, the company’s vice-president of marketing, said in an interview. “If they look at a portal and can see an anomaly or see something unusual, when they call (IT) it’s going to be very low false positive. They know the context around (their access), know right or wrong …This leads to faster response, lower detection time and more effective security.”
In a way the idea is to “deputize the user” to help with IT security, he said.
“The target user is someone who deals with sensitive data on a regular basis — system administrators, application administrators research people” whose credentials are increasingly the targets of attackers.
The self-audit portal shows activity on internal and cloud accounts, devices, geo-location and more. It can also map activity against peer groups and by resource type. Using data science, including machine learning, behavior modeling and risk the analytics platform, it also scores and ranks access and activity to identify anomalies.
Users can drill down into high risk activities to review the events and objects affected to see if it jibes with their recollection of what they did or if there is evidence of account hijacking.
It will also help, Clare said, if infosec pros eliminate dormant accounts, unneeded access by existing employees and weak passwords.
The self-audit portal is included in the latest version of GRA. To enable it an administrator only has to check off a box in the settings.
Based in Los Angeles, Gurucul sells direct to large enterprises and through select partners such as Accuvant in Canada.