Exabeam Releases Enhanced SIEM Platform Built for the Cloud and New Threats
Missed a MetaBeat 2022 session? Head to the library on demand to see all of our featured sessions here.
Looking to move away from legacy SIEMs, cybersecurity company test today announced a portfolio of cloud-native products designed to enable security teams to “detect the undetectable.”
New-Scale SIEM is built on the cloud-native Exabeam security operations platform and combines cloud-scale security log management, behavioral analytics, and an automated investigation experience, according to the company.
“Security operations teams fail due to the limitations of legacy SIEM,” Exabeam CEO Michael DeCesare told VentureBeat. “The lack of innovation in the market related to data growth, attack sophistication, and the shift to the cloud have created a gap in the effectiveness of SIEM.”
Legacy tools don’t provide a complete picture of a threat, he said. “They bury analysts with alerts and force slow, ineffective, manual investigations.”
events
Summit Low-Code/No-Code
Join today’s top executives at the Low-Code/No-Code Summit virtually on November 9. Sign up today to get your free pass.
register here
Meanwhile, Secops teams are overwhelmed with data and elements of what data to collect, DeCesare added.
At the same time, attacks are becoming increasingly sophisticated and difficult to detect, and credential-based attacks are multiplying.
More data sources to scale the response
The goal of Exabeam’s new-scale SIEM platform is to enable secops teams to manage more data sources and higher volumes in a cloud-native architecture, DeCesare said. “It’s about scaling response to focus on risk-based priorities, scaling investigations with automation, scaling detection with behavioral analytics intelligence across billions of access points, scaling operations and people to elevate talent and scale budgets with cloud-based economics.”
Exabeam products are designed to support a variety of transport methods including APIs, agents, syslog, and log aggregators such as SIEM or log management products, meaning there is no need to replace an existing SIEM; Exabeam can be added on top, she said.
Exabeam developed and maintains a Common Information Model (CIM) “that adds security context and speeds up the ingestion of raw logs for event creation, resulting in seamless security event creation, search, dashboarding, and faster new scanners,” DeCesare said. .
SIEM with behavioral models to detect anomalies
More than 750 behavioral models drive 1,200 anomaly detection rules in Exabeam to establish baseline normal behavior for every user and device, something legacy SIEMs can’t do, the company said. For example, for an organization with basic registration, 20,000 users, and 50,000 assets, Exabeam is designed to dynamically create and update 50 million unique detection rules.
New-Scale SIEM also aims to give security teams a holistic picture of their environments: data from core security products, IT infrastructure, cloud applications, and business and infrastructure applications, along with critical user context. and Timely Threat Intelligence Devices and Data, Exabeam. said.
“Exabeam is our holistic security operations platform that provides and coordinates automated visibility, detection, analysis, investigation and response across our key operating environments,” said Jerry Larsen, IT security manager at Patrick Industries. “We have multiple ERP systems that need protection and Exabeam does the job better than any legacy SIEM we’ve seen.”
Exabeam’s new security operations platform is built on Google Cloud. The new portfolio created on the platform includes:
- Exabeam Security Log Management — Cloud-scale log management to ingest, analyze, store, and search log data with dashboards and correlation.
- Examine SIEM — Hyperscale cloud-native SIEM with fast, modern search and correlation, reporting, dashboards, and case management.
- Exabeam Fusion — New-scale SIEM, with modern and scalable security log management technology, behavioral analytics, and automatic threat detection and incident response (TDIR).
- Exabeam Security Scan — Automated threat detection driven by correlated user and entity behavior analytics and threat intelligence.
- Exabeam Security Research — TDIR powered by user and entity behavior analytics, correlation rules, and threat intelligence, supported by alerts, incident management, automated classification, and response workflows.
New-scale SIEM pricing “is linear, with no workload constraints or surprises, allowing security leaders to budget more predictably as data volumes increase and business needs change,” DeCesare said. .
The new product portfolio is now generally available.
The VentureBeat Mission is to be a digital public square for technical decision makers to gain insights into technology and transformative business transactions. Discover our informative sessions.