Gutsy Gives Enterprises Deep Visibility Into Security Using Process Mining | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #ransomware

As organizations continue to build out their security infrastructure, it becomes difficult to know whether they’re getting good value, and more important, whether they’re leaving holes in their security approach. Gutsy, promises to answer these questions by applying data science, AI and a technique called process mining to cybersecurity effectiveness measurement and governance.

The current practice is that organizations manually log and aggregate data, leading to human biases and errors. Gutsy tackles this problem by enabling CISOs to quantify, know and show the service level agreements before, and most critically after, security investments. The results give CISOs a level of measurement for ROI, governance and audit compliance they previously never achieved.

“The concept of process mining is actually pretty simple,” explains Ben Bernstein, co-founder and CEO of Gutsy. “If you can collect all the relevant events from all the systems involved in a process you can normalize and correlate this data and represent it as a series of steps that deliver an outcome. Of course, doing this accurately and at scale requires advanced software, including AI capabilities, as well as deep domain knowledge of the business needs the processes serve.” The foundation of Gutsy’s technological approach is process mining, being used for the first time in cybersecurity.

Gutsy is designed to automatically observe every execution of a monitored process, and develop a comprehensive, data-driven view of each individual step. The results are presented in a dashboard that enables security teams to see any anomalies, malfunctions or underperforming tools in their stack.

This helps CISOs measure performance by clearly showing the efficiency and consistency of their existing security processes and tools, and identify delays and inefficiencies within each process. In addition, Gutsy delivers analysis of comparative capabilities of processes and tools over time as well as comparison to industry standards and best practices. For example, Gutsy can show a CISO a data-derived view of how their vulnerability management process is working in one dashboard pane, with another pane depicting how NIST SP 800-400 recommends it should work, to see where their process differs from these best practices.

Improving Governance


Click Here For The Original Source.

National Cyber Security