SecurityBrief Asia - Technology news for CISOs & cybersecurity decision-makers
Story image
Exabeam introduces cloud-native portfolio of New-Scale SIEM
Tue, 18th Oct 2022
FYI, this story is more than a year old

Exabeam, a global cybersecurity firm and creator of new-scale SIEM for advancing security operations, has announced a cloud-native portfolio of products that enables security teams everywhere to detect the undetectable. 

New-Scale SIEM is a powerful combination of cloud-scale security log management, industry-leading behavioural analytics, and an automated investigation experience. 

Built on the cloud-native Exabeam Security Operations Platform, the New-Scale SIEM product portfolio gives worldwide security teams the most excellent fighting chance at defeating adversaries with advanced threat detection, investigation, and response (TDIR). The new product portfolio is generally available now.

“Security operations teams have faced difficulty defending against complex threats and evolving adversarial behaviour because technological innovation has not kept up in the realm where big data meets cybersecurity," says Michael DeCesare, CEO and President, Exabeam. 

“Exabeam is known for having the best behavioural analytics product on the market. That’s why so many of the world's largest organisations count on Exabeam every day to help stop adversaries, including the majority now utilising valid credentials. We are marrying behaviour analytics with the world's most modern, hyperscale, cloud-native data lake to ingest, parse, store, and search data in real time from anywhere. The SIEM industry has been ripe for evolution for some time and New-Scale SIEM represents that evolution."

Significantly more affordable than competitive offerings, the new Exabeam cloud-native product portfolio is built on an open platform that integrates with more than 500 different third-party products. In addition, it includes nearly 8,000 pre-built parsers, significantly reducing onboarding, deployment, and run times. 

An industry-first feature, security teams can now search query responses across petabytes of hot, warm, and cold data in seconds. Organisations can now also process logs at sustained speeds of over one million events per second.

“The Exabeam Security Operations Platform and portfolio of products are designed like no other on the market. We deliver the single solution security operations analysts can count on to conduct accelerated, thorough TDIR with the most consistent and successful outcomes,” says Adam Geller, Chief Product Officer, Exabeam. 

“We provide security teams with a holistic picture of their environment. We collect data from core security products, IT infrastructure, and business applications, and join it with critical user and device context and timely threat intelligence data. That’s why we detect what competitive SIEMs simply can’t. In addition to our industry-leading behavioural analytics, we’re proud to deliver world-class security log management and new modular SIEM solutions for organisations at all stages of their data growth and security journey.”

Organisations can use Exabeam to defend against the rising threat of external and internal attacks, which in today's world are more often than not leveraging compromised credentials.

More than 750 behavioural models power 1,200 anomaly detection rules in Exabeam to baseline normal behaviour for every user and device. 

This feature is beyond anything a legacy SIEM can create with correlation rules. For example, for an organisation with basic logging, 20,000 users, and 50,000 assets, Exabeam can dynamically build and update 50 million unique detection rules.

According to the 2022 Verizon DBIR, over 90% of breaches are rooted in compromised credentials. Whether phishing, ransomware, malware or other external threats, valid credentials have emerged as the adversaries' primary target. This, combined with explosive amounts of data, demands a shift in investment from legacy on-premises, rule-based detections to cloud-native SIEM platforms that uniquely understand normal behaviour, even as normal keeps changing.

“It’s all about the credentials. This announcement takes Exabeam, our customers, partners, and the SIEM market into an entirely new stratosphere,” says Ralph Pisani, President, Exabeam. 

“Detecting stolen or misused credentials is not possible without understanding normal behaviour. If you don’t know normal behaviour for every single user and device in your environment, understanding abnormal behaviour in your organisation is a near impossible undertaking. This is a fundamental capability that only Exabeam can deliver on at scale.”

Whether replacing a legacy product with New-Scale SIEM or complementing an ineffective third-party SIEM solution by adding the industry's most powerful behavioural analytics and automation, Exabeam can help organisations achieve security operations success.

“Exabeam is our holistic security operations platform that provides and coordinates automated visibility, detection, analytics, investigation, and response across our key operating environments,” notes Jerry Larsen, IT Security Manager, Patrick Industries. 

“We have several ERP systems that all need to be protected and Exabeam does the job better than any legacy SIEM we looked at. We’re excited to be an Exabeam customer and part of their innovation machine.”

“At NEC Australia, securing our data, users, devices and infrastructure are paramount to how we operate as a technology company. Having broad and accurate visibility of our IT environment as well as the ability to recognise what’s normal behaviour for our users and entities is key,” says Peter Fröchtenicht, National Service Manager, Security and Compliance, NEC Australia. 

“Deploying Exabeam's SIEM has enabled our team to effectively prioritise security alerts, which has freed up time for our analysts to focus on other security tasks. This has also helped them in having a greater understanding of our attack surface and how all our employees interact with our resources."

New Exabeam products include the Exabeam Security Log Management. It is a cloud-scale security log management to ingest, parse, store, and search log data with powerful dashboarding and correlation.

Another is Exabeam SIEM. It is a hyper-scale cloud-native SIEM with fast, modern search and powerful correlation, reporting, dashboarding, and case management.

The third is called the Exabeam Fusion - New-Scale SIEM. It is powered by modern, scalable security log management, powerful behavioural analytics, and automated TDIR.

Fourth is Exabeam Security Analytics. It is an automated threat detection powered by user and entity behaviour analytics with correlation and threat intelligence.

The Final is the Exabeam Security Investigation – TDIR. It is powered by user and entity behaviour analytics, correlation rules, and threat intelligence, supported by alerting, incident management, automated triage, and response workflows.

Exabeam architected its new security operations platform and New-Scale SIEM product portfolio on Google Cloud.

“We are delighted that Exabeam has built its platform and portfolio of products on Google Cloud to help more companies securely leverage their data at cloud scale,” says Gerrit Kazmaier, Vice President and General Manager, Data Analytics and Business Intelligence at Google Cloud. 

“The combination of Exabeam cybersecurity products with Google's Data Cloud capabilities removes limits on security team productivity, storage, and speed to fully optimise security operations."