15 InfoSec Resources You Might Have Missed in November
At Exabeam, we seek to provide security professionals with educational, useful content on threat detection, investigation, and response (TDIR) topics. In November, we created several resources for you. In case you missed them, here are 15 of our most recent pieces geared toward helping you along your security operations journey. Whether you’re a CISO or a security practitioner, there is something on this list for you.
In this post:
- Resources for CISOs
- A deep dive into user and entity behavior analytics (UEBA)
- Learn more about New-Scale SIEM™
- Exabeam company news
Resources for CISOs
1. A CISO’s Guide to Adversary Alignment | White Paper
“Are we secure?” Executives and board members always want the answer to be “yes,” but CISOs know it’s irresponsible to make such a blanket statement. An adversary could be any potential threat — whether external or internal, intentional or unintentional. So, the question CISOs should be answering is: “Are we adversary-aligned?” Download this white paper to learn how your people, processes, and tools can be adversary-aligned, and the benefits of doing so.
History has shown that downsizing increases the organizational risk companies face from impacted employees and the data and IP they have access to. CISOs need to educate their organizations on the risk of insider threats all the way to the board level to get buy-in for the programs and necessary budget to address these threats. In this article, we discuss the challenge of detecting insider threats, how Exabeam helps triage, detect, investigate, and resolve insider threats, data leak activity to watch for, and the benefits of using Exabeam for insider threats.
3. The New CISO Ep. 78: “Bridging the Effectiveness Gap: A CISO’s Perspective on New-Scale SIEM” | Podcast
In this episode of The New CISO, Steve is joined by Tyler Farrar, the CISO at Exabeam. With malware-free attacks becoming increasingly common, Tyler understands the best ways to bridge the effectiveness gap. With this in mind, he shares his SOC philosophy and the importance of threat detection. Listen to the episode to learn more about the act of prevention, the pillars of a security information and event management (SIEM) product, and why attackers gravitate toward credential techniques.
In this episode of The New CISO, Steve is joined by Demetrios “Laz” Lazarikos, three-time CISO and Co-founder of Blue Lava Security. A naturally curious child, Laz became interested in technology early, prompting his life-long love of learning. Today, he shares how different lessons from childhood and the airforce led to his fulfilling CISO career. Listen to the episode to learn more about Laz’s fascinating cybersecurity journey, the influence of his family, and how to become a more effective mentor.
A deep dive into user and entity behavior analytics (UEBA)
Why do we bother with UEBA in the first place? 93% of breaches are due to compromised credentials. For such insider threats, there is no other alternative to UEBA. While threat prevention technologies are a necessary component of enterprise security, companies are recognizing that UEBA detection tools are an integral part of security defense. Read the blog to learn about the three dimensions to consider when evaluating UEBA solutions.
6. Building a UEBA Risk Engine | Blog
UEBA technology is the confluence of advancements in data infrastructure, security knowledge, and algorithms. Each of these areas relates to anomaly detection and event scoring — the output of a UEBA engine. This article shows the technical and knowledge components that make UEBA possible.
In this post, we examine how here at Exabeam, we actually turn volumes of security and network events into alerts with risk scores for prioritization in New-Scale SIEM. This article discusses event parsing, normalization, enrichment, risk indicators, and event scoring.
Learn more about New-Scale SIEM™
This blog post gives the highlights of our recent webinar, Overview of Exabeam SIEM and Security Analytics Product Innovations, where Jeannie Warner, Director of Product Marketing, discusses how Exabeam helps organizations by being purpose-built for security.
9. New-Scale SIEM Brings Powerful Behavioral Analytics and Automated Investigation to Threat Detection, Investigation, and Response | Blog
Exabeam built New-Scale SIEM to solve the numerous challenges and limitations of legacy SIEM and to provide security operations teams breakthrough capabilities to detect and respond to a wide range of threats. This blog post focuses on powerful behavioral analytics and automated investigation — two pillars of New-Scale SIEM — and how Exabeam can bring analytics and automation to the security operations center (SOC) to scale the TDIR capabilities of any organization.
10. Powerful Behavioral Analytics | Feature Brief
Exabeam offers powerful behavioral analytics for next-level insights that other tools miss with modern, granular threat detection designed for the most utilized and elusive threat vector — compromised credentials. Behavioral analytics baseline the normal behavior of users and devices with behavioral models, to detect, prioritize, and respond to anomalies based on risk.
Many log management solutions are born as IT operations/observability tools, and vendors later window-dress them for security buyers. Exabeam has created a new category: Security Log Management, a cloud-native log management solution built from the ground up for cybersecurity professionals.
12. Exabeam Alert Triage with Dynamic Alert Prioritization Now Available in Exabeam Fusion and Exabeam Security Investigation | Blog
Alert triage is the process of investigating security alerts to determine the potential threat they pose to an organization. Alerts deemed significant are escalated to incident response teams for further review, while alerts that appear insignificant are dismissed. Determining the alerts that matter can be difficult when you are overwhelmed by thousands of alerts with no context. How do you decide which alerts pose a threat to your organization and which are insignificant?
13. Exabeam Security Operations Platform Privacy | Feature Brief
This document provides the information you need to understand how the Exabeam Security Operations Platform gathers, analyzes, and stores sensitive data, so you can assess the impact on your overall privacy posture.
Exabeam company news
Exabeam has achieved two additional certifications: ISO 27017 and ISO 27018. ISO 27017 provides additional controls to address cloud-specific information security threats and risks. ISO 27018 establishes control objectives and guidelines for implementing measures to protect Personally Identifiable Information (PII) for public cloud computing environments.
15. Exabeam Opens New Office in Plano, TX; Expands Customer Service and Support in North America | Blog
We are excited to announce that we’ve officially opened a new Exabeam office in Plano, Texas. The new office will be home to Customer Success, Engineering, HR, and Sales team members. Our new Plano location further increases service and support coverage for Exabeam North America customers in the Central and Eastern regions.
Learn more about Insider Threats
For more insights, sign up for our webinar on December 13 at 10 am PT: How to Build an Insider Threat Program with Exabeam. In this webinar, you will learn:
- The four common scenarios where you need an insider threat team, and how to build a mission statement and tools
- Four attributes of a successful insider threat program
- How behavioral analytics baseline “normal” behavior of users and devices – showing risk faster
- Automated investigation experience that automates manual routines and guide new insider threat teams
The New CISO Podcast: Success After CISO – How to Become Your Own Boss
The New CISO Podcast: Leading with a Military Mindset: It’s “We,” Not “Me”
What’s New in Exabeam Product Development – January 2023
Exabeam Survey: Prevention Prioritized Over Detection While Breaches Rise
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Get a demo today!