Gutsy debuts with data-driven security governance tool

Gutsy, a startup focusing on security governance tools, is making its debut with its flagship, namesake application, designed to apply process mining to provide data-driven visibility into an organization's teams, tools, and processes and how they work together.

Gutsy’s flagship offering is aimed at helping organizations properly operationalize their security tools to protect from process failures leading to security incidents.

"Customers often tell us they have 80 or 100 different security tools, but they consider less than half of them to be well operationalized, so they struggle to get the outcomes they need," said Ben Bernstein, CEO and co-founder of Gutsy. "That's because security is more than just tools; it's people, process, and technology."

Gutsy also announced securing $51 million in seed funds from a clutch of cybersecurity executives and founders.

For Gutsy, security is process-centric

Gutsy works on the principle that security is process-centric rather than just a group of settings. The whole idea is to look closely at the set of processes that the security tools and other environments must work on in order to fish out anomalies.

"Think about vulnerability management, you might have a bunch of different tools that help you detect vulnerabilities," said John Morello, co-founder of Gutsy. "But none of those tools are actually going to fix the vulnerability point, you have to create a ticket and assign that to some other team using some different software to deploy some other update to something else, to get the outcome we want, which is to remediate the vulnerability."

Gutsy simplifies this by making use of all the security tools across the entire span of coverage they have and listening in to their communications over a period to understand what actions or settings led to the vulnerability and how best to resolve them, Morello explained.

Gutsy beta has three modules

Gutsy is an agent-less, SaaS offering currently under limited availability. The offering comes with three beta modules including identity management, incident response, and vulnerability management, with plans for further addition.

The platform promises integration with a broad range of tools from cloud providers to HR systems, vulnerability management tools, ticketing systems, EDR platforms, and more.

"True cloud transformation requires operational transformation," said Nancy Wang, former director of engineering, Amazon Web Services. "You can't safely operate at cloud scale and speed without a new way to do security governance. Gutsy's innovative, software-driven approach to helping security organizations visualize, gain semantic awareness, and optimize security operations enables organizations to maintain ongoing security governance at cloud scale."

Gutsy claims several use cases for its new offering, including audit simplification, driving strategic decisions, and improving security tools outcomes with its data-driven process mining approach.