Exabeam introduces New-Scale SIEM

Cybersecurity leader moves market beyond legacy SIEM platforms with unmatched cloud-scale security log management, powerful behavioural analytics, and automated investigation products.

  • 2 years ago Posted in

Exabeam has introduced what it says is a groundbreaking cloud-native portfolio of products that enables security teams everywhere to Detect the Undetectable™. New-Scale SIEM is a powerful combination of cloud-scale security log management, industry-leading behavioural analytics, and an automated investigation experience. Built on the cloud-native Exabeam Security Operations Platform, the New-Scale SIEM product portfolio gives worldwide security teams the greatest fighting chance at defeating adversaries with advanced threat detection, investigation, and response (TDIR). The new product portfolio is generally available (GA) today.

“Security operations teams have faced difficulty defending against complex threats and evolving adversarial behaviour because technology innovation has not kept up in the realm where big data meets cybersecurity,” said Michael DeCesare, CEO and President Exabeam. “Exabeam is known for having the best behavioural analytics product on the market — it’s why so many of the world’s largest organisations count on Exabeam every day to help stop adversaries, including the majority now utilising valid credentials. We are marrying behaviour analytics with the world's most modern, hyperscale, cloud-native data lake to ingest, parse, store, and search data in real time from anywhere. The SIEM industry has been ripe for evolution for some time and New-Scale SIEM represents that evolution.”

Unmatched Performance

Significantly more affordable than competitive offerings, the new Exabeam cloud-native product portfolio is built on an open platform that integrates with more than 500 different third-party products and includes nearly 8,000 pre-built parsers, greatly reducing onboarding, deployment, and run times. An industry-first, security teams can now search query responses across petabytes of hot, warm, and cold data in seconds. Organisations can now also process logs at sustained speeds of over one million events per second. 

“The Exabeam Security Operations Platform and portfolio of products are designed like no other on the market. We deliver the single solution security operations analysts can count on to conduct accelerated, thorough threat detection, investigation, and response (TDIR) with the most consistent and successful outcomes,” said Adam Geller, Chief Product Officer, Exabeam. “We provide security teams with a holistic picture of their environment –– data from core security products, IT infrastructure, and business applications joined with critical user and device context and timely threat intelligence data –– to detect what competitive SIEMs simply can’t. In addition to our industry-leading behavioural analytics, we’re proud to deliver world-class security log management and new modular SIEM solutions for organisations at all stages of their data growth and security journey.” 

Understanding Normal Behavior to Detect and Prioritise Anomalies

Organisations can use Exabeam to defend against the rising threat of external and internal attacks that in today’s world are more often than not leveraging compromised credentials. 

More than 750 behavioural models power 1,200 anomaly detection rules in Exabeam to baseline normal behaviour for every user and device. This is beyond anything a legacy SIEM can possibly create with correlation rules. For example, for an organisation with basic logging, 20,000 users, and 50,000 assets, Exabeam can dynamically build and update 50 million unique detection rules.

According to the 2022 Verizon DBIR, over 90% of breaches are rooted in compromised credentials. Whether it’s phishing, ransomware, malware, or other external threats, valid credentials have emerged as the adversaries’ primary target. This combined with explosive amounts of data demands a shift in investment from legacy on-premises, rule-based detections to cloud-native SIEM platforms that uniquely understand normal behaviour, even as normal keeps changing.

“It’s all about the credentials. Today’s announcement takes Exabeam, our customers, partners, and the SIEM market into an entirely new stratosphere,” said Ralph Pisani, President, Exabeam. “Detecting stolen or misused credentials –– and the abnormal behaviour that follows –– is not possible without understanding normal behaviour. If you don’t know normal behaviour for every single user and device in your environment, understanding abnormal behaviour in your organisation is a near impossible undertaking –– this is a fundamental capability that only Exabeam can deliver on at scale.”  

Whether replacing a legacy product with New-Scale SIEM, or complementing an ineffective third-party SIEM solution by adding the industry’s most powerful behavioural analytics and automation to it, Exabeam can help organisations achieve security operations success. 

Exabeam customers are moving to and experiencing the benefits of New-Scale SIEM. 

“Exabeam is our holistic security operations platform that provides and coordinates automated visibility, detection, analytics, investigation, and response across our key operating environments,” said Jerry Larsen, IT Security Manager, Patrick Industries. “We have several ERP systems that all need to be protected and Exabeam does the job better than any legacy SIEM we looked at –– we’re excited to be an Exabeam customer and part of their innovation machine.” 

"At NEC Australia, securing our data, users, devices and infrastructure are paramount to how we operate as a technology company. Having broad and accurate visibility of our IT environment as well as the ability to recognise what’s normal behaviour for our users and entities is key,” said Peter Fröchtenicht, National Service Manager – Security and Compliance, NEC Australia. “Deploying Exabeam’s SIEM has enabled our team to effectively prioritise security alerts, which has freed up time for our analysts to focus on other security tasks, whilst also having a greater understanding of our attack surface and how all our employees interact with our resources."

New Exabeam products include:

Exabeam Security Log Management - Cloud-scale security log management to ingest, parse, store, and search log data with powerful dashboarding and correlation.

Exabeam SIEM - Cloud-native SIEM at hyperscale with fast, modern search, and powerful correlation, reporting, dashboarding, and case management.

Exabeam Fusion - New-Scale SIEM™, powered by modern, scalable security log management, powerful behavioural analytics, and automated TDIR. 

Exabeam Security Analytics - Automated threat detection powered by user and entity behaviour analytics with correlation and threat intelligence.

Exabeam Security Investigation - TDIR powered by user and entity behaviour analytics, correlation rules, and threat intelligence, supported by alerting, incident management, automated triage, and response workflows.

Exabeam architected its new security operations platform and New-Scale SIEM product portfolio on Google Cloud (NASDAQ: GOOGL). 

“We are delighted that Exabeam has built its platform and portfolio of products on Google Cloud to help more companies securely leverage their data at cloud scale,” said Gerrit Kazmaier, Vice President and General Manager, Data Analytics and Business Intelligence at Google Cloud. “The combination of Exabeam cybersecurity products with Google's Data Cloud capabilities removes limits on security team productivity, storage, and speed to fully optimise security operations.”

Ransom attacks in the cloud are a perennially popular topic of discussion in the cloud security...
Talent and training partner, mthree, which supports major global tech, banking, and business...
Cloud-native organisations to gain full understanding over every identity in the cloud, secured...
MSSPs identify regulatory compliance as additional factor as organisations seek to shift...
Orange Business (Norway), a global leader in digital services, has selected ARMO’s advanced...
Gigamon and Exclusive Networks have expanded their existing distribution partnership, broadening...
Trustwave and Cybereason have announced a definitive merger agreement offering a comprehensive and...
FortiDLP’s unified approach to data protection enables enterprise organizations to anticipate and...