The World Has Changed; Shouldn’t Your Security Change, Too? | Exabeam

The World Has Changed; Shouldn’t Your Security Change, Too?

Published
January 31, 2017

Author
Nir Polak

From day one, Exabeam had a vision for something better than today’s SIEM solutions. We felt these products were fundamentally broken: SIEM log management was built on old, proprietary technology and was (over)priced by the byte; SIEM correlation rules were a mess and ineffective, and they caused more work for analysts than they eliminated. SIEM was broken and the opportunity to make something massively better was clear.

Our first step was to win the UEBA market. We took the lead last year with a superior analytics solution that detected modern threats better than anything out there. We’ve deployed it at more than 120 companies in the last 12 months – more than any other UBA vendor. But the plan was always to build a lead quickly and then to use that lead to build out the rest of the vision.

Today we announced the next phase of our Security Intelligence Platform: Exabeam Log Manager, Exabeam Incident Responder and Exabeam Cloud Connectors.

Log Manager is built on proven, open source big data technology from Elasticsearch. We’ve built the management components around it that enterprises require and turned it into a real, supported, commercial product. Unlike the legacy SIEM log products, Exabeam Log Manager is not priced by the byte, so you can pour in as much data as you’d like, without fear of surprise bills. Does it matter? Well, within two weeks of installing Log Manager, one of our customers was already collecting thirty times more data than their Splunk license allowed. DNS logs, endpoint data, all the things that would be useful for analytics but were simply too expensive to store in Splunk. There is serious pent-up demand for affordable security data management at scale.

Incident Responder addresses the human problem of SIEM: it’s too hard to use, generates more work for analysts, and increases hiring pressure. Exabeam Incident Responder comes with pre-built playbooks for common incident types, such as malware, phishing, and data exfiltration. It automatically collects reputation data, can detonate attachments, and can take any steps desired to shut down an incident. It makes life much easier for your IR and SOC teams.

Cloud Connectors enable you to pull in activity data from popular cloud services and integrate it with other threat detection data, response workflow, compliance reporting, etc.

Together, these products, plus Exabeam UEBA and Threat Hunter, provide a thoroughly modern solution for managing security threats. Want to learn more? Go to exabeam.com, drop a note to info@exabeam.com, or come visit us at RSA Feb 13-17 in San Francisco.

Recent Information Security Articles

Exabeam Launches Cloud-delivered Fusion SIEM and Fusion XDR to Address Security Needs at Scale

Read More

Open XDR versus Native XDR

Read More

Equipping Sitech Services with the Tools to Tackle Insider Threats Head-On

Read More

An XDR Prerequisite; Prescriptive, Threat-Centric Use Cases

Read More

Why does the XDR market exist?

Read More



Recent Information Security Articles

An XDR Prerequisite; Prescriptive, Threat-Centric Use Cases

Read More

Exabeam Launches Cloud-delivered Fusion SIEM and Fusion XDR to Address Security Needs at Scale

Read More

Demystifying the SOC, Part 1: Whether You Know It or Not, You Need a SOC

Read More

Open XDR versus Native XDR

Read More

Insider Threat Examples: 3 Famous Cases and 4 Preventive Measures

Read More

Equipping Sitech Services with the Tools to Tackle Insider Threats Head-On

Read More