Skip to content

Exabeam Introduces First Connected System for AI Agent Behavior Analytics and AI Security Posture Insight — Read More

Get a Demo

Exabeam Nova

Exabeam Nova is a feature of the New-Scale Security Operations Platform that provides a multi-agent capability to your security operations. These agents advise security operations teams and accelerate investigations with contextual insights, all without requiring additional tools or cost.

Request a Demo View Feature Brief

INTELLIGENT AUTOMATION

Automate Security Tasks with AI Agents

Exabeam Nova agents act as an extension of your security operations team by automating routine and strategic tasks. From generating case summaries to classifying threats, Exabeam Nova provides consistent, automated insights that improve your entire security operations workflow.

Threat Scoring Agent

Threat Scoring
Agent

Investigation Agent

Investigation Agent

Analyst Assistant Agent

Analyst Assistant
Agent

Search Agent

Search Agent

Visualization Agent

Visualization Agent

Advisor Agent

Advisor Agent

Learn About Each Agent

DEFEND AGAINST AI-DRIVEN THREATS

Strengthen Your Defenses

As adversaries use AI to create novel attacks, Exabeam Nova helps you defend against unknown threats. It applies the machine learning and behavioral rules in the New-Scale Platform to speed investigations, reduce false positives, and boost analyst productivity.

ENTERPRISE-GRADE SECURITY AND COMPLIANCE

Protect Your Data

Exabeam Nova ensures end-to-end data encryption and prevents cloud caching of investigation details. Customer data is never used to train AI models, which helps your organization stay compliant with industry regulations.

Machine-learned analytics

Meet the Exabeam Nova Agents

Investigation Agent

INVESTIGATION AGENT

Accelerate Threat Response

Agent to accelerate investigations

The Investigation Agent automates case summaries and analyzes threats, then suggests next steps. The agent classifies threats and identifies key vectors, which helps analysts quickly understand and prioritize them. It uses entity context from the platform to deliver a more targeted response. With Agent Behavior Analytics (ABA), you can also monitor agent activity to protect against potential misuse.

Advisor Agent

ADVISOR AGENT

Tune Strategy and Discover Gaps

Agent built for security leaders

The Advisor Agent provides security leaders with daily reports on compliance and security posture, mapping coverage across key use cases and the MITRE ATT&CK® framework. As part of Outcomes Navigator, it helps demonstrate the value of security tools and suggests improvements to maximize your security investment.

Search Agent

SEARCH AGENT

Make Advanced Queries Easy

Agent that powers search

The Search Agent lets analysts use natural language in multiple languages to run advanced searches. Queries are automatically translated into Exabeam Query Language (EQL) and mapped to the Common Information Model (CIM), making complex searches fast and accessible directly within Search.

Visualization Agent

VISUALIZATION AGENT

Agent for creating visualizations

The Visualization Agent converts natural language queries into charts and dashboards. From a simple metric to a full detection trend, this agent transforms raw data into clear visualizations of threat patterns and system performance.

Analyst Assistant Agent

ANALYST ASSISTANT AGENT

Investigate With Conversational Analysis

Agent for chat

The Analyst Assistant Agent is a real-time, context-aware chat companion that helps analysts investigate faster. It understands case-specific and general questions, providing relevant information instantly and reducing the time spent searching through data or documentation. 

Threat Scoring Agent

THREAT SCORING AGENT

Automate Triage With a Self-Learning Agent

Agent to automate threat scoring

The Threat Scoring agent uses machine learning to continuously analyze behavioral patterns and applies customizable business factors to pinpoint high-priority threats. This advanced risk scoring automates triage, reduces noise, and allows analysts to prioritize credible threats.

“What really sets Exabeam Nova apart is how seamlessly the AI agents work together, it’s like having a full team of experts working behind the scenes to keep us fast, focused, and aligned. Exabeam Nova isn’t just smart it is a game-changer for our SOC.”

  • ilionx

  • Joep Kremer

    Business Unit Director Cyber Security at ilionx

How can we help? Talk to an expert.

Contact Us

Frequently Asked Questions

How does Exabeam Nova work?

Exabeam Nova is built on a decade of Exabeam expertise in delivering high-quality data through the CIM, sophisticated parsing, and advanced machine learning. Exabeam Nova accesses this curated security data ingested by the Exabeam New-Scale Platform to:

  • Pull accurate, relevant data from multiple sources.
  • Process and contextualize this data to generate comprehensive investigation summaries.
  • Use built-in intelligence to autonomously conduct first-level investigations, reducing the need for human intervention.

Can customers use their native language for natural language processing (NLP) search queries?

Yes, NLP search supports most native languages spoken within the regions covered by our hosting countries, including some double-byte character sets.

Can you provide more information about Exabeam Nova security?

Exabeam Nova enhances security operations with AI capabilities by using Google Gemini large language models (LLMs) within Google Cloud Platform (GCP), where our New-Scale Analytics also operates. When Exabeam Nova is activated, it securely retrieves relevant data—such as threat detections, timelines, and related entities—from the New-Scale Platform. This data is structured into a comprehensive prompt and encrypted using standard SSL protocols before being sent to a pre-trained Gemini model for processing.

To maintain compliance and optimize performance, model processing occurs within the customer’s designated geographic region whenever possible. Exabeam uses pre-trained Gemini models, meaning customer data is never used for model training. The entire evaluation process occurs in memory and is ephemeral; data is never stored, cached, or retained after processing. Once the model generates a response, it is encrypted and immediately returned to New-Scale Analytics, ensuring no persistent data footprint within Gemini. Examples of Exabeam Nova in action include investigation and advisory summaries as well as the analyst assistant, both of which are available in Threat Center and Outcomes Navigator.

Learn More About Exabeam

Learn about the Exabeam platform and expand your knowledge of information security with our collection of white papers, podcasts, webinars, and more.

  • Exabeam Customer - Under Armour
  • Exabeam Customer - NTT Data
  • Exabeam Customer - Canadian Pacific Railway
  • Dayforce - Exabeam Customer
  • Exabeam Customer - AsahiKasei
  • NASA - Exabeam Customer
  • Exabeam Customer - Aeromexico
  • Exabeam Customer - MTA
  • Exabeam Customer - Enterprise Holdings
  • Exabeam Customer - Port of Antwerp
  • Exabeam Customer - Copa Airlines
  • Exabeam Customer - Summit Health
  • Exabeam Customer - MUFG
  • Exabeam Customer - City & County of San Francisco
  • Exabeam Customer - UMC of Southern Nevada
  • Exabeam Customer - Trinity Health
  • U.S. Air Force - Exabeam Customer
  • Bloomin Brands
  • MAIRE - Exabeam Customer
  • University of Colorado - Exabeam Customer
  • KIA
  • SiriusXM - Exabeam Customer
  • Bilstein - Exabeam Customer
  • CDON - Exabeam Customer
  • Ysleta ISD
  • Emanate Health
  • Covenant Health
  • Bealls
  • Altra FCU
Explore trusted 
customer stories >

See Exabeam in Action

Request more information or request a demo of the industry’s most powerful platforms for threat detection, investigation, and response (TDIR).

Learn more:

  • If self-hosted or cloud-native SIEM is right for you
  • How to ingest and monitor data at cloud scale
  • Why seeing abnormal user and device behavior is critical
  • How to automatically score and profile user activity
  • See the complete picture using incident timelines
  • Why playbooks help make the next right decision
  • Support compliance mandates

Award-Winning Leaders in Security

  • Cyber Security Excellence Awards 2025 - Winner
  • CRN Security 100 | 2025
  • Inc. 5000 | 2022
  • InfoSec Innovator Awards 2024
  • The Cyber Influencer of the Year | 2024
  • Google Cloud Partner of the Year 2024 Award