What’s New in Exabeam Product Development – November 2022

October was an amazing month for us, with the public release of our five new product lines at Spotlight. If you missed it, you can go watch the videos on demand from that link.

But we didn’t stop there! Every month we’ll be releasing new content, features, and improvements — so now that it’s November it’s time to catch up on the activity and innovation from the Exabeam Engineering, UI, and Product Management departments. Here’s a short summary of the latest news and updates, and what we rolled out this month:

Collectors

Site Collector update: You can now deploy the Site Collectors on Red Hat Enterprise Linux 8 and 9.

Release Notes

Dashboards

A new pre-built Correlation Rules dashboard is now available. The Correlation Rules Management pre-built dashboard shows use case activity levels, what rules are being triggered and when, and what rules are triggered the least. Included in this dashboard:  

• Analyst sees a visualization showing correlation rule triggers in ascending order
• Analyst sees a visualization showing number of rules triggered over time 
• Analyst sees a visualization showing number of rules triggered per Exabeam Use case

Release Notes

Log Stream Updates

Updated default parser management: Log Stream now provides the ability for users to enable and disable default parsers at a vendor level.

Release Notes

Outcomes Navigator

Outcomes Navigator allows customers to understand the full value of what security outcomes are available and what their environment is configured to use. Customers often have an incomplete view of their coverage, in terms of how their coverage relates to their goals — and may have difficulty focusing on where and how to improve.

What Customers Can Expect

• Export an image of the Organizational Coverage and Recommendations tabs in reports and presentations to share with your team, leadership, and other stakeholders.
• The Coverage Over Time chart within the Organizational Coverage tab helps to understand trends in your ​Use Case Coverage Score​​. Scores are shown for each month for the last six months and learn why the score may have increased or decreased.
• Outcomes Navigator provides an interactive view for the Security Engineer and Security Leadership providing exploration of current Outcomes and Use Case coverage.
• Learn what Outcomes are available in their licensed product, e.g., dashboards, reports, and analytics rules
• Understand how prepared their Exabeam environment is to deliver on needed outcomes.
• Understand how specifically to improve usage.

Release Notes

Legacy Updates

Advanced Analytics i56.13 – updates documentation

• STIG v3r7 (Security Technical Implementation Guide) compliance-related changes
• On Premises – Updates and Bug Fixes

Data Lake i40.5

Fixed numerous small issues reported. Link to documentation here.

Alert and Case Management

Alert and Case Management centralizes alerts sourced from Exabeam detection engines and third-party security products. Analysts can review the latest alerts or search to focus on specific alerts of interest. Now, new search criteria within the drop-down query builder in Alert and Case Management allows analysts to quickly build a search for:

• Alerts assigned or not assigned to a case
• Alerts or cases that are read or unread
• Cases assigned to themselves

Release Notes

Correlation Rules

Correlation Rules offer an intuitive interface that builds on existing or new search queries to easily define outcomes. An analyst can correlate detections to automate and improve detection of known threats within the environment. Now, analysts can easily select and bulk delete any disabled correlation rules for better management of rules.

Release Notes

Compliance

We are excited to share that Exabeam has achieved two additional certifications: ISO 27017 and ISO 27018. ISO 27017 provides additional controls to address cloud-specific information security threats and risks. ISO 27018 establishes control objectives and guidelines for implementing measures to protect Personally Identifiable Information (PII) for public cloud computing environments.

Learn more at this week’s ISO blog.

Visit the Exabeam Community for webinars and announcements.