Skip to main content

Get A Demo

Why is Critical Infrastructure So Vulnerable to Insider Threats?

Posted by on
Why is Critical Infrastructure so Vulnerable to Insider Threats?

A recent article in the Washington Post “Russia has developed a cyberweapon that can disrupt power grids, according to new research” came as a real reminder of the constant risk critical infrastructure operators face. The malware, which researchers have dubbed CrashOverride, is known to have disrupted only one energy system in Ukraine but could be deployed against U.S. electric transmission and distribution systems. The consequences of insider threats to critical infrastructure operators are much greater[…]

Read more

Topics: SECURITY

5 Aspects to Consider When Evaluating SIEM Solutions

Posted by on
Considering SIEM Solutions

The SIEM category is quite mature; all Magic-Quadrant-Leader products are more than a decade old. In fact, the youngest product is 14 years old. When these products were in their prime, design requirements were different: an enterprise-class product might be expected to store 50 TB of logs; correlation rules were considered a major advance over signatures for detection; searches were judged on speed and it was acceptable to require complex search syntax; finally, the hard[…]

Read more

Topics: SIEM

Check Out Exabeam Incident Responder

Posted by on

One of the most common questions we heard when talking to potential customers about our UEBA product was “Okay, your system found something. Now what do I do?” It was eye-opening to see so many organizations that simply didn’t have response processes defined, and had limited tools to run those processes, anyway. This lack of incident response expertise drove the development of our recently-announced Exabeam Incident Responder product. Incident Responder goes far beyond the automatic[…]

Read more

Topics: SECURITY

McAfee Labs Report Finds 93 Percent of Security Operations Center Managers Overwhelmed by Alerts and Unable to Triage Potential Threats

Posted by on

This is a very interesting report from our partner, Intel Security/McAfee. Some interesting bits: Enterprise security operations center survey found 93 percent of respondents acknowledged being unable to triage all potential cyber threats. On average, organizations are unable to sufficiently investigate 25 percent of security alerts. 67 percent of respondents reported an increase in security incidents. 26 percent acknowledge operating in a reactive mode despite having a plan for a proactive security operation. New ransomware[…]

Read more

Topics: SECURITY

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

Posted by on

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]

Read more

Topics: CUSTOMERS, SECURITY, TIPS AND TRICKS, Uncategorized

UEBA: When "E" Doesn't Stand for "Easy"

Posted by on

Three-letter acronyms are easy to remember and pronounce – adding more letters usually just adds friction. When Gartner renamed the User Behavior Analytics market from UBA to UEBA (i.e. User and Entity BA), it made the term more clunky but even more relevant. Most organizations understand the threat posed by user insiders, whether malicious or compromised. However, many don’t yet see the risks from “insider” machines, or as Gartner calls them, entities. While we are[…]

Read more

Topics: data science, ransomware, SECURITY

Finding a Security Unicorn

Posted by on

A recent post on securityintelligence.com is unlikely to surprise anyone who’s been paying attention to the cybersecurity job market. According to a new Cybersecurity Ventures report, the unemployment rate for cybersecurity jobs is currently zero. On average, there are two open jobs available for every candidate, with over 1 million open IT security positions. Companies are making it worse by trying to hire security unicorns: analysts with skillsets so broad that no person has them[…]

Read more

Topics: SECURITY, Uncategorized

Introducing Exabeam Threat Hunter

Posted by on

Today we announced the availability of Exabeam Threat Hunter, a new product that raises the bar for the UBA market. While UBA is focused on using data science to notify an analyst about users who deserve attention, Threat Hunter completes the picture by giving an analyst the ability to query, pivot, and drill down into user sessions that match any combination of attributes and activities. In short, if UBA is about the machine telling the analyst[…]

Read more

Topics: data science, SECURITY

Exabeam as a Service?

Posted by on

As an independent software vendor, Exabeam is focused on building the best security intelligence platform in the world. Whether a customer buys a physical or virtual appliance from us, we are completely focused on building and delivering the best product for understanding user behavior and detecting and responding to threats. However, some organizations are looking for a broader solution for their security operations centers (SOCs), and they ask if Exabeam can be purchased as a[…]

Read more

Topics: CUSTOMERS

It's Better to See in 3D: Announcing the 3D Technology Partner Program

Posted by on

One of the strengths of Exabeam is how quickly customers are able to see value after racking the appliance. We’ve found that it’s possible to get very strong signals of stolen credentials and insider threats using very common access data, such as the VPN and domain controller logs the customers already collect. The availability of this data and the elegance of our UI gets you to value very quickly. After this stage, many customers begin[…]

Read more

Topics: SECURITY

Subscribe to Blog via Email

2017