SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Asia
Guides
#
cloud security
#
cybersecurity
#
endpoint protection
#
firewall
#
ransomware
Search
Story image
#
DLP
#
EDR
#
Endpoint Protection
Cybereason and Exabeam fuse endpoint detection with SIEM
Tue, 21st Nov 2017
FYI, this story is more than a year old
Author image
By Sara Barker, Copywriter and Senior News Editor
Follow us

Cybersecurity analytics platform provider Cybereason has partnered with fellow security firm Exabeam to create an integration that will bring endpoint detection and response together with User and Entity Behavior Analytics (UEBA) and next-generation SIEM.

Cybereason, which has a presence in Tokyo, London, Tel Aviv and Boston, formed the strategic partnership with Exabeam to help analysts and security operations center (SOC) users improve threat detection and reduce incident response time.

According to Cybereason CEO and cofounder Lior Div, the company is ‘thrilled' to partner with Exabeam. The partnership will allow the company to integrate with SIEM, orchestration and automation tools.

“Furthermore, as we deepen our integration with Exabeam, we can empower our customers to use Cybereason's data platform not only to investigate Malops, but to bring in telemetry from uniquely identity-centric and log-based sources and provide new, rich context during real-time incidents and investigations,” Div continues.

According to Cybereason, the data shared between the Cybereason and Exabeam platforms will further enable analyst coordination and improve crucial exchange of ‘last mile' endpoint and deep user and entity behavioural information.

Exabeam CEO Nir Polak adds that Cybereason is an ‘ideal' partner for the company.

“Our joint customers now have the ability to ingest their valuable EDR and NGAV data into our Next-Gen SIEM for behavioral analysis. This holistic analysis combines Cybereason data with that of other security solutions to help customers detect complex threats. Additionally, Exabeam's security orchestration and response automation helps customers respond to threats via playbooks that can trigger responsive actions using Cybereason's EDR,” Polak explains.

The two companies will also leverage Cybereason findings with Exabeam-collated third party data from other security solutions including DLP, VPN and proxies.

They believe SOC users will get more value than they would with standalone solutions.

“Incident alerts triggered in Cybereason can be used by Exabeam as part of pre-built incident timelines which identify anomalous behavior, as well as trigger an incident response playbook that can perform corrective actions including quarantining the affected endpoint,” the company explains.

Earlier this month Cybereason revealed details of a ransom wiper that targeted some Japanese companies.

The wiper, called ‘Night of the Devil', used the bootkit MBR-ONI ransomware, which may have been modified to work as a wiper to cover up the attacks.

“The use of ransomware and/or wipers in targeted attacks is not a very common practice, but it is on the rise. We believe ‘The Night of the Devil' attack is part of a concerning global trend in which threat actors use ransomware/wipers in targeted attacks,” comments Cybereason director of advanced security services, Assaf Dahan.

The wiper is based on DiskCryptor, a genuine encryption utility.

Related stories
Spirent partners with online payments platform to boost cyber defenses
Keeper Security launches user-friendly passphrase generator
Cado Security teams up with Wiz to bolster cloud security solutions
SentinelOne launches AI security analyst Purple AI
Report finds 90% of cyber attacks in 2023 exploited RDP
Top stories
Fortinet recognised as Challenger in Gartner's 2024 Magic Quadrant for SSE
Coalition integrates cyber risk platform with top cloud services providers
i-PRO to support Genetec SaaS with new AI-enabled camera models
Illumio unveils AI enhancements for faster Zero Trust Segmentation adoption
RiverSafe teams up with Cribl to boost IT & data security services