Content Over Cloud in Exabeam Advanced Analytics Now Available

Content Over Cloud in Exabeam Advanced Analytics Now Available 

Published
December 22, 2020

Author
Vicky Ngo-Lam

Exabeam recently released i54, the latest version of Advanced Analytics. We’re excited to share this version includes a new feature, Content Over Cloud, for customers to access new content in the Advanced Analytics user interface (UI). In this post, you will learn about obtaining new security content with Exabeam and how Content over Cloud can help.

New content with Exabeam

In our previous blog post, we covered why content is important and our bi-weekly release cadence. Over the past year, this content was available for customers to download packages from the Exabeam Community and install into their instance of Advanced Analytics, manually. Based on feedback from customers, we knew we needed to integrate this workflow into the product and enable engineers to automate it to ensure they were always able to access the best content available.

Introducing: Content over Cloud

Content over Cloud is an administrator console within the Advanced Analytics UI that allows engineers and analysts to install and manage new and existing content in their environments. This console serves as a single source of truth for the latest and greatest content available, and provides visibility into installed content.

This new capability enables customers to stay up to date with the latest content via notifications and a subscription for automatic updates with the option to install updates ad-hoc, such as urgent content patches. Customers can also install custom fixes or revert updates to better manage their instance. The self-service model means customers have more freedom to manage their Advanced Analytics security content, with no additional support services or contracts required.

The current release includes support for Parsers and Event Builders for Advanced Analytics, with other types of content (including Rules, Models, Enrichers, and more) planned for the future. 

Frequent default content updates

One of the biggest changes that we introduce with this feature, is allowing customers to get updated default content more frequently. In previous versions, default updates were limited to major software releases, and any content update (i.e., Content Pack) was installed as custom content. With Content over Cloud, we are now able to deliver frequent updates to default content, allow for faster, better, and more reliable releases.


Drive-by Compromise Technique
Figure 1: Customers can now access new default content within the Administrator console.

Content fixes – delivered to your door

Say goodbye to downloading files and running command lines to install parsers. Content over Cloud allows Exabeam to deliver dedicated custom packages directly to a customer’s Advanced Analytics environment, ready to be installed from the admin panel with a simple click of a button. 


Drive-by Compromise Technique
Figure 2: Easily view and manage custom and default content packages in the UI.

Drive-by Compromise Technique
Figure 3: Analysts and engineers can subscribe to automatically download and install the latest and greatest content available.

No Restarts Required

Yes, that’s right.

Choose a package to install, wait a few seconds, and go back to catching bad guys.

Stay tuned

In the next post, we’ll share with you how some of the insights we gain from how customers are using Content over Cloud are being used to improve parser quality and improve the user experience.

Interested in learning more about Content Over Cloud? Check out our technical documentation for more information.

Recent Information Security Articles

How Attackers Leverage Pentesting Tools in the Wild

Read More

The Differences between SIEM and Open XDR

Read More

Why I Joined Exabeam

Read More

Exabeam Growth and the Opportunity Ahead

Read More

Expand Coverage Against Threats with Exabeam Content Library and TDIR Use Case Packages

Read More



Recent Information Security Articles

Expand Coverage Against Threats with Exabeam Content Library and TDIR Use Case Packages

Read More

Demystifying the SOC, Part 2: Prevention isn’t Enough, Assume Compromise

Read More

How Attackers Leverage Pentesting Tools in the Wild

Read More

The Differences between SIEM and Open XDR

Read More

Why I Joined Exabeam

Read More

Exabeam Growth and the Opportunity Ahead

Read More