New-Scale SIEM™: Where Big Data Meets Cybersecurity

Today, Exabeam introduces New-Scale SIEM™ to evolve the SIEM market towards more powerful cloud-native hyperscale data and security analytics technology with greater performance and significant cost efficiencies. 

Exabeam is known for having the best behavioral analytics capabilities on the market — it’s why so many of the world’s largest organizations count on us every day to help stop adversaries. We offer advanced automation of threat detection, investigation, and response (TDIR) to identify intrusions other SIEMs can’t. Today, we marry our behavioral analytics and TDIR automation with the world’s most modern, hyperscale, cloud-native data lake to cost-effectively ingest, parse, store, and search data (hot, warm, and cold) in real time from anywhere. 

What exactly is New-Scale SIEM?

New-Scale SIEM includes three essential technology components that every customer in cybersecurity should demand from their SIEM vendors. First, you have to be able to rapidly ingest, parse, store and search data at lightning speed. Next, you need a behavioral analytics product that can baseline “normal” behavior of users and devices, so that you can detect, prioritize, and respond to anomalies based on risk. And lastly, you need an end-to-end automated investigation experience to ensure you have a complete picture of threats across your environment. 

Let’s look at each critical component of New-Scale SIEM even more closely. 

New-Scale SIEM demands a cloud-native hyperscale data lake that significantly cuts costs, makes SOC life easier.

The first tenet of a New-Scale SIEM is that it’s built from the ground up on cloud-native multi-tenant technology that leverages microservices that only a hyperscale cloud offers. These architectural advancements ensure that the system has significantly more scale then legacy SIEMs, which is critical as the volume of cyber data is exploding.  

New-Scale SIEM requires pre-built collectors and parsers that will allow you to ingest data from anywhere (cloud or on-premises) and normalize it so that it can be used by cybersecurity teams more efficiently.  

And lastly it requires all data (hot, warm or cold) can be stored inexpensively and is always available to search at lightning-fast speeds regardless of time periods or data volume. 

New-Scale SIEM must include powerful behavioral analytics to conduct granular detections.

The second tenet of New-Scale SIEM is powerful behavioral analytics. It is amazing that after 10+ years, legacy SIEMs are still using basic search, correlation rules and security orchestration, automation, and response (SOAR) to try to detect and respond to threats. New-Scale SIEM must have fully integrated behavioral analytics so that you can baseline normal and be much more granular in threat detection. 

New-Scale SIEM requires powerful machine learning to understand normal behavior and make sense of all the data coming from all the heterogeneous products being used by every single user and device in your environment. 

According to the 2022 Verizon DBIR more than 93% of current breaches involve compromised credentials. It will take the user and entity behavior analytics (UEBA) approach of New-Scale SIEM to detect and stop the adversaries when they break in with known credentials.

New-Scale SIEM requires an automated investigation experience to accelerate TDIR. 

The third and equally critical component to New-Scale SIEM is automation — it accelerates TDIR, simplifies complex work, and greatly empowers even the nimblest of SOC analyst teams. New-Scale SIEM automates the investigation experience across the TDIR workflow from end to end. 

SOC analysts need to be able to quickly see and act on meaningful alerts with automated case enrichment and relevant context, followed by scripted response actions; that’s what New-Scale SIEM gives them. It scales security operations and frees up SOC teams to focus on more meaningful work. The Exabeam approach recaptures two-thirds of an analyst’s time on detection, triage, and investigation, according to a Ponemon study. 

New-Scale SIEM is here at long last. It’s a new phase for the SIEM market, and a new day for Exabeam, our customers, and our partners. 

It’s also a new day for adversaries. No more hiding, we see you.