# Exabeam
> Exabeam is a leader in intelligence and automation that powers security operations for the world’s smartest companies. As a global cybersecurity innovator, Exabeam provides industry-proven, security-focused, and flexible solutions for faster, more accurate threat detection, investigation, and response (TDIR). Cutting-edge technology enhances security operations center performance, optimizing workflows and accelerating time to resolution. With consistent leadership in AI innovation and a proven track record in security information and event management (SIEM) and user behavior analytics, Exabeam empowers global security teams to combat cyberthreats, mitigate risk, and streamline operations.
## Capabilities
- [UEBA](https://www.exabeam.com/capabilities/ueba/): Learn how Exabeam's UEBA capabilities can transform your security operations. Upgrade your legacy SIEM or data lake for better threat detection and investigation workflows.
- [Agent Behavior Analytics (ABA)](https://www.exabeam.com/capabilities/agent-behavior-analytics/): Discover how Exabeam's Advanced Behavioral Analytics (ABA) provides deep visibility into your AI agents and digital workforce. Strengthen your AI security posture, automate threat detection, and accelerate incident response to secure your entire automated environment.
- [Insider Threats](https://www.exabeam.com/capabilities/insider-threats/): Detect and respond to insider threats with the power of AI and machine learning. Explore how Exabeam UEBA capabilities can identify abnormal credential usage and uncover audit tampering.
- [Compliance](https://www.exabeam.com/capabilities/compliance/): Stay compliant with NIST, ISO, and other international standards with Exabeam's cybersecurity solution. Prove your security posture and pass your audit confidently.
- [TDIR](https://www.exabeam.com/capabilities/tdir/): Maximize accuracy and productivity with a unified TDIR workbench. Prioritize alerts, automate evidence collection, and create threat timelines.
- [SIEM](https://www.exabeam.com/capabilities/siem/): Experience the power of cloud-native SIEM with flexible architecture, centralized storage, and lightning-fast search capabilities.
- [SOAR](https://www.exabeam.com/capabilities/soar/): Optimize workflows with automation management. Simplify process documentation and accelerate time-to-resolution with pre-built playbooks.
## Benefits
- [Detect High-Risk Threats](https://www.exabeam.com/benefits/detect-threats/): Learn how Exabeam's machine learning-based platform detects high-risk threats by analyzing risky and abnormal activity to prioritize detection and automate threat grouping.
- [Automate Investigation & Response](https://www.exabeam.com/benefits/automate-investigation-response/): Automate alert and case triage with context-aware analytics from Exabeam. Prioritize high-risk threats quickly and efficiently.
- [Improve Threat Coverage](https://www.exabeam.com/benefits/improve-threat-coverage/): Improve threat coverage and safeguard your business with our cutting-edge security solutions. Stay protected from evolving cyber threats.
- [Optimize Security Investments](https://www.exabeam.com/benefits/optimize-security-investments/): Optimize your security investments with Exabeam's platform. Bridging the gap between point solutions, it delivers new detections and a more holistic view of threats.
- [Flexible Deployment](https://www.exabeam.com/benefits/flexible-deployment/): Optimize your security investments with Exabeam's flexible deployment options: cloud-native, on-premises, or hybrid SIEM expertise.
## Uncategorized
- [AI Innovation](https://www.exabeam.com/company/ai-innovation/): Exabeam pioneered AI in SIEM, using machine learning-based AI for over 10 years to enable faster and more accurate threat detection, investigation, and response (TDIR).
- [What’s New](https://www.exabeam.com/whats-new/): Learn about new product innovations we deliver every 90 days. Read the release notes, download the white papers, and register for our release webinars!
- [Education and Training](https://www.exabeam.com/support-and-services/education-and-training/): Exabeam offers world-class training, designed to help security professionals become more effective and confident in their understanding and use of the Exabeam Security Operations Platform.
- [Product Tour](https://www.exabeam.com/product-tour/): Explore the Exabeam New-Scale Security Operations Platform with interactive, self-guided product tours. Instantly access demos on threat detection, insider threats, and our open, agnostic SIEM platform. No forms, no scheduling—see Exabeam in action now.
- [Exabeam | Cybersecurity & Compliance with Security Log Management and SIEM](https://www.exabeam.com/): Experience the world’s most advanced cloud-native security operations platform, powered by AI to deliver superior threat detection, investigation, and response (TDIR).
- [Exabeam Legal Resources and Policies](https://www.exabeam.com/legal/): Find and review key documents including our privacy policy, terms of service, customer and vendor agreements, and security policies.
- [About Us](https://www.exabeam.com/company/about-us/): Learn more about Exabeam. We're united in our mission to provide successful security outcomes for organizations worldwide.
- [Partner Program](https://www.exabeam.com/partner-overview/): Partner with the world’s most advanced cloud-native security operations platform, powered by AI to deliver superior threat detection, investigation, and response (TDIR).
- [From Adoption to Accountability: The New Economics of AI in Cybersecurity](https://www.exabeam.com/hubs/from-adoption-to-accountability-the-new-economics-of-ai-in-cybersecurity/): Cybersecurity budgets are rising, driven by AI investment. But many security leaders cannot clearly prove the business value behind the spend. This global research reveals where confidence is growing and where justification is breaking down.
- [Thank You, Request Processing](https://www.exabeam.com/thank-you-request-processing/): Your request is being processed, you will receive an email from your account team once approved.
- [to Exabeam](https://www.exabeam.com/welcome/): Doing right by our customers is our highest priority — solving the problems that matter most and delivering outcomes that exceed expectations. With that, we’ve rounded up a few resources that can help you quickly get started with Exabeam.
- [From Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk](https://www.exabeam.com/hubs/from-human-to-hybrid-how-ai-and-the-analytics-gap-are-fueling-insider-risk/): Insider threats, fueled by AI, now surpass external attacks. Learn how to protect your organization from this growing risk. Download the free Exabeam research report.
- [Blog](https://www.exabeam.com/featured-blogs/): Discover the best practices for information security and cyber threat detection. Learn how to effectively respond to threats and protect your data.
- [From Hype to Help: How AI Is (Really) Transforming Cybersecurity in 2025](https://www.exabeam.com/hubs/how-ai-is-transforming-cybersecurity-in-2025/): This new global report from Exabeam, based on a survey of 1,000 cybersecurity professionals across 17 countries, reveals a growing disconnect between leadership optimism and analyst reality when it comes to artificial intelligence in the SOC.
- [Exabeam Single Sign-On FAQ](https://www.exabeam.com/support-and-services/exabeam-single-sign-on-faq/)
- [Exabeam Brand Style Guide](https://www.exabeam.com/newsroom/styleguide/): The Exabeam Brand Style Guide is a resource for the use of the Exabeam brand across a variety of mediums. It is meant to inform the design and development of digital, web, and print projects and provides elements to help you make consistent content and design decisions for the Exabeam brand.
- [Contact Us](https://www.exabeam.com/contact/contact-us/): Do you have questions about the Exabeam Security Operations Platform, our Partner Program, or something else?
- [Us](https://www.exabeam.com/contact/): With locations around the world, expert support, and an ever-growing user community, we look forward to showing you how you can leverage Exabeam for your needs.
- [Get a Demo](https://www.exabeam.com/contact/get-a-demo/): Request a SIEM demo of the industry’s most powerful platform for threat detection, investigation, and response (TDIR).
- [TEN18](https://www.exabeam.com/ten18/): TEN18 by Exabeam is a cybersecurity research and insights group dedicated to transforming technical knowledge into business trust for security practitioners – from security analysts to the CISO.
- [Product Certifications and Compliance](https://www.exabeam.com/company/certifications/): Security is at the center of Exabeam – from the products we build to our day-to-day operations.
- [Analyst Corner](https://www.exabeam.com/company/analyst-corner/): Explore insights to understand market trends, compare Exabeam with competitors, and drive your organization forward.
- [2023 TDIR Global Report – APJ](https://www.exabeam.com/hubs/2023-tdir-global-report-apj-summary/): Get your copy today to read more about the latest TDIR challenges and trends.
- [2023 TDIR Global Report – WE](https://www.exabeam.com/hubs/2023-tdir-global-report-we-summary/): Get your copy today to read more about the latest TDIR challenges and trends.
