Skip to content

Securing the Future of Work: Agent Behavior Analytics with Google Cloud — Read the Blog

Get a Demo

Exabeam Nova

Exabeam Nova provides the industry’s most advanced, multi-agent experience, proactively advising key personas in the SOC, accelerating investigations with deeper security insights – without additional tools or cost.

Request a Demo View Feature Brief

POWERFUL AGENT ASSISTANCE

Boost your team capabilities using intelligent agents

Exabeam Nova agents act as an extension to your SOC team, automating and simplifying both strategic and routine tasks. Whether it’s a review of your security posture, an analysis of detections, threat classifications, or case summaries, Exabeam Nova is powering workflows across security operations.

Threat Scoring Agent

Threat Scoring
Agent

Investigation Agent

Investigation Agent

Analyst Assistant Agent

Analyst Assistant
Agent

Search Agent

Search Agent

Visualization Agent

Visualization Agent

Advisor Agent

Advisor Agent

Learn About Each Agent

EXPANDED THREAT DEFENSE

Enhance your security posture against AI-driven threats

As adversaries weaponize AI, Exabeam Nova provides the New-Scale Platform one more mechanism for defending against unknown threats. As a key element in your defense, Exabeam Nova adds to the protection enabled by machine-learning models, behavioral rules to speed investigations, reduce false positives, and boost analyst productivity.

Exabeam Nova Investigation Summary

SECURE AGENTIC AI

Maintain data security and compliance

Exabeam Nova upholds the highest security standards, ensuring end-to-end encrypted data transport and preventing cloud caching of investigation details. No customer data is ever used to train AI models, helping organizations stay compliant with industry regulations. Exabeam Nova further supports compliance efforts with dashboard creation using natural language search.

Machine-learned analytics
Investigation Agent

INVESTIGATION AGENT

Move from alerts to action with the Investigation Agent

Agent to accelerate investigations

Automated case summaries, threat analyses and suggested next steps. The agent classifies threats, identifies key vectors, and highlights the top detections to help analysts quickly understand, prioritize, or deprioritize threats. Platform-delivered entity context provides the agent deeper insight for a more targeted response.

Advisor Agent

ADVISOR AGENT

Tune strategy and discover gaps with the Advisor Agent

Agent built for security leaders

A strategic overlay for leaders, providing daily reports on your security posture, MITRE ATT&CK® and use case coverage. Integrated into Outcomes Navigator, the Advisor Agent helps demonstrate value and maximize investments by seeing the impact of tools and data with recommendations for improvement. 

Search Agent

SEARCH AGENT

Advanced queries made easy with the Search Agent

Agent that powers search

The Search Agent enables analysts to use natural language — across multiple languages — to execute advanced searches. Queries are automatically translated into Exabeam Query Language (EQL) and mapped to the Common Information Model (CIM), making the most complex searches fast and accessible, directly within the Search App.

Visualization Agent

VISUALIZATION AGENT

Agent for creating visualizations

Converts natural language queries into charts and dashboards. Whether it’s a simple metric or a full detection trend, this agent brings clarity to raw telemetry, helping analysts and leaders visualize threat patterns and system performance with ease. 

Analyst Assistant Agent

ANALYST ASSISTANT AGENT

Get real-time answers using the Analyst Assistant Agent

Agent for chat

A context-aware chat companion that helps analysts investigate faster. It understands case-specific and general questions, providing relevant insights instantly and reducing time spent digging through data or documentation.  

Threat Scoring Agent

THREAT SCORING AGENT

Simplified triage using a Threat Scoring Agent that learns

Agent to automate threat scoring

An agent that automatically identifies the most security-relevant events using adaptive learning. This agent continuously analyzes behavioral patterns and applies business factors to pinpoint the highest-priority signals needing further investigation. Advanced risk scoring lets analysts focus on what matters most and reduces the noise.

How can we help? Talk to an expert.

Contact Us

Frequently Asked Questions

How does Exabeam Nova work?

Exabeam Nova leverages a decade of Exabeam expertise in delivering high-quality data through the Common Information Model (CIM), sophisticated parsing techniques, and advanced machine learning algorithms. Exabeam Nova accesses this extensively curated security data ingested and prepared before entering the Exabeam New-Scale Platform:

  • Pulls accurate, relevant data from multiple sources.
  • Processes and contextualizes this data to generate comprehensive investigation summaries.
  • Uses built-in intelligence to autonomously conduct first-level investigations, reducing the need for human intervention.

Can customers use their native language for NLP Search queries?

Yes, NLP Search supports most native languages spoken within the regions covered by our hosting countries, including some double-byte character sets.

Can you provide more information about Exabeam Nova security?

Exabeam Nova enhances security operations with AI-powered capabilities by leveraging Google Gemini Large Language Models (LLMs) within Google Cloud Platform (GCP), where our New-Scale Analytics also operates. When Nova is activated, it securely retrieves relevant data—such as threat detections, timelines, and related entities—from the New-Scale platform.

This data is structured into a comprehensive prompt and encrypted using standard SSL protocols before being sent to a pre-trained Gemini model for processing. To maintain compliance and optimize performance, model processing is performed within the customer’s designated geographic region whenever possible.

Crucially, Exabeam employs pre-trained Gemini models, meaning customer data is never used for model training. Additionally, the entire evaluation process occurs in memory and is fully ephemeral—data is never stored, cached, or retained after processing. Once the model generates a response, it is encrypted and immediately returned to New-Scale Analytics, ensuring no persistent data footprint within Gemini.

Examples of Nova in action include investigation and advisory summaries as well as the analyst assistant, both of which are available in Threat Center and Outcomes Navigator.

“What really sets Exabeam Nova apart is how seamlessly the AI agents work together, It’s like having a full team of experts working behind the scenes to keep us fast, focused, and aligned. Exabeam Nova isn’t just smart it is a game-changer for our SOC.”

  • ilionx

  • Joep Kremer

    Business Unit Director Cyber Security at ilionx

See all Customer Stories

Learn More About Exabeam

Learn about the Exabeam platform and expand your knowledge of information security with our collection of white papers, podcasts, webinars, and more.

  • Exabeam Customer - Under Armour
  • Exabeam Customer - NTT Data
  • Exabeam Customer - Canadian Pacific Railway
  • Exabeam Customer - AsahiKasei
  • NASA - Exabeam Customer
  • Exabeam Customer - Aeromexico
  • Exabeam Customer - MTA
  • Exabeam Customer - Enterprise Holdings
  • Exabeam Customer - Port of Antwerp
  • Exabeam Customer - Copa Airlines
  • Exabeam Customer - Summit Health
  • Exabeam Customer - MUFG
  • Exabeam Customer - City & County of San Francisco
  • Exabeam Customer - UMC of Southern Nevada
  • Exabeam Customer - Trinity Health
  • U.S. Air Force - Exabeam Customer
  • Bloomin Brands
  • University of Colorado - Exabeam Customer
  • KIA
  • Bilstein - Exabeam Customer
  • SiriusXM - Exabeam Customer
  • CDON - Exabeam Customer
  • Ysleta ISD
  • Emanate Health
  • Covenant Health
  • Bealls
  • Altra FCU
Explore trusted 
customer stories >

See Exabeam in Action

Request more information or request a demo of the industry’s most powerful platforms for threat detection, investigation, and response (TDIR).

Learn more:

  • If self-hosted or cloud-native SIEM is right for you
  • How to ingest and monitor data at cloud scale
  • Why seeing abnormal user and device behavior is critical
  • How to automatically score and profile user activity
  • See the complete picture using incident timelines
  • Why playbooks help make the next right decision
  • Support compliance mandates

Award-Winning Leaders in Security

  • Cyber Security Excellence Awards 2025 - Winner
  • CRN Security 100 | 2025
  • Inc. 5000 | 2022
  • InfoSec Innovator Awards 2024
  • The Cyber Influencer of the Year | 2024
  • Google Cloud Partner of the Year 2024 Award