What’s New in Exabeam Product Development – July 2022

July continues our exciting movement toward new cloud-native features and capability improvements. It’s time to catch up on the activity and innovation from the Exabeam Engineering, UI, and Product Management departments. Here’s a short summary of the latest cool new updates:

Updated Site Collector

The new Exabeam Site Collector is built with a “no VPN” paradigm, and comes with a cloud-native management application creating a centralized, integrated experience for log data collection and monitoring. It is compatible with the existing SaaS delivery, and will be a foundation for new data processing applications in the future, such as a unified ingestion pipeline, Log Stream, future Common Information Model, etc.

This update includes:

• Cloud-native management user interface – now all installation, configuration, and management is available when you need it.  Health and telemetry data is also available.
• Splunk fetch – ensures scalable log fetch from Splunk SIEM without a required VPN. Supports linear scale patterns for connections requiring more than seven thousand events per second. 
• LDAP poll – delivers Windows AD context into Advanced Analytics or Data Lake without using a VPN tunnel. 

Note: Analytics integration requires system updates to AA-i62.3

Turnkey Playbooks for all Fusion customers

Use cases remain some of the best ways to decrease incident response times. Exabeam introduced Turnkey Playbooks as a path towards helping security teams get faster time to value from our SOAR solution. Turnkey Playbooks provide prepackaged services without requiring any configuration or investment in additional third-party products.  

When initially introduced, Turnkey Playbooks were only available for Fusion customers with an Incident Responder license. Now all new Fusion customers will automatically have access to this feature. Existing Fusion customers (Fusion XDR Core, Fusion XDR Enterprise, Fusion SIEM Core, and Fusion SIEM Enterprise) without an Incident Responder add-on SKU will also have access. This transition will take place as customers upgrade to DL i40.4 and AA i62.2. 

Education Updates

We have some exciting things happening in training to support SaaS to Exabeam Cloud Platform migrations! We have created eLearning to address key topics. Beginning in August we will also be hosting bi-weekly Training!

eLearning is available to all customers.

Future of Security Operations eLearning series:

• Get to Know Common Information Model (Parts 1 and 2)
• Introducing Exabeam Search
• Log Stream Fundamentals

MORE COMING SOON!

AA 62.3

We are excited to announce that Advanced Analytics (AA) i62.3 is now GA! This release contains integration feature enhancements and multiple performance enhancements requested.

Highlights: 

• Integration with the new Site Collector for EDS: With this integration, LDAP poll is supported without OpenVPN if the new Site Collector is in use.
• Multiple incremental performance improvements

Stay tuned and watch this space! We have an exciting set of August upgrades and improvements we’re looking forward to sharing with you!

Visit the Exabeam Community for webinars and announcements.