- [2023 TDIR Global Report – NA](https://www.exabeam.com/hubs/2023-tdir-global-report-na-summary/): Get your copy today to read more about the latest TDIR challenges and trends.
- [2023 TDIR Global Report](https://www.exabeam.com/hubs/2023-tdir-global-report/): Get your copy today to read more about the latest TDIR challenges and trends.
- [Trusted and Secure](https://www.exabeam.com/company/trusted-and-secure/): Learn how we maintain privacy, security, and availability for our cloud-delivered offerings, so you can trust Exabeam with your data.
- [The New CISO Podcast](https://www.exabeam.com/the-new-ciso-podcast/): Hosted by Exabeam Chief Security Strategist, Steve Moore, The New CISO answers your burning cybersecurity leadership questions.
- [Exabeam and Google Cloud](https://www.exabeam.com/hubs/exabeam-and-google-cloud/): Learn how Exabeam and Google Cloud can help you take advantage of AI to close the loop on your cybersecurity.
- [Customer Stories](https://www.exabeam.com/customers/): Organizations around the world trust Exabeam to partner with their security teams as they modernize and address the new landscape of cyber threats.
- [Media Kit](https://www.exabeam.com/newsroom/media-kit/): Exabeam is a leader in intelligence and automation that powers security operations for the world’s smartest companies. As a global cybersecurity innovator, Exabeam provides industry-proven, security-focused, and flexible solutions for faster, more accurate threat detection, investigation, and response (TDIR).
- [Industries](https://www.exabeam.com/solutions/industries/)
- [Use Cases](https://www.exabeam.com/solutions/use-cases/)
- [Solutions](https://www.exabeam.com/solutions/)
- [Events](https://www.exabeam.com/events/)
- [Founders](https://www.exabeam.com/company/founders/): Sometimes it takes a bad experience to spark a great idea. Learn how Exabeam got our start.
- [ExaGals](https://www.exabeam.com/company/exagals/): The ExaGals program focuses on supporting and empowering the women of Exabeam, as well as women in the technology community at large, with career development, education and personal growth opportunities.
- [Find a Partner](https://www.exabeam.com/find-a-partner/): Exabeam is proud to have cultivated a global network of world-class solution providers, MSSPs, services and distribution partners.
- [Diversity, Inclusion and Culture](https://www.exabeam.com/company/diversity/): Whether it’s championing women, supporting veterans, improving diversity or aligning our hiring process with our values, our philosophy is that we’re better together.
- [Exabeam Success Services](https://www.exabeam.com/support-and-services/professional-services/): Exabeam professional services are focused on providing the expertise you need to deploy and operate your Exabeam solution.
- [Support and Services](https://www.exabeam.com/support-and-services/)
- [Blog](https://www.exabeam.com/blog/): Discover the best practices for information security and cyber threat detection. Learn how to effectively respond to threats and protect your data.
- [Resources](https://www.exabeam.com/resources/): Our Resource Library will help you learn how the Exabeam Security Operations Platform will improve your threat coverage.
- [Security Explainers](https://www.exabeam.com/security-explainers/): Learn about cybersecurity and compliance topics, ranging from fundamental principles to advanced techniques.
- [Newsroom](https://www.exabeam.com/newsroom/): Stay up-to-date with Exabeam press releases, articles, awards, and all things newsworthy.
- [Careers](https://www.exabeam.com/company/careers/): We’re always looking for the best and brightest. There’s work to be done. Let’s do it together.
- [Company](https://www.exabeam.com/company/)
- [Responsible Disclosure Program](https://www.exabeam.com/responsible-disclosure/): This policy describes what systems and type of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities.
- [404](https://www.exabeam.com/404-page-not-found/): This is awkward.We’re usually really good at finding things, but we can’t find that page.
- [Exabeam News Wrap-up — August 1, 2023](https://www.exabeam.com/blog/uncategorized/exabeam-news-wrap-up-august-1-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [Invisible Threats: Data Breaches, AI, and the LGBTQIA+ Community](https://www.exabeam.com/blog/uncategorized/invisible-threats-data-breaches-ai-and-the-lgbtqia-community/): Explore the unique digital threats faced by the LGBTQIA+ community, from data breaches to AI biases.
- [Third-Party Software](https://www.exabeam.com/third-party-software/)
## Products
- [Exabeam New-Scale Fusion Security Operations Platform](https://www.exabeam.com/platform/exabeam-new-scale-fusion-security-operations-platform/): Discover the power of cloud-native architecture on Google Cloud. Unlock rapid data ingestion, hyper-fast query performance, and advanced analytics and AI.
- [LogRhythm Intelligence](https://www.exabeam.com/platform/logrhythm-intelligence/): Unleash the potential of AI-powered insights for cybersecurity. Our unique combination of machine learning-driven analytics and behavioral models ensures advanced threat detection and response.
- [LogRhythm SIEM](https://www.exabeam.com/platform/logrhythm-siem/): Unlock the power of self-hosted SIEM with LogRhythm's unique Machine Data Intelligence (MDI) Fabric. Leverage actionable data for accurate analytics and streamline threat detection, investigation, and response.
- [New-Scale SIEM](https://www.exabeam.com/platform/new-scale-siem/): Discover the power of cloud-native architecture on Google Cloud. Unlock rapid data ingestion, hyper-fast query performance, and advanced analytics and AI.
- [Exabeam Nova](https://www.exabeam.com/platform/exabeam-nova/): Improve threat understanding and resolve critical issues rapidly with AI-powered assistance. Simplify threat hunting and optimize resource allocation.
- [New-Scale Analytics](https://www.exabeam.com/platform/new-scale-analytics/): New-Scale Analytics automates threat detection using machine learning-based behavioral analysis and dynamic risk scoring with business factor adjustments. It finds and prioritizes credential-based attacks that other tools miss.
- [Outcomes Navigator](https://www.exabeam.com/platform/outcomes-navigator/): Outcomes Navigator is a first-of-its-kind SIEM feature that helps you assess and achieve repeatable security outcomes while recommending ways to strengthen your use case and MITRE ATT&CK® coverage.
- [The Exabeam Difference](https://www.exabeam.com/platform/the-exabeam-difference/): Revolutionize your security operations with Exabeam SIEM. Addressing legacy SIEM limitations to enhance threat detection, investigation, and response.
- [NetMon](https://www.exabeam.com/platform/netmon/): Improve network security with advanced visibility and analytics. Identify applications, capture packets, and gain a deep understanding of your network activity.
- [Exabeam Integrations: What it Works With](https://www.exabeam.com/platform/integrations/): Learn how Exabeam platform integrations can help enhance security by ingesting data from multiple sources and detecting anomalies.
- [How It Works](https://www.exabeam.com/platform/how-it-works/): Unlock the potential of Exabeam's log management platform for security use cases. Start with shared capabilities and expand with advanced triage, automation, and more.
## New-Scale Security Operations Platform
- [New-Scale Fusion](https://www.exabeam.com/resources/data-sheets/new-scale-fusion-security-operations-platform/): The Exabeam New-Scale Security Operations Platform—sold as Exabeam Fusion—unifies SIEM, behavioral analytics, automation, and case management in a single AI-driven solution. Purpose-built for modern teams, it delivers speed, scale, and precision across every phase of the SOC workflow.
- [Exabeam New-Scale Platform: July 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/exabeam-new-scale-platform-july-2026-quarterly-launch/)
- [Modernizing the CERT Insider Threat Framework for the Agentic Enterprise](https://www.exabeam.com/resources/white-papers/modernizing-the-cert-insider-threat-framework-for-the-agentic-enterprise/): Discover how to modernize the CERT Insider Threat Framework for the agentic enterprise. This guide explains how to use behavioral intelligence to detect expanding insider risks across humans, AI agents, and automated systems, helping you identify threats before they lead to impact.
- [Six Shifts in Insider Risk for the Agentic Enterprise](https://www.exabeam.com/resources/guides/six-shifts-in-insider-risk-for-the-agentic-enterprise/): Discover the six shifts in modern insider risk for the agentic enterprise. This guide explains why threats now emerge through legitimate activity and how security teams must adapt their detection strategies.
- [The Insider Isn’t Human | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/the-insider-isnt-human-exabeam-elevate-2026/): Learn how to secure your enterprise against the newest insider threat: AI agents. This webinar provides a comprehensive overview of the evolving AI threat landscape, highlighting the limitations of traditional security and introducing Agent Behavior Analytics. Discover how to protect your organization from malfunctioning, misaligned, and subverted AI agents by understanding key concepts like prompt injection, identity and privilege abuse, and the importance of telemetry and identity in a modern security strategy. This session is essential for security professionals looking to stay ahead of emerging threats in an AI-driven world.
- [From Alerts to Outcomes | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/from-alerts-to-outcomes-exabeam-elevate-2026/): Struggling to justify your security budget? Learn how to transform your security operations from a cost center to a strategic business function. In this webinar with Exabeam's Matt Willems, discover how to use data-driven insights and the MITRE ATT&CK framework to measure your security coverage, benchmark against peers, and communicate risk reduction to your board. Move beyond reactive alerts to proactive, defensible outcomes. This session is ideal for security leaders in North America and Europe looking to mature their security programs and better align with business objectives.
- [The Quantum Reckoning | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/the-quantum-reckoning-exabeam-elevate-2026/): Future-proof your AI & ML investments against the quantum reckoning with Exabeam CISO Kevin Kirkwood. This expert webinar provides a 12-24 month roadmap for quantum readiness, covering essential strategies for PQC migration, crypto-agility, and defending against quantum-boosted threats like model theft and data poisoning. Ideal for CISOs and security leaders in San Francisco, New York, London, and global tech centers. Learn to secure your enterprise with practical steps for ML security, adversarial training, and operational governance to stay ahead of next-generation cyberattacks. Watch now to protect your intellectual property and build a quantum-resilient security posture.
- [Lessons From an Insider Threat | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/lessons-from-an-insider-threat-exabeam-elevate-2026/): Learn how to detect and defend against nation-state insider threats in our on-demand webinar. Exabeam experts share a real-world case study on identifying malicious "phantom hires" who use stolen identities and AI to infiltrate organizations. Discover actionable security strategies to protect your company from these advanced cyber attacks.
- [Exabeam Vision & Strategy | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/exabeam-vision-strategy-exabeam-elevate-2026/): Learn how to combat the rising wave of AI-driven insider threats with Exabeam's vision for Accelerated Security Operations. This webinar, featuring Chief AI and Product Officer Steve Wilson, explores the shift from reactive to proactive cybersecurity, the impact of AI on both attackers and defenders, and how human-agent teaming can reduce investigation times by up to 80%. Discover how to secure your agent-driven enterprise and stay ahead of advanced threats in today's evolving digital landscape. Key topics include insider risk, AI in cybersecurity, threat detection and response (TDIR), and the future of the Security Operations Center (SOC).
- [From Human to Hybrid | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/from-human-to-hybrid-exabeam-elevate-2026/): Learn about the evolution of insider threats and how AI is creating new risks. Discover key strategies for building a proactive insider threat program that can identify and mitigate threats from both human and AI actors.
- [The Universal Remote Control | Exabeam Elevate 2026](https://www.exabeam.com/resources/webinars/the-universal-remote-control-exabeam-elevate-2026/): Tired of your AI security agents not talking to each other? Learn how the Model Context Protocol (MCP) acts as a universal remote, unifying threat detection across your tools. This session shows you how to break down data silos, enabling powerful, cross-platform behavioral detections and moving from manual investigation to autonomous exploration. Register to unify your defenses.
- [How Does Exabeam Unify Security Operations for OT Environments?](https://www.exabeam.com/resources/briefs/how-does-exabeam-unify-security-operations-for-ot-environments/): Detect elusive IT-to-OT threats and protect critical infrastructure. See how Exabeam unifies security operations with behavioral analytics and automation for faster, safer OT threat detection, investigation, and response.
- [The CFO Conversation Checklist for CISOs](https://www.exabeam.com/resources/guides/the-cfo-conversation-checklist-for-cisos/): Download Exabeam's CFO Conversation Checklist for CISOs to successfully defend security investments by framing decisions around risk, outcomes, and full costs.
- [A CISO’s Guide to Adversary Alignment](https://www.exabeam.com/resources/white-papers/a-cisos-guide-to-adversary-alignment/): Discover how CISOs can align security operations to adversary behavior. Download Exabeam's white paper to improve threat detection with behavioral analytics.
- [CISO Leadership After a Breach: A Response Playbook](https://www.exabeam.com/resources/white-papers/ciso-leadership-after-a-breach-a-response-playbook/): How should CISOs lead after a security breach? Download Exabeam's playbook to master decision-making, communication, containment, and recovery strategies.
- [A Five-Stage Guide to Incident Response For Modern Organizations](https://www.exabeam.com/resources/guides/a-five-stage-guide-to-incident-response-for-modern-organizations/): Download Exabeam's 5-stage incident response guide. Learn how to prepare, detect, contain, respond, and recover from security threats to reduce disruption.
- [Five Ways CISOs Can Communicate Cyber Risk and Protect the Business](https://www.exabeam.com/resources/guides/five-ways-cisos-can-communicate-cyber-risk-and-protect-the-business/): Discover 5 ways CISOs can effectively communicate cyber risk to executives. Learn how behavior-driven security operations reduce business impact. Download the guide.
- [Five Questions to Evaluate Your AI Security Operations Strategy](https://www.exabeam.com/resources/guides/five-questions-to-evaluate-your-ai-security-operations-strategy/): Evaluate your AI security operations strategy with Exabeam. Use our 5-question framework to assess readiness, manage data risks, and stop AI-driven threats.
- [Extend Google Chronicle with Exabeam Behavioral Intelligence](https://www.exabeam.com/resources/briefs/extend-google-chronicle-with-exabeam-behavioral-intelligence/): As cyberattacks become increasingly frequent, sophisticated, and hard to detect, security operations teams are struggling with the limitations of legacy security information and event management (SIEM) and traditional perimeter security.
- [Exabeam vs. CrowdStrike: Five Ways to Compare and Evaluate](https://www.exabeam.com/resources/guides/exabeam-vs-crowdstrike/): Discover how Exabeam excels over CrowdStrike and delivers better security outcomes for your organization.
- [Exabeam New-Scale Platform: April 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/exabeam-new-scale-platform-april-2026-quarterly-launch/)
- [Managing Insider Risk: Malicious Insiders and Compromised Credentials](https://www.exabeam.com/resources/white-papers/managing-insider-risk-malicious-insiders-and-compromised-credentials/): This white paper details how to build an insider risk program. Learn how to monitor user and AI agent activity, investigate threats, and respond to compromised credentials.
- [Agent Behavior Analytics](https://www.exabeam.com/resources/briefs/agent-behavior-analytics/): Monitor and investigate AI agent activity with Exabeam Agent Behavior Analytics. Download the feature brief to detect misuse, reduce risk, and maintain oversight of non-human identities.
- [Privilege Escalation](https://www.exabeam.com/resources/briefs/privilege-escalation/): Exabeam helps security teams outsmart adversaries using privilege escalation with the support of automation and use case content across the entire analyst workflow, from detection to response.
- [Abnormal Authentication](https://www.exabeam.com/resources/briefs/abnormal-authentication/): Exabeam helps security and insider threat teams outsmart users engaging in abnormal authentication and access with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Clarity Act](https://www.exabeam.com/resources/briefs/clarity-act/): Prepare for the Clarity Act with Exabeam. Learn how session-based timelines provide transparent, audit-ready automated decisions. Download the solution brief.
- [A Strategic Framework for Selecting Your Cloud-Native SIEM](https://www.exabeam.com/resources/white-papers/a-strategic-framework-for-selecting-your-cloud-native-siem/): Choosing a cloud-native SIEM is one of the most critical and complex decisions a security leader will make. A successful implementation can transform your security operations, but the wrong choice leads to wasted budget, frustrated analysts, and critical visibility gaps. With every vendor making similar promises, how do you build a repeatable process to identify the right long-term partner?
- [Nine Questions Every CIO Must Ask About Their SIEM](https://www.exabeam.com/resources/guides/nine-questions-every-cio-must-ask-about-their-siem/): This guide provides a clear, business-focused framework for evaluating your security operations platform. It moves beyond technical specifications to explore the nine critical questions every CIO must ask to determine if their SIEM is creating tangible value or just noise.
- [Exabeam New-Scale Platform: January 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/exabeam-new-scale-platform-january-2026-quarterly-launch/)
- [Exabeam and Recorded Future](https://www.exabeam.com/resources/briefs/exabeam-and-recorded-future/): The integration between the Exabeam New-Scale Security Operations Platform and Recorded Future Intelligence Cloud empowers security operations teams with insights to move from a reactive to a proactive defense. By automatically enriching security data with real-time threat intelligence, this partnership provides the context needed for faster, more accurate threat detection and automated response.
- [2025 Gartner® Magic Quadrant™ for SIEM](https://www.exabeam.com/resources/reports/gartner-magic-quadrant-for-siem-2025/): Exabeam is proud to be named a Leader in the 2025 Gartner®️ Magic Quadrant™️ for Security Information and Event Management. This marks the sixth time Exabeam has been recognized as a Leader. (2018, 2020, 2021, 2022, 2024, 2025).
- [New-Scale Security Operations Platform: October 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/new-scale-security-operations-platform-october-2025-quarterly-launch/)
- [Exabeam and Google Cloud: Securing AI Agents and LLM Usage With Behavioral Analytics](https://www.exabeam.com/resources/briefs/exabeam-and-google-cloud-securing-ai-agents-and-llm-usage-with-behavioral-analytics/): Secure your business's AI transformation. Learn how Exabeam and Google provide unified visibility to monitor, detect, and respond to AI-driven insider threats
- [Architecting Threat Detection, Investigation, and Response (TDIR)](https://www.exabeam.com/resources/white-papers/architecting-threat-detection-investigation-and-response-tdir/): The AI-driven Exabeam Security Operations Platform revolutionizes how organizations manage threats through a cloud-native solution designed for ultimate efficiency and effectiveness.
- [Open and Agnostic Security Operations With the New-Scale Platform](https://www.exabeam.com/resources/videos/open-and-agnostic-security-operations-with-the-new-scale-platform/): The New-Scale Security Operations Platform takes a different approach. It's open and agnostic by design. Use prebuilt integrations for leading data sources or bring in your own using the Generic API Collector. Need threat intelligence? You can onboard any STIX/TAXII feed in minutes.For automation, New-Scale SIEM is the first to fully support the OpenAPI Standard. With Automation Management, you can build, test, and deploy cross-vendor workflows quickly, without relying on custom code or complex engineering effort.
- [OpenAPI Standard Support](https://www.exabeam.com/resources/videos/openapi-standard-support/): Exabeam has the first SIEM to support the OpenAPI Standard. With Automation Management, you can build, test, and version automations in a no-code, vendor-agnostic environment. Whether you're triggering playbooks or orchestrating workflows, it just works. And you don't even need engineering help.
- [Exabeam and Trellix](https://www.exabeam.com/resources/briefs/exabeam-and-trellix/): The integration between Exabeam and Trellix Endpoint Security helps security teams detect threats faster, automate investigations, and improve response across cloud and endpoint environments—all from a single platform.
- [The Must-Have Essentials for Every Modern SOC](https://www.exabeam.com/resources/webinars/the-must-have-essentials-for-every-modern-soc/): Effective security begins with advanced behavioural detection, yet traditional threat detection-relying on static signatures and correlation, even when enhanced with AI-often falls short against today’s dynamic, fast-evolving threats. Join this upcoming webinar series designed to equip you with practical strategies and actionable steps for building a modern Security Operations Center (SOC). Through real-world case studies and expert insights, discover how to leverage AI-driven security operations, robust data ingestion, powerful analytics, and workflow automation with Exabeam.
- [Exabeam and Vectra AI](https://www.exabeam.com/resources/briefs/exabeam-and-vectra-ai/)
- [Feature Demo: Correlation Rules](https://www.exabeam.com/resources/videos/feature-demo-correlation-rules/): This provides an overview on writing, testing, publishing, and monitoring custom correlation rules to identify and escalate anomalies and flag high-risk activities.
- [Feature Demo: Log Stream](https://www.exabeam.com/resources/videos/feature-demo-log-stream/): Log Stream provides rapid log ingestion processing at over 2 million EPS, allowing you to visualize, create, deploy, and monitor parsers.
- [Feature Demo: Outcomes Navigator](https://www.exabeam.com/resources/videos/feature-demo-outcomes-navigator/): Outcomes Navigator maps data feeds to common security use cases and suggests improvements to enhance coverage.
- [Feature Demo: Exabeam Automation Management](https://www.exabeam.com/resources/videos/feature-demo-automation-management/): Discover Automation Management combines security orchestration, automation, and response (SOAR) capabilities with pre-built playbooks and a no-code playbook editor to streamline incident resolution.
- [Feature Demo: Dashboards](https://www.exabeam.com/resources/videos/feature-demo-dashboards/): Dashboards allow users to visualize data based on their roles and requirements, helping to understand trends and risks within the organization.
- [Feature Demo: Service Health and Consumption](https://www.exabeam.com/resources/videos/feature-demo-service-health-and-consumption/): Service Health and Consumption helps you visualize service health and data consumption while monitoring connections and sources.
- [Feature Demo: Search](https://www.exabeam.com/resources/videos/feature-demo-search/): Search offers a simplified experience with faster queries and instant results, even over petabyte-scale data.
- [Feature Demo: Collectors](https://www.exabeam.com/resources/videos/feature-demo-collectors/): Collectors gather data from various sources, including on-premises logs, cloud-delivered security products, SaaS applications, threat intelligence feeds, and cloud infrastructures.
- [Feature Demo: Threat Center](https://www.exabeam.com/resources/videos/feature-demo-threat-center/): Discover the Threat Center in the Exabeam Security Operations Platform. Threat Center serves as a unified workbench for threat detection, investigation, and response.
- [The AI-Driven Exabeam Security Operations Platform Overview](https://www.exabeam.com/resources/videos/the-ai-driven-exabeam-security-operations-platform-overview/): Join us as we walk through these powerful features, demonstrating how Exabeam revolutionizes security operations, improving SOC efficiency.
- [The Ultimate Guide to Threat Investigation](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-threat-investigation/): Elevate your cybersecurity strategy and improve your organization’s security outcomes. Download your free copy now.
- [The Ultimate Guide to Threat Response](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-threat-response/): Elevate your cybersecurity strategy and improve your organization’s security outcomes. Download your free copy now.
- [The Ultimate Guide to Threat Detection](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-threat-detection/): Elevate your cybersecurity strategy and improve your organization’s security outcomes. Download your free copy now.
- [Spotlight24: Full Event Webcast](https://www.exabeam.com/resources/videos/spotlight24-webcast/): Watch presentations from Exabeam experts, live demos, customer testimonials, and a fireside chat with Google Cloud VP, Stephen Orban.
- [Three Ways to Get More Value from Microsoft Sentinel](https://www.exabeam.com/resources/webinars/three-ways-to-get-more-value-from-microsoft-sentinel/): Join Randeep Gill to learn how Exabeam can provide unmatched security outcomes when paired with a traditional SIEM such as Sentinel.
- [Essential Checklist for a Proactive Security Operations Platform](https://www.exabeam.com/resources/guides/essential-checklist-for-a-proactive-security-operations-platform/): How are you ensuring your cybersecurity measures are not just reactive but also proactive in protecting your organization?
- [Spotlight23: Automate and Accelerate TDIR](https://www.exabeam.com/resources/videos/spotlight23-automate-and-accelerate-tdir/): Learn how to automate your threat detection, investigation, and response workflows with Exabeam for faster discovery and remediation of security risks.
- [Spotlight23: Tools to Measure the Success of Your SOC](https://www.exabeam.com/resources/videos/spotlight23-tools-to-measure-the-success-of-your-soc/): Learn how CISOs and security operations teams can use Exabeam Outcomes Navigator, integrations, and Dashboards to demonstrate continued growth and success of your security program.
- [Spotlight23: Operationalize an Effective TDIR Workflow](https://www.exabeam.com/resources/videos/spotlight23-operationalize-an-effective-tdir-workflow/): Learn how you can use Exabeam pre-built content along with API integrations to operationalize TDIR and SOAR processes to make your analysts more effective in detecting, investigating, and responding to threats.
- [Spotlight23: Customer Insights Panel](https://www.exabeam.com/resources/videos/spotlight23-customer-insights-panel/): Hear from Exabeam customers as they discuss their customer success journey and the value they receive from Exabeam solutions.
- [Spotlight23: Exabeam, AI, and the Future of Security Operations](https://www.exabeam.com/resources/videos/spotlight23-exabeam-ai-and-the-future-of-security-operations/): Learn how the SIEM industry has not kept up with the changing cyber climate of today as Exabeam shares its vision for New-Scale SIEMTM to advance security operations.
- [A CISO’s Guide to the AI Opportunity in Security Operations](https://www.exabeam.com/resources/white-papers/a-cisos-guide-to-the-ai-opportunity-in-security-operations/): Explore AI’s impact on the SOC. Discover key strategies for AI-driven security operations, especially in threat detection, investigation, and response (TDIR).
- [Using Cribl Observability Pipelines to Optimize Cloud-Native SIEM](https://www.exabeam.com/resources/webinars/using-cribl-observability-pipelines-to-optimize-cloud-native-siem/): Optimize cloud-native SIEM with observability pipelines. Watch this webinar for expert insights and Exabeam+Cribl integration demo.
- [Deploying Exabeam Fusion](https://www.exabeam.com/resources/data-sheets/deploying-exabeam-fusion/): This one-day instructor-led course will prepare Exabeam Professional Services Engineers and Exabeam deployment partners to deploy Exabeam Fusion environments.
- [Bots in SOCs: The Rise of AI in Security Operations Centers](https://www.exabeam.com/resources/webinars/bots-in-socs-the-rise-of-ai-in-security-operations-centers/): Discover the impact of AI on security operations centers (SOCs). Learn actionable strategies for harnessing these innovations responsibly.
- [What is the Future of AI in IT and Security?](https://www.exabeam.com/resources/webinars/what-is-the-future-of-ai-in-it-and-security/): Could AI replace missing expertise and headcount? Our webinar will dive into the considerations organizations should take when working with AI and technology.
- [Inside Out – Mastering the Art of Insider Threat Defence](https://www.exabeam.com/resources/webinars/inside-out-mastering-the-art-of-insider-threat-defence/): Could AI replace missing expertise and headcount? This webinar dives into the considerations organizations should take when working with AI and technology.
- [Leveraging AI to Monitor, Analyse and Respond to Threats](https://www.exabeam.com/resources/webinars/leveraging-ai-to-monitor-analyse-and-respond-to-threats/): Join this teissTalk to answer some of the biggest questions facing the Information Security industry.
- [CISO Q&A — Solving Insider Threats](https://www.exabeam.com/resources/webinars/ciso-qa-solving-insider-threats/): During this enlightening session, you’ll discover how these industry experts leverage telemetry data to proactively stay ahead of cybersecurity threats.
- [Taking Your SIEM Solution to the Next Level – The Power of SIEM in the Cloud](https://www.exabeam.com/resources/webinars/taking-your-siem-solution-to-the-next-level-the-power-of-siem-in-the-cloud/): Unlock the power of SIEM in the cloud. Streamline security operations, enhance threat mitigation, and scale with speed and cost effectiveness.
- [The Ultimate Guide to Cloud-Native SIEM](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-cloud-native-siem/): Discover the benefits of cloud-native SIEM with our comprehensive eBook, enhancing security operations & simplifying threat detection. Download now!
- [The Hidden Threat: Understanding Insider Risks](https://www.exabeam.com/resources/webinars/the-hidden-threat-understanding-insider-risks/): Watch this webinar to learn about Exabeam, a next-gen SIEM solution that provides better security outcomes than other traditional SIEMs such as Splunk.
- [Not all SIEMs are Created Equal](https://www.exabeam.com/resources/webinars/not-all-siems-are-created-equal/): In this webinar you will learn about Exabeam, a next-gen SIEM solution that provides better security outcomes than other traditional SIEMs such as Splunk.
- [Exabeam Security Operations Platform Privacy](https://www.exabeam.com/resources/data-sheets/exabeam-security-operations-platform-privacy/): This document provides the information you need to understand how the Exabeam Security Operations Platform gathers, analyzes, and stores sensitive data, so you can assess the impact on your overall privacy posture.
- [Spotlight22: Evolution of Cybersecurity, Advanced Threats, and What Your Teams Can Do About It](https://www.exabeam.com/resources/videos/spotlight22-evolution-of-cybersecurity-advanced-threats-and-what-your-teams-can-do-about-it/): Exabeam unveils the vision for New-Scale SIEM to advance security operations and introduces innovation across a new platform.
- [Spotlight22: Customer Success Strategies](https://www.exabeam.com/resources/videos/spotlight22-customer-success-strategies/): Learn how Exabeam ensures that customers properly advance their security operations and accelerate adoption of the new platform.
- [Spotlight22: A Demo of Modern Security Operations at Scale](https://www.exabeam.com/resources/videos/spotlight22-exabeam-in-action-a-demo-of-modern-security-operations-at-scale/): Learn the foundational pillars of a modern security operations platform through live demos and how Exabeam delivers them with New-Scale SIEM.
- [Spotlight22: Unveiling Exabeam’s Vision to Advance Security Operations](https://www.exabeam.com/resources/videos/spotlight22-unveiling-exabeams-vision-to-advance-security-operations/): Exabeam unveils the New-Scale SIEM to advance security operations and introduces innovation across a new platform.
- [Introducing Exabeam SIEM: Cloud-native SIEM at Hyperscale](https://www.exabeam.com/resources/webinars/introducing-exabeam-siem-cloud-native-siem-at-hyperscale/): New-Scale SIEM is a breakthrough combination of threat detection, investigation and response (TDIR) capabilities security operations needs in products they will want to use.
- [The Total Economic Impact™ of Exabeam Fusion](https://www.exabeam.com/resources/reports/forrester-tei-2022/): Learn how the behavioral analytics and automation capabilities of Exabeam Fusion SIEM transformed Security Operations at six organizations.
- [The 5 Claims Your SIEM Vendor Should Never Make… And They Did](https://www.exabeam.com/resources/webinars/the-5-claims-your-siem-vendor-should-never-make-and-they-did/): In this webinar, Jeannie and Chris highlight the questions that everyone SHOULD be asking their security teams, their potential vendors, and their own management.
- [Mapping AI to Your Security Posture and Avoiding Overlooked Threats](https://www.exabeam.com/resources/webinars/mapping-ai-to-your-security-posture-and-avoiding-overlooked-threats/): Learn how can InfoSec teams test and recognise AI bias, how to prevent biased AI models missing unknown threats, and how to creating biased algorithms.
- [Protecting Your Blindspots Against Insider Threats and Other Attacks](https://www.exabeam.com/resources/webinars/protecting-your-blindspots-against-insider-threats-and-other-attacks/): In this webinar we explore the challenges organizations face with Insider Threats, how to identify the blindspots, and how a SOC platform lcan help you protect what other tools can’t see.
- [Spotlight21: An Introduction to Exabeam Alert Triage and Threat Hunting](https://www.exabeam.com/resources/videos/spotlight21-an-introduction-to-exabeam-alert-triage-and-threat-hunting/): In this session from our Spotlight21 event Exabeam experts demonstrate the power of Alert Triage in the Fusion product.
- [Spotlight21: Fusion – The Evolution of the Exabeam SecOps Platform](https://www.exabeam.com/resources/videos/spotlight21-fusion-the-evolution-of-the-exabeam-secops-platform/): Exabeam experts provide a high-level overview of the Fusion product line, highlighting key differences and advancements, as well as provide a glimpse into future Fusion releases.
- [Spotlight21: Response Unleashed for the Exabeam Power User](https://www.exabeam.com/resources/videos/spotlight21-response-unleashed-for-the-exabeam-power-user/): Experts discuss different approaches to streamlining response actions within the Exabeam Platform.
- [Spotlight21: Insights into our SOC Transformation Expedition](https://www.exabeam.com/resources/videos/spotlight21-from-reactive-to-proactive-insights-into-our-soc-transformation-expedition/): Learn insights from SA Power Networks shares on their transformation from a reactive SOC on-prem to a fully SaaS-based, proactive, and future-state threat informed SOC.
- [Flying High: Security at Scale at Delta Air Lines](https://www.exabeam.com/resources/videos/flying-high-security-at-scale-at-delta-air-lines/): Learn how Deborah Wheeler has built world-class security operations at Delta, one of the United States’ most trusted major airlines.
- [Exabeam Fusion Privacy](https://www.exabeam.com/resources/data-sheets/exabeam-fusion-privacy/): Our Customer Success Services Team provides support, reporting, and a Customer Success Manager (CSM) to help your security team meet its business goals, from deployment onward.
- [Exabeam and Forescout](https://www.exabeam.com/resources/briefs/exabeam-and-forescout/): The Exabeam-Forescout integration improves monitoring and real-time visibility over managed and unmanaged devices across the enterprise by collecting unlimited network access activity data and analyzing it in the context of baseline user and device behavior.
## Exabeam Nova
- [Exabeam Nova](https://www.exabeam.com/resources/briefs/exabeam-nova/): Exabeam Nova transforms the New-Scale Security Operations Platform into an intelligent, proactive teammate for your SOC. Built directly into the platform with no added cost or complexity, Exabeam Nova helps security teams accelerate threat detection, investigation, and response (TDIR) through automation, behavior analytics, and real-time insights.
- [Outcomes Navigator](https://www.exabeam.com/resources/briefs/outcomes-navigator/): Transform SecOps with Exabeam Outcomes Navigator. Get a real-time view of detection coverage, map to MITRE ATT&CK®, and generate board-ready reports.
- [Behavior Intelligence for the Agentic Enterprise](https://www.exabeam.com/resources/data-sheets/behavior-intelligence-for-the-agentic-enterprise/): Read the Exabeam corporate data sheet to learn how our behavior intelligence secures both human and AI agents, stops insider threats, and accelerates TDIR.
- [Three Practical Ways to Accelerate Threat Hunting Using Search](https://www.exabeam.com/resources/guides/three-practical-ways-to-accelerate-threat-hunting-using-search/): Discover 3 practical ways to accelerate threat hunting using Exabeam Search. Learn to leverage natural language and guided filters to reduce manual effort.
- [From Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk](https://www.exabeam.com/resources/webinars/from-human-to-hybrid-how-ai-and-the-analytics-gap-are-fueling-insider-risk-webinar/): Insider threats have entered a new era — fueled by AI, shaped by behavioral blind spots, and overlooked by executive leadership. Join the TEN18 by Exabeam team as we break down the findings from our 2025 global Insider Threat Report: From Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk. In this session, our security experts and threat researchers will analyze the latest data from over 1,000 cybersecurity professionals and provide actionable insights for security analysts, SOC leaders, and CISOs alike.
- [The Evolving Threat Landscape (Session 1)](https://www.exabeam.com/resources/webinars/the-evolving-threat-landscape-session-1/): Join Steve Wilson, Exabeam Chief AI & Product Officer to learn about the "The Evolving Threat Landscape" Learn about the rise of internal threats, the evolution of insider threats, and the benefits of AI security.
- [Automated Threat Timelines](https://www.exabeam.com/resources/videos/automated-threat-timelines/): Manually building a threat timeline can take hours. Analysts spend up to 30% of their time piecing together logs and correlating events. Most platforms provide raw data and leave the hard part to you.Exabeam Nova changes that. Using machine learning and a patented session data model, it automatically builds threat timelines in real time, even for routine activity. Detections are grouped, entities are correlated, and a complete sequence of events comes into focus quickly.
- [Exabeam Nova: End-to-End AI](https://www.exabeam.com/resources/videos/exabeam-nova-end-to-end-ai/): AI claims are everywhere, but most solutions stop at basic summaries or chatbots, leaving gaps in detection, investigation, and response. Exabeam Nova is different. It starts with machine-learned behavioral detections and continues through every step of the workflow.
- [Natural Language Processing](https://www.exabeam.com/resources/videos/natural-language-processing/): Most security tools expect analysts to write complex queries and learn proprietary syntax. That slows teams down and limits who can run searches or build reports.Exabeam Nova makes it easier. With built-in natural language processing (NLP), you can search using everyday language. Ask questions like, "Show me all cases of suspected data exfiltration in the past three months" and get answers instantly.
- [Outcomes Navigator With Exabeam Nova](https://www.exabeam.com/resources/videos/outcomes-navigator-with-exabeam-nova/): Most SIEM platforms stop at detection. They don't tell you if your coverage is effective or where critical gaps exist.Outcomes Navigator goes further. It maps your data and detections to real-world threats, including MITRE ATT&CK® techniques and high-impact use cases like lateral movement and credential abuse. With Exabeam Nova built in, you get a clear, prioritized report that shows what's working and what needs attention.
- [Exabeam Nova Investigation Summary](https://www.exabeam.com/resources/videos/exabeam-nova-investigation-summary/): Embedded in Threat Center, Exabeam Nova pulls together context from across the environment, highlights key events, and recommends next steps. Analysts at any level can move quickly from detection to resolution without starting from scratch.
- [Operationalizing Continuous Improvement in the Age of Advanced Threats](https://www.exabeam.com/resources/white-papers/operationalizing-continuous-improvement-in-the-age-of-advanced-threats/): Security operations don’t have an endpoint. CISOs and SOC leaders are expected to show progress, close detection gaps, and prove the value of their programs, even as threats evolve and the environment changes.
- [Five Threat Coverage Capabilities You’ll Unlock With Outcomes Navigator](https://www.exabeam.com/resources/guides/five-threat-coverage-capabilities-youll-unlock-with-outcomes-navigator/): Collecting logs is just the beginning. To detect real threats and reduce risk, you need visibility into what your data is actually doing. Outcomes Navigator helps you map log sources to MITRE ATT&CK® techniques and detection use cases, so you can close gaps, cut waste, and prioritize what's truly important.
- [Augment Your SIEM With New-Scale Analytics](https://www.exabeam.com/resources/briefs/augment-your-siem-with-new-scale-analytics/): Most SIEMs rely on static rules and correlation engines that struggle to detect identity-based threats—especially when attackers blend in using stolen credentials. Exabeam New-Scale Analytics brings machine-learned threat detection to your existing SIEM, helping you uncover threats that traditional tools miss.
- [Introducing Exabeam Nova](https://www.exabeam.com/resources/videos/introducing-exabeam-nova/): Most cybersecurity AI tools just repeat data back to you. Exabeam Nova is different. It's the first fully integrated agentic AI built into the security operations workflow—doing real work, not just summarizing alerts.
- [What’s New at Exabeam—April 2025 Release](https://www.exabeam.com/resources/videos/whats-new-at-exabeam-april-2025-release/): This short video highlights key product updates across the Exabeam portfolio, designed to accelerate threat detection, investigation, and response.
- [Experience Exabeam Nova in Action](https://www.exabeam.com/resources/videos/experience-exabeam-nova-in-action/): Security teams are under pressure to detect threats faster and respond with precision. Exabeam Nova redefines what's possible by putting powerful agentic AI at the center of the analyst experience.
## Company News
- [What’s New in New-Scale July 2026: Behavior Intelligence for AI Agents](https://www.exabeam.com/blog/company-news/whats-new-in-new-scale-july-2026-ai-agents-need-more-than-guardrails/): Exabeam expands Behavior Intelligence to verify, observe, analyze, and improve AI agent security.
- [What’s New in the LogRhythm SIEM July 2026 Release](https://www.exabeam.com/blog/company-news/logrhythm-siem-july-2026-release-accelerating-investigations-and-expanding-visibility/): LogRhythm SIEM July 2026 updates speed investigations, automate key workflows, and expand telemetry coverage.
- [Securing AI Agents With Behavioral Analytics](https://www.exabeam.com/blog/company-news/whats-new-in-new-scale-april-2026-securing-the-agentic-enterprise-with-behavioral-analytics/): Learn how Agent Behavior Analytics helps your security operations team detect insider threats from humans and AI agents.
- [April 2026 LogRhythm SIEM Release Updates](https://www.exabeam.com/blog/company-news/whats-new-in-the-april-2026-logrhythm-siem-release/): Learn about new admin and analyst updates in the April 2026 LogRhythm SIEM release.
- [Meet Exabeam Sherpa: The AI Backbone of Our Next‑Generation Partner Experience](https://www.exabeam.com/blog/company-news/meet-exabeam-sherpa-the-ai-backbone-of-our-next-generation-partner-experience/): Meet Exabeam Sherpa, the AI virtual CAM for our APEX Partner Program. Get 24/7 AI-driven sales coaching, interactive training, and smart prospecting support to accelerate growth.
- [Exabeam Introduces AI Agent Security in New-Scale Launch](https://www.exabeam.com/blog/company-news/whats-new-in-new-scale-january-2026-ai-agent-security-is-here/): The Exabeam January New-Scale launch introduces AI Agent Security, Agent Behavior Analytics, and strategic oversight for your AI workforce.
- [LogRhythm SIEM Jan 2026: Faster Detection & Automation](https://www.exabeam.com/blog/company-news/whats-new-in-logrhythm-siem-january-2026/): The LogRhythm SIEM Jan 2026 release delivers faster threat detection, automated rule management, and deeper SaaS visibility.
- [My First Week as CEO. Building on strength. Moving with purpose.](https://www.exabeam.com/blog/company-news/my-first-week-as-ceo/): Pete Harteveld’s first week as Exabeam CEO and why he believes so strongly in the company.
- [Exabeam is Named a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM](https://www.exabeam.com/blog/company-news/exabeam-named-a-leader-for-the-sixth-time-in-the-2025-gartner-magic-quadrant-for-security-information-and-event-management-siem/): Exabeam is a Leader in the 2025 Gartner® Magic Quadrant™ for SIEM for the sixth time. See why our AI and automation lead the industry.
- [LogRhythm SIEM Oct. 2025: Stronger Resiliency & Faster Insights](https://www.exabeam.com/blog/company-news/whats-new-in-logrhythm-siem-october-2025/): Explore the October 2025 LogRhythm SIEM release. Get multi-cluster resiliency, faster insights with new metric widgets, a unified Threat Center, and more.
- [Exabeam New-Scale October 2025 Release: Measurable, Automated Security Operations](https://www.exabeam.com/blog/company-news/whats-new-with-new-scale-in-october-2025-measurable-automated-everywhere-security-operations/): See what’s new in the October 2025 New-Scale release: benchmark progress, reduce noise, and extend automation everywhere.
- [Closing Visibility Gaps That Keep CISOs Up at Night](https://www.exabeam.com/blog/company-news/closing-visibility-gaps-that-keep-cisos-up-at-night/): Discover how the latest platform release gives CISOs the clarity they need to measure security posture and improve outcomes.
- [What’s New in July 2025: Smarter, Faster, More Flexible Security Operations ](https://www.exabeam.com/blog/company-news/whats-new-in-july-2025-smarter-faster-more-flexible-security-operations/): Get a sneak peek into Exabeam's July 2025 release! Discover how Exabeam Nova's six specialized AI agents provide smarter, faster, and more flexible security operations, helping CISOs, analysts, and platform teams.
- [What’s New in LogRhythm SIEM 7.21: Expanded Alarm Filtering, Real-Time Log Access, and Developer Tools](https://www.exabeam.com/blog/company-news/whats-new-in-logrhythm-siem-7-21-expanded-alarm-filtering-real-time-log-access-and-developer-tools/): Improve threat detection, log analysis, and automation with the latest updates in LogRhythm SIEM 7.21.
- [Why I Joined Exabeam: A Security Professional’s Journey to Innovation and Balance](https://www.exabeam.com/blog/company-news/why-i-joined-exabeam-brook/): Discover why I joined Exabeam—where innovation, collaboration, and work-life balance thrive.
- [](https://www.exabeam.com/blog/company-news/ai-at-the-core-elevating-steve-wilson-to-chief-ai-and-product-officer/)
- [LogRhythm SIEM 7.20: Boost Security Insights With Enhanced Dashboards & Data Ingestion](https://www.exabeam.com/blog/company-news/logrhythm-siem-7-20-expanded-dashboard-visibility-and-enhanced-data-ingestion/): LogRhythm SIEM 7.20 boosts security with broader data analysis, seamless integration, and enhanced insights.
- [See the Threats that Matter with AI-Driven LogRhythm Intelligence ](https://www.exabeam.com/blog/company-news/see-the-threats-that-matter-with-ai-driven-logrhythm-intelligence/): Detect anomalous activity and escalate potential threats with LogRhythm Intelligence, the AI-driven solution for security operations teams.
- [What’s New in Exabeam Product Development – Q3 2024](https://www.exabeam.com/blog/company-news/whats-new-in-exabeam-product-development-q3-2024/): The innovation momentum of the New-Scale Platform continues this quarter, marking our eighth straight quarter with monthly releases.
- [Product Strategy: Our Commitment to LogRhythm SIEM Customers](https://www.exabeam.com/blog/company-news/product-strategy-our-commitment-to-logrhythm-siem-customers/): The self-hosted LogRhythm SIEM platform will continue to play a critical role in Exabeam’s portfolio. Here is our commitment to customers post-merger.
- [Pushing the Boundaries of AI-Driven Security Operations](https://www.exabeam.com/blog/company-news/pushing-the-boundaries-of-ai-driven-security-operations/): Explore Exabeam's vision and product roadmap for the future of AI-driven security operations in the face of increasing cyberthreats.
- [A New Era for Vigilant CISOs](https://www.exabeam.com/blog/company-news/a-new-era-for-vigilant-cisos/): Experience a revolutionary shift in the cybersecurity landscape. The merger of Exabeam and LogRhythm sets a new standard in the fight against cyberthreats.
- [The “New” Exabeam: Brand Evolution for our Next Phase of Innovation and Growth](https://www.exabeam.com/blog/company-news/the-new-exabeam-brand-evolution-for-our-next-phase-of-innovation-and-growth/): Discover the strategy behind the new brand identity of Exabeam after the merger with LogRhythm. Embrace the future of innovation and growth.
- [The Amazing Journey Continues](https://www.exabeam.com/blog/company-news/the-amazing-journey-continues/): Discover the exciting new chapter in the Exabeam and LogRhythm journey. Explore expanded threat detection and AI-driven functionalities.
- [Exabeam Channel Program and Leaders Recognized by CRN](https://www.exabeam.com/blog/company-news/exabeam-channel-program-and-leaders-recognized-by-crn/): Exabeam wins 5-star CRN 2024 Partner Program rating, named among top Channel Chiefs and recognized in Security 100 list.
- [Exabeam Unveils 2023 Partner of the Year Award Winners](https://www.exabeam.com/blog/company-news/exabeam-unveils-2023-partner-of-the-year-award-winners/): These awards encompass our entire ecosystem of partnerships, including value-added resellers (VARs), managed security service providers (MSSPs), global service partners, and technology alliances that offer an array of innovative sales, advisory, support services, and solutions.
- [Company Update – October 25, 2023](https://www.exabeam.com/blog/company-news/company-update-october-25-2023/): Exabeam announced a business restructuring that will better align departments across the company for operational efficiency and continued innovation, as well as strengthen our financial health as we navigate global macroeconomic headwinds.
- [Announcing the 2023 Exabeam Cybersecurity Warrior Awards: Nominate Your Champions!](https://www.exabeam.com/blog/company-news/announcing-the-2023-exabeam-cybersecurity-warrior-awards-nominate-your-champions/): Nominate cybersecurity innovators and leaders for the prestigious 2023 Exabeam Cybersecurity Warrior Awards.
- [Growing Confidence and Corporate Skills: My Exabeam Internship Experience](https://www.exabeam.com/blog/company-news/growing-confidence-and-corporate-skills-my-exabeam-internship-experience/): Discover how Exabeam nurtures interns, fostering confidence, corporate skills, and growth in a dynamic environment.
- [Igniting Passion for Corporate Communications: My Exabeam Internship Experience](https://www.exabeam.com/blog/company-news/igniting-passion-for-corporate-communications-my-exabeam-internship-experience/): Gain valuable insights into corporate marketing and cybersecurity through a transformative internship at Exabeam.
- [Reflections on My Internship: Insights, Teamwork, and Growth at Exabeam](https://www.exabeam.com/blog/company-news/reflections-on-my-internship-insights-teamwork-and-growth-at-exabeam/): Gain insights into marketing & teamwork through an internship at Exabeam. Reflections on projects, takeaways, and growth.
- [A Transformative Journey: My Internship Experience at Exabeam](https://www.exabeam.com/blog/company-news/a-transformative-journey-my-internship-experience-at-exabeam/): Discover the journey of an intern at Exabeam. Learn about their projects, lessons learned, and future aspirations.
- [Human Resources Predictions for 2023](https://www.exabeam.com/blog/company-news/human-resources-predictions-for-2023/): Exabeam CHRO Gianna Driver makes HR predictions for 2023, including diversity, equity, inclusion, and belonging.
- [Exabeam Opens New Office in Plano, TX; Expands Customer Service and Support in North America](https://www.exabeam.com/blog/company-news/exabeam-opens-new-office-in-plano-tx-expands-customer-service-and-support-in-north-america/): Exabeam announces a new office location in Plano, Texas, for Customer Success, Engineering, HR, and Sales teams.
- [Who Cares? Exabeam Cares](https://www.exabeam.com/blog/company-news/who-cares-exabeam-cares/): Exabeam employees take time out to carry the ExaCares service mission around the globe to shine a light on communities.
- [To All Women, Cis and Trans – We See You. We Honor You. ](https://www.exabeam.com/blog/company-news/to-all-women-cis-and-trans-we-see-you-we-honor-you/): What can we and other organizations do to be more inclusive of the trans community and why should we care?
- [Top 3 Skills Cybersecurity Project Managers Rely On](https://www.exabeam.com/blog/company-news/top-3-skills-cybersecurity-project-managers-rely-on/): To be a great project manager, you need to have technical (hard) skills, of course, but soft skills are very important because it will help you maneuver and build relationships to be a truly great project manager.
- [5 Security Questions to Consider this Holiday Season](https://www.exabeam.com/blog/company-news/5-security-questions-to-consider-this-holiday-season/): With Log4J exploits dropping and SOC teams prepping for the holiday freeze, these are 5 questions every SOC Manager should be asking themselves, their SOC analysts, and their vendors.
- [Total Economic Impact™ Study Reveals 258% ROI for LogRhythm SIEM](https://www.exabeam.com/blog/company-news/total-economic-impact-study-reveals-258-roi-for-logrhythm-siem/): To help companies evaluate the potential financial impact of the LogRhythm NextGen SIEM Platform, Forrester Consulting conducted a Total Economic Impact™ study.
- [Why I Joined Exabeam](https://www.exabeam.com/blog/company-news/why-i-joined-exabeam-mdc/)
- [Why I Joined Exabeam](https://www.exabeam.com/blog/company-news/why-i-joined-exabeam/): Gorka Sadowski joins Exabeam as chief strategy officer.
- [Disco Craze Hits Exabeam: Hackathon Days](https://www.exabeam.com/blog/company-news/disco-craze-hits-exabeam-hackathon-days/): January saw the first of two rad Exabeam all-hands Hackathons planned for the year. Nearly 15 percent of our company—including participants from engineering, customer success, sales, community and other teams—spent two days building and creating fantastic features to help enhance our product.
- [College Grads, Your Dream Job Could be in Cybersecurity](https://www.exabeam.com/blog/company-news/college-grads-your-dream-job-could-be-in-cybersecurity/)
- [A Forensics Expert’s Opinion: Why Exabeam Matters](https://www.exabeam.com/blog/company-news/a-forensics-experts-opinion-why-exabeam-matters/): Companies are increasingly getting better about logging; both by collecting from more sources and by logging more verbosely.
- [A Day in the Life of an Exabeamer](https://www.exabeam.com/blog/company-news/a-day-in-the-life-of-an-exabeamer/): Life in any start-up is bound to be wildly different one day to the next. Today we’ll be talking about energy, and the two primary physical outlets it takes in our office.
- [Ted Plumis: Why I Joined Exabeam – a User Behavior Analytics Company](https://www.exabeam.com/blog/company-news/ted-plumis-why-i-joined-exabeam-a-user-behavior-analytics-company/): As I meet with our business partners and resellers, I'm repeatedly asked one question at the beginning of every meeting...
- [The End of SIEM as We Know It, or Why I joined Exabeam](https://www.exabeam.com/blog/company-news/the-end-of-siem-as-we-know-it-or-why-i-joined-exabeam/): This is the beginning of the end of SIEM as we know it, and Exabeam is here to give a makeover to how we manage and analyze security information events.
## LogRhythm Intelligence
- [LogRhythm Intelligence](https://www.exabeam.com/resources/data-sheets/logrhythm-intelligence/): Combat user and entity-based cyberthreats with a holistic approach through the industry’s most accurate threat detection, investigation, and response (TDIR) platform.
- [LogRhythm SIEM](https://www.exabeam.com/resources/data-sheets/logrhythm-siem/): Streamline incident investigation and response with LogRhythm SIEM: the trusted platform for threat hunting and incident response.
- [LogRhythm SIEM Platform for Qatar Cybersecurity Compliance](https://www.exabeam.com/resources/briefs/logrhythm-siem-platform-for-qatar-cybersecurity-compliance/): Simplify Qatar cybersecurity compliance with the LogRhythm SIEM Platform. Learn how to centralize monitoring, detect threats faster, and automate response to meet NIA and QCB requirements.
- [The Future of SIEM](https://www.exabeam.com/resources/webinars/the-future-of-siem/): Join Steve Kansa, Exabeams VP of Product Management, to learn about the "The Future of SIEM.”
## Brief
- [Threat Center](https://www.exabeam.com/resources/briefs/threat-center/): Threat Center offers a unified workbench that boosts TDIR capabilities through advanced AI assistance and automation, ensuring a consistent view of threats.
- [Exabeam and DataBahn](https://www.exabeam.com/resources/briefs/exabeam-and-databahn/): Exabeam and DataBahn's joint solution controls SIEM data volume and costs while improving threat detection and retaining full-fidelity data for long-term search.
- [Compromised Credentials](https://www.exabeam.com/resources/briefs/compromised-credentials/): Exabeam helps security teams outsmart adversaries using compromised credentials with the support of automation and use case content across the full analyst workflow, from collection to response.
- [Lateral Movement](https://www.exabeam.com/resources/briefs/lateral-movement/): Lateral movement is when an attacker compromises or gains control of one asset within a network and then moves internally within a network (“east-towest”) from that device to others.
- [Privileged Activity](https://www.exabeam.com/resources/briefs/privileged-activity/): Detect and respond to unusual behavior by privileged accounts, critical assets, and privileged processes.
- [Audit Tampering](https://www.exabeam.com/resources/briefs/audit-tampering/): Exabeam helps security and insider threat teams outsmart users engaging in audit tampering with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Exabeam and Wiz](https://www.exabeam.com/resources/briefs/exabeam-and-wiz/): Discover the impact of the Exabeam and LogRhythm merger. Find out how the combined expertise will drive innovation and benefit enterprise customers.
- [Exabeam and LogRhythm Merge, Becoming a Pure-Play SecOps Leader](https://www.exabeam.com/resources/briefs/exabeam-and-logrhythm-merge-becoming-a-pure-play-secops-leader/): Discover the impact of the Exabeam and LogRhythm merger. Find out how the combined expertise will drive innovation and benefit enterprise customers.
- [Exabeam and Okta](https://www.exabeam.com/resources/briefs/exabeam-and-okta/): Download this brief to gain a clear understanding of the key features and benefits of the Exabeam and Okta integration.
- [Exabeam and Armis](https://www.exabeam.com/resources/briefs/exabeam-and-armis/): Learn how you can extend SIEM visibility Into IoT devices to Unify IoT andIT device defense with Exabeam and Armis.
- [Exabeam and Trend Micro](https://www.exabeam.com/resources/briefs/exabeam-and-trend-micro/): The Exabeam Security Operations Platform integrates with Trend Micro Vision One™, using log data to attribute endpoint activity to users and establish a baseline for normal behavior.
- [Exabeam and CyberArk](https://www.exabeam.com/resources/briefs/exabeam-and-cyberark/): The powerful combination of Exabeam and CyberArk bridges the gap between PAS and other security tools, supporting a risk-based approach to cybersecurity.
- [M-21-31 Exabeam + Cribl](https://www.