October was an amazing month for us, with the public release of our five new product lines at Spotlight. If you missed it, you can go watch the videos on demand from that link.
But we didn’t stop there! Every month we’ll be releasing new content, features, and improvements — so now that it’s November it’s time to catch up on the activity and innovation from the Exabeam Engineering, UI, and Product Management departments. Here’s a short summary of the latest news and updates, and what we rolled out this month:
Collectors
Site Collector update: You can now deploy the Site Collectors on Red Hat Enterprise Linux 8 and 9.
Dashboards
A new pre-built Correlation Rules dashboard is now available. The Correlation Rules Management pre-built dashboard shows use case activity levels, what rules are being triggered and when, and what rules are triggered the least. Included in this dashboard:
- Analyst sees a visualization showing correlation rule triggers in ascending order
- Analyst sees a visualization showing number of rules triggered over time
- Analyst sees a visualization showing number of rules triggered per Exabeam Use case
Log Stream Updates
Updated default parser management: Log Stream now provides the ability for users to enable and disable default parsers at a vendor level.
Outcomes Navigator
Outcomes Navigator allows customers to understand the full value of what security outcomes are available and what their environment is configured to use. Customers often have an incomplete view of their coverage, in terms of how their coverage relates to their goals — and may have difficulty focusing on where and how to improve.
What Customers Can Expect
- Export an image of the Organizational Coverage and Recommendations tabs in reports and presentations to share with your team, leadership, and other stakeholders.
- The Coverage Over Time chart within the Organizational Coverage tab helps to understand trends in your Use Case Coverage Score. Scores are shown for each month for the last six months and learn why the score may have increased or decreased.
- Outcomes Navigator provides an interactive view for the Security Engineer and Security Leadership providing exploration of current Outcomes and Use Case coverage.
- Learn what Outcomes are available in their licensed product, e.g., dashboards, reports, and analytics rules
- Understand how prepared their Exabeam environment is to deliver on needed outcomes.
- Understand how specifically to improve usage.
Legacy Updates
Advanced Analytics i56.13 – updates documentation
- STIG v3r7 (Security Technical Implementation Guide) compliance-related changes
- On Premises – Updates and Bug Fixes
Data Lake i40.5
Fixed numerous small issues reported. Link to documentation here.
Alert and Case Management
Alert and Case Management centralizes alerts sourced from Exabeam detection engines and third-party security products. Analysts can review the latest alerts or search to focus on specific alerts of interest. Now, new search criteria within the drop-down query builder in Alert and Case Management allows analysts to quickly build a search for:
- Alerts assigned or not assigned to a case
- Alerts or cases that are read or unread
- Cases assigned to themselves
Correlation Rules
Correlation Rules offer an intuitive interface that builds on existing or new search queries to easily define outcomes. An analyst can correlate detections to automate and improve detection of known threats within the environment. Now, analysts can easily select and bulk delete any disabled correlation rules for better management of rules.
Compliance
We are excited to share that Exabeam has achieved two additional certifications: ISO 27017 and ISO 27018. ISO 27017 provides additional controls to address cloud-specific information security threats and risks. ISO 27018 establishes control objectives and guidelines for implementing measures to protect Personally Identifiable Information (PII) for public cloud computing environments.
Learn more at this week’s ISO blog.
Learn more about these product updates
Visit the Exabeam Community for webinars and announcements.
Similar Posts
Recent Posts
Stay Informed
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See a world-class SIEM solution in action
Most reported breaches involved lost or stolen credentials. How can you keep pace?
Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.
Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.
Get a demo today!