What’s New with New-Scale in October 2025: Measurable, Automated, Everywhere Security Operations

Security teams face growing pressure from every angle.  Global damages from cybercrime are projected to reach $1.5 trillion annually by the end of 2025, leaving CISOs focused on staying out of the headlines. Nearly 58% of CISOs say they struggle to explain cyber risk to the board in terms that make sense. Without clear and defensible metrics, leaders are left without the proof they need to show progress or ask for more investment.

Frontline analysts face a different problem. A typical enterprise SOC can see more than 5,000 alerts every day, with analysts spending almost three hours daily just triaging them. Sixty-seven percent of alerts go uninvestigated, and 83% turn out to be false positives. The result is fatigue, missed signals, and wasted effort.

Detection engineering is also stretched thin. SOC teams need fresh detection content to stay ahead, but converting rules across formats is slow and error-prone. Sigma, the open-source detection rule format, has become a community standard, yet most teams struggle to operationalize its vast library. Valuable content goes unused while attackers move faster.

Boards want evidence that investments are paying off. Analysts are overwhelmed by noise. Detection engineers are stuck with manual conversion tasks. The October 2025 Exabeam release addresses these challenges head-on. The latest updates to New-Scale Analytics and the New-Scale Security Operations Platform give SOCs more time, stronger metrics, and automation that reaches into every layer of the enterprise.

Measuring What Matters

How strong is your security program? Until now, many leaders have had to guess. Outcomes Navigator changes that by letting CISOs benchmark their security posture against Exabeam customers of similar size, industry, and region. With Nova Advisor Agent, leaders get defensible metrics they can use to brief the board, validate strategy, and guide smarter investment decisions.

How does it work? The new embedded benchmarking capability analyzes threat detection telemetry and configuration data to assess coverage across MITRE ATT&CK^® techniques and real-world use cases. It then compares performance against peer organizations to deliver continuously updated scores that reflect security operations maturity. This allows SOC teams to identify coverage gaps, prioritize where to improve detection coverage, and assist with assembling leadership-ready updates.

Risk Ratings With Business Context

Not every alert deserves the same level of attention. Analysts know this, but static scoring models don’t. Customizable Risk Ratings put analysts back in control. Detections can be tuned by assigning Low, Medium, High, or Critical importance, and the Exabeam Nova Risk Scoring Agent handles the rest. When a critical event fires, cases are created automatically. Analysts spend less time on noise and more time on what matters.

Convert Sigma content to New-Scale

Exabeam New-Scale is now available on Uncoder.io, a free open-source marketplace for detection and investigation engineering. Powered by artificial intelligence, Uncoder.io automates the conversion of Sigma and third-party SIEM rules into New-Scale rules and searches. This includes a comprehensive library of Sigma threat hunting content that can now be instantly translated into actionable New-Scale detections and hunts. With automated translation of rules and content, detection and hunting teams can work faster, cut manual effort, and scale their coverage with less strain.

Help Where You Need It

Learning a new platform or staying current with updates should not require jumping between portals and inboxes. The new Exabeam Customer Success Center is built directly into the product. Onboarding guides, training resources, announcements, and account team contacts are now one click away, making it easier to get value quickly and keep teams moving.

Automation Without Boundaries

Automation should not stop at the cloud perimeter. This release extends it further. New integrations include CrowdStrike, SentinelOne, PagerDuty, Active Directory, and Jira. A Community Marketplace with GitHub integration makes playbooks easier to share and deploy. With secure behind-the-firewall execution, automation also reaches segmented networks and on-prem systems.

….And There’s More

Not every feature is flashy, but small improvements add up. New certified cloud collectors bring in data from Dropbox, Snowflake, Salesforce, and more. Expanded support for Microsoft Entra ID simplifies credential management and strengthens identity security. Updated APIs give large enterprises and MSSPs more control over cost and integration. New detection content tracks the latest attack techniques, from ransomware to privilege escalation, all mapped to MITRE. Even updates like smarter log monitoring and global email notifications help SOC teams work faster and with more confidence.

A Platform That Works With You

This release is about more than adding features. It makes security operations more manageable, proactive, and effective. With benchmarking to guide strategy, risk ratings that cut through noise, automated conversion of community-driven content like Sigma, automation that extends everywhere, and investigations that move faster, Exabeam helps SOCs spend less time firefighting and more time proving real results.

In Case You Missed Them

In addition to all the powerful new features released today, several significant New-Scale Platform announcements were made in September.

Cribl and DataBahn – The partnership with Cribl and Databahn ensures that only high-fidelity logs that truly matter are filtered and prioritized, reducing noise for security teams. It also enables flexible routing of telemetry to multiple systems while supporting affordable long-term storage and historical search, preventing SIEM costs from spiraling out of control. Cribl full story. Databahn full story.

Google Cloud AI Agents – The partnership between Exabeam and Google extends security operations into the world of AI agents. Data from Agent Space, Model Armor, and Vertex AI/Agent Builder is now brought into the New-Scale Security Operations Platform, just like any other critical log source. What makes this powerful is Exabeam Nova’s behavioral analytics and risk scoring. We can now baseline what “normal” looks like for AI agents, then detect when they step out of line—whether that’s unusual data access, unexpected actions, or signs of compromise. Full story.