Case Study: Safeway - Exabeam

The Benefits of Using a User Behavior Intelligence Solution

Fusion SIEM
Use Case
External Threats

The Challenge

Safeway was looking to implement security controls to monitoring for insider threats and lateral movement. This monitoring needed to analyze the usage and behavior of corporate employees interacting with the point-of-sale systems on their retail network.

“One of the things I like most about Exabeam and how it differs from traditional approaches is that a lot traditional approaches focus on a signature, focus on an IP, focus on something that’s known. Today’s attacks aren’t known. They’re very dynamic and what Exabeam allows you to is it allows you to visibility into the event, visibility into the attack and gives you so much context” notes Colin Anderson, Safeway’s VP Information Technology and CISO.

The Solution

By implementing Exabeam’s user and entity behavior analysis (UEBA) solution, Safeway was able to identify risky, anomalous behavior within their corporate and retail networks and tie it back to the responsible users. Additionally, Exabeam Advanced Analytics greatly increased the efficiency of the Safeway SOC team through the use of its pre-built incident timelines that enabled all analysts, including the more junior and recent hires, to quickly perform incident investigations.

The Result

After implementing Exabeam Advanced Analytics, Safeway achieved significant cost savings resulting from an increase in analyst productivity. This productivity gain translated into a reduction in headcount requirements within their security operations center (SOC) team, and thus a tangible ROI for the project.


Exabeam has allowed my tier one team to actually raise their capability. It’s helped them understand the events so much better. It’s actually been a learning tool for the team and understanding these events a little better and its absolutely raised that bar on that level one team.

Colin Anderson

VP Information Technology, CISO Safeway