Skip to main content


How Union Bank Gets the Most from Its Data Loss Prevention Solution

When you’re a major player in a highly-regulated industry, it becomes even more important to ensure safeguards against data exfiltration to protect your customers and your business. The question becomes, “How do you scale your data loss prevention (DLP) operations when you’re handling a huge volume of daily transactions and thousands of potential security incidents?” This post helps you understand the limits of commonly used solutions, as well as how to use Exabeam to improve[…]


On True Positives and Security Incidents

The Potential POS Breach Exabeam recently discovered unusual behavior at one of our retail customers. On some of the most sensitive point of sale (POS) devices, a local account was added to a privileged active directory group. Some of the audit functionalities on these machines were then disabled and a few minutes later the account was removed from the privileged group and the audit functionalities were reactivated. This was happening on hundreds of POSs at[…]


The World Has Changed; Shouldn’t Your Security Change, Too?

From day one, Exabeam had a vision for something better than today’s SIEM solutions. We felt these products were fundamentally broken: SIEM log management was built on old, proprietary technology and was (over)priced by the byte; SIEM correlation rules were a mess and ineffective, and they caused more work for analysts than they eliminated. SIEM was broken and the opportunity to make something massively better was clear. Our first step was to win the UEBA[…]

Topics: CUSTOMERS, data science, SECURITY

Calculating Security ROI, or "Halloween’s Over, So Why is my Vendor Trying to Scare Me?"

Certain technology categories lend themselves well to ROI analysis. Want to replace your old storage array with a new flash array, or your old backup technology with something new? It’s probably not too difficult to work out the payback numbers. Security, on the other hand, has been more resistant to clear ROI analysis. Vendors either give out scary per-company breach averages from Ponemon, or build some other detection-based cost-benefit number. Over time, CISOs and their[…]


Beyond Detection and Response: Hidden Benefits of Exabeam

When I ask our prospective customers why they are interested in UBA and Exabeam specifically, most have a common answer; they are looking to cash in on the promise of deriving usable intelligence out of the vast amounts of data they have spent time and money collecting. Organizations want increased visibility into the activities of users on their network to detect modern attacks and respond quickly. Solving these problems is at the center of what[…]

Topics: benefits, CUSTOMERS

It's Not Always the Hackers...

20 years ago, I was working the graveyard shift as a policeman on the south side of Chicago. Part of the area I patrolled included one of the largest railroad freight yards in the U.S.  Occasionally, we would get calls to assist the railroad police.  On this particular day we received a call to assist with a “theft in progress”. Upon arrival at the railyard, we found a freight train with 50+ rail cars stopped[…]


Exabeam as a Service?

As an independent software vendor, Exabeam is focused on building the best security intelligence platform in the world. Whether a customer buys a physical or virtual appliance from us, we are completely focused on building and delivering the best product for understanding user behavior and detecting and responding to threats. However, some organizations are looking for a broader solution for their security operations centers (SOCs), and they ask if Exabeam can be purchased as a[…]


Security Issues : Agencies Are From Venus -- Legislators Are From Mars

About two weeks ago I had the privilege of briefing legislative staff members in Washington DC on a variety of cyber security issues. I met with staffs from the offices of three senators and one congressional office. Some of the meetings were one-on-one and others were in a group setting. I went as part of group of cyber security experts lead by the Institute for Critical Infrastructure Technology (ICIT). Their goal is to bridge the[…]


Challenges Of Building A Security Data Science Practice

A security executive recently reflected with me on his experience in building the security analytics practice in his enterprise. They have come a long way, having hired a couple of data scientists and setup the requisite Big Data infrastructure.  While some lessons are learned, some challenges remain.  As a data scientist who loves to get his hands dirty with data, I believe there are clear benefits to building data science models to target emerging use[…]


The Cyber Security Personnel Shortage, Identity Theft & Fraud at the IRS

Question: What do a wave of baby boomer retirements and a trend toward outsourcing have in common? Answer: The inability of state and local governments to fill cyber security jobs and increased risk of data theft. It’s clear that years of wage and hiring freezes have made retirement or a move to the private sector an easy choice for cyber security pros in the public sector. From a recent article titled, States struggle to hire[…]