Check Out Exabeam Incident Responder | Exabeam

Check Out Exabeam Incident Responder

Published
February 10, 2017

Author
admin

One of the most common questions we heard when talking to potential customers about our UEBA product was “Okay, your system found something. Now what do I do?” It was eye-opening to see so many organizations that simply didn’t have response processes defined, and had limited tools to run those processes, anyway. This lack of incident response expertise drove the development of our recently-announced Exabeam Incident Responder product.

Incident Responder goes far beyond the automatic investigation timelines created in Exabeam UEBA. It comes with pre-defined playbooks for common incident types such as malware, phishing, and data exfiltration. These playbooks include actions that can automatically run (e.g. go get reputation data for this IP address) or guide a team member (reset this user’s password). As actions complete, they are displayed in cards, in a Pinterest-like canvas. Responders can share notes and actions with team members, as well.

A major goal with Incident Responder was to take the best practices currently performed by your “ninjas” and make those available to anyone, even your interns.

Recent Incident Response Articles

Turnkey Playbooks Now Available for Exabeam Customers

Read More

EDR vs EPP: What is the Difference?

Read More

Securing Your Remote Workforce, Part 3: How to Detect Malware in the Guise of Productivity Tools

Read More

Beat Cyber Threats with Security Automation

Read More

National Cybersecurity Awareness Month: Incident Response

Read More



Recent Information Security Articles

Calling all SOC Warriors: Announcing The 2021 Exabeam Cybersecurity Excellence Awards!

Read More

Helping Retailers Deliver a Secure Omnichannel Experience

Read More

Detecting the Exploitation of Pentesting Tools: Gaining Power Over PowerShell

Read More

Demystifying the SOC, Part 5: The New SOC Maturity Model based on Outcomes

Read More

Integrating Exabeam with Google Cloud IDS

Read More