The New-Scale Security Operations Platform is built on the Google Cloud Platform (GCP) which has a 99.5% uptime service level agreement (SLA). Uptime is further enhanced with application-level resiliency and redundancy. Lastly, Exabeam has a global team of cloud operations experts who monitor dozens of health signals around the clock to proactively detect and remediate concerns before they become issues. Customers can access their unique status page at any time to check the availability of Exabeam cloud-delivered services.
Exabeam New-Scale SIEM
New-Scale SIEM is a cloud-native SIEM that delivers fast, modern search, advanced correlation, and centralized case management. It combines cloud-scale log management with a unified workbench to improve threat, detection, investigation, and response (TDIR) efficiency.
Request a Demo Read the Data SheetHIGH-PERFORMANCE SEARCH
Search Terabytes of Data in Seconds
New-Scale SIEM features a single search interface that allows analysts to query data with incredible speed. Power users can build advanced queries while all team members can use natural language to run searches, create timelines, and create insightful visualizations.
- Use generative AI to power searches, dashboards, and timelines with natural language
- Support all analyst skill levels with intuitive, advanced query options
AI-POWERED AUTOMATION
Automate Tasks with Intelligent Agents
Exabeam Nova is an intelligent agent framework that automates both routine and strategic SOC tasks, from generating case summaries to classifying threats. It acts as a force multiplier for analysts, delivering consistent, AI-driven insights that scale across the security operations workflow.
- Reduce manual effort by offloading repetitive validation and documentation.
- Deliver faster, more consistent decisions to improve SOC efficiency.
OUTCOMES-FOCUSED SECURITY
Connect Security Work to Business Value
Outcomes Navigator maps ingested data directly to your security use cases and the MITRE ATT&CK® framework, giving you a clear view of your security coverage. It guides leaders toward measurable outcomes by highlighting gaps and recommending actions to strengthen posture.
- Translate technical coverage into business-ready metrics for executives.
- Identify and prioritize gaps so teams know where to focus investments.
CENTRALIZED TDIR WORKBENCH
Unify Threat Detection, Investigation, and Response
Threat Center centralizes alerts, cases, detections, and automation in a single workbench. It streamlines TDIR with alert prioritization and automated evidence collection, giving analysts a consistent and efficient way to manage cases from start to finish.
- Unify investigation workflows to reduce context switching.
- Accelerate response with automated evidence gathering and clear case tracking.
PLATFORM SERVICE AND HEALTH
Monitor Platform Health and Consumption
Engineers can quickly identify, diagnose, and remediate issues with New-Scale Platform services. Deep visibility into the platform helps isolate service or performance issues faster. This view also allows you to monitor daily consumption to control costs.
- Automatically detect of anomalies in ingestion or processing rates.
- Use forecasting tools to predict when scaling or cost adjustments are needed.
SIMPLIFIED LOG COLLECTION
Add a New Data Source in Minutes
Securely collect data from on-premises or cloud sources at scale through a single interface. A wizard makes it easy to create, deploy, and manage custom parsers from new or existing log source templates.
- Start with over 7,000 prebuilt log parsers.
- Use multiple transport methods, including API, agent, syslog, SIEM, and data lake.
COMMON INFORMATION MODEL
Standardize Data for Faster Analysis
A Common Information Model (CIM) normalizes data at ingestion, making security-relevant logs faster and easier to parse, store, and manage. The CIM enables rapid detection, response, visualization, and high-performance search.
- Transform raw data into organized, actionable security events.
- Reduce noise by standardizing event definitions across all sources.
THREAT INTELLIGENCE SERVICE
Improve Accuracy with Curated Threat Feeds
Available at no additional cost and refreshed every 24 hours, the Threat Intelligence Service ingests and scores commercial and open-source feeds. It uses machine learning to produce a highly accurate stream of indicators of compromise (IoCs).
- Lower false positives by scoring threat intelligence against historical context.
- Enrich detections by automatically linking IoCs with active cases.
CUSTOM REPORTING AND DASHBOARDS
Build Dashboards and Reports with Natural Language
Create and customize dashboards with 14 different chart types and schedule compliance reports for delivery. You can use natural language to quickly build custom reports and dashboards, helping you find value in your SIEM data without purchasing additional tools.
- Keep leadership informed with scheduled report delivery.
- Use interactive dashboards for ad-hoc exploration of SIEM data.
CUSTOM DETECTION ENGINEERING
Build Correlation Rules from Search
Turn your searches into powerful threat-hunting rules in one click. Write, test, publish, and monitor up to 1,000 custom correlation rules, and define higher criticality for rules that correspond to high-fidelity threat intelligence.
- Build rules from scratch, use a template, or save a search.
- Define events of interest and the conditions they must meet.
- Assign conditions and criticality to support the appropriate response.
FLEXIBLE AND ADAPTABLE DEPLOYMENT
Easy to Get Started
The modular, AI-driven New-Scale Security Operations Platform is delivered through three products: New-Scale Fusion, New-Scale SIEM, and New-Scale Analytics. The platform provides powerful, fully integrated log management, SIEM, UEBA, SOAR, and insider threat capabilities, plus compliance. With New-Scale, replace a SIEM or augment one with behavioral analytics and automation.
How can we help? Talk to an expert.
Contact UsFrequently Asked Questions
How does the vendor ensure availability of the SIEM solution?
Where is the solution delivered from, and where is my data stored?
New-Scale SIEM is cloud-native and is delivered from GCP. We leverage GCP to store data securely and leverage many of their availability centers across the globe. The exact location and country used in your deployment will be determined at the time of purchase as we continuously keep adding new locations. Customers may choose where their service is hosted from a list of available, global locations. We use every care to protect our customers’ data. As part of our commitment to making data private, each customer’s data is isolated and not visible to other tenants.
How is my data collected and transported?
We use a combination of Collectors, log forwarding, as well as log fetching options directly from other SIEMs like QRadar, Sentinel, or Splunk (on-prem or Splunk Cloud) using their APIs, to securely transport customer data to our cloud-hosted solution. Collectors are virtual machines running Exabeam software on your premises. They are secured behind your firewalls and use SSL to forward encrypted data to the New-Scale Platform. Collectors can also bring your data from public clouds such as AWS, Azure, and GCP and SaaS applications, including Microsoft Office 365 and Salesforce.
“Using Exabeam reminded me of how surprisingly fast the platform updates. There is an almost daily improvement on desired functions, and with Exabeam, it all keeps getting better.”
-
-
Keisuke Kawakami
Infrastructure System Division | MTI Ltd.
See Exabeam in Action
Request more information or request a demo of the industry’s most powerful platforms for threat detection, investigation, and response (TDIR).
Learn more:
- If self-hosted or cloud-native SIEM is right for you
- How to ingest and monitor data at cloud scale
- Why seeing abnormal user and device behavior is critical
- How to automatically score and profile user activity
- See the complete picture using incident timelines
- Why playbooks help make the next right decision
- Support compliance mandates
Award-Winning Leaders in Security
