IT Brief New Zealand - Technology news for CIOs & IT decision-makers
New Zealand

Guides

#
artificial intelligence
#
digital transformation
#
disaster recovery
#
hybrid & remote work
#
internet of things

Search

Corporate office it professional monitoring security alerts on screen
#
Cloud Security
#
Advanced Persistent Threat Protection
#
SOC

Gurucul unveils AI platform to cut insider risk by over 50%

Fri, 19th Sep 2025
Author image
By Catherine Knowles, Journalist

Gurucul has launched its AI Insider Risk Management platform, aimed at providing organisations with expanded defence measures against insider threats while automating the detection and response process for potential security breaches.

The new product, designated as AI-IRM, incorporates advanced user and entity behaviour analytics (UEBA), identity analytics, intelligent data loss prevention (DLP), and automation tools to streamline security team operations. The platform introduces the AI-Insider Analyst, an agentic AI tool that is positioned to support unbiased risk scoring and direct response automation.

Insider risks are increasingly cited as a critical challenge for enterprise security teams. According to the 2024 Insider Threat Report from Cybersecurity Insiders, 83% of organisations experienced at least one insider attack over the past year. The rise of new threat types, such as non-human accounts and AI agents, is adding to the complexity of the landscape.

Legacy security tools have often operated in silos, producing high volumes of alerts that can overwhelm analysts and delay response. Gurucul's AI-IRM has been positioned as a response to these challenges, focusing on integrating risk information and automating tasks so resources can be concentrated where they are most needed.

Saryu Nayyar, CEO, Gurucul, says, "Gurucul empowers Insider Risk Management teams to move beyond fragmented point products with natively converged behavioral and identity-centric analytics, smart data protection, policy enforcement, and agentic AI that proactively surfaces and prevents real insider threats. Our AI-Insider Analyst transforms the insider threat detection and response workflows by automating alert triage and response with human collaboration. This enables organizations to leverage our expansive use case library, enabling Day 0 coverage so the existing analyst team can focus on the high-risk investigations and response actions."

The platform is designed to reduce insider risk by over 50%. This is achieved through AI-powered UEBA, identity analytics, and privileged access intelligence. Detection capabilities are enhanced by using advanced behavioural models and peer baselining, which unify user and system activity data from across on-premises and cloud sources.

AI-IRM is configured to accelerate triage and remediation processes, reportedly reducing analyst response times by up to 83%. Security teams are supported with automated alert enrichment and workflow tools that prioritise response to high-risk activities, while intelligent DLP features work to contain data loss in real time across various channels, including email, endpoint devices, and cloud services.

Additional functions include automated insider threat playbooks, compliance alignment with global regulations such as GDPR and HIPAA, and granular access controls through role-based access control (RBAC) and data masking.

AI-IRM is intended to provide "Day 0" protection, with out-of-the-box detection models and templates that support rapid deployment and customisation. Integration is flexible, supporting a range of data lakes and cloud platforms, enabling organisations to align deployments to their specific data management and security policies.

Nilesh Dherange, CTO, Gurucul, comments, "Much like humans, AI can develop biases over time. Creating a system that is transparent and can be trusted is non-negotiable. The benefit of a native AI-Insider Analyst is the cohesion it has, with 10+ years in developing insider risk machine learning detections. It's trained on contextualized data and is continuously trained from historical cases, feedback and keeping a human-in-the-loop validation process."

Key features of AI-IRM include a library of prebuilt pipelines, dashboards, detection models and reports, as well as extensive use case support for a range of threat types, including human insiders, digital identities, AI agents, and state-sponsored activity. The inclusion of SME AI Copilot provides automated incident narratives to aid rapid investigation and incident response.

The platform also includes a 360-degree timeline view for deep contextual investigation, natural language search for security threat hunting, and a built-in studio for the development of custom detections.

Other options enable agentless or agent-based deployment, device location identification without dependency on IP addresses, and linkages to external threat intelligence feeds and industry frameworks.

The release of AI-IRM is part of Gurucul's stated shift towards more transparent and autonomous insider risk management, reflecting the increased necessity for cohesive, scalable, and auditable solutions for enterprise defence teams operating with finite resources and increasing compliance demands.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X
Related stories
AI & phishing attacks highlight human risk in Australian fraud
Prezzee names Edwin Ter Wijlen Chief AI Officer for global growth
New Relic named leader in Gartner's 2025 Magic Quadrant for DEM
Synology unveils PAS7700 NVMe storage to meet AI data surge
Exclusive: Granicus' Alex Gelbak on 'making the invisible visible'

Top stories

Kate Driver rejoins DLA Piper to boost Auckland funds practice
CNCF launches new certification for cloud native engineers
CNCF brings AI discipline to Kubernetes deployments
McKinsey report shows AI interest but slow scaling
Enterprises to focus AI spend on cost savings & data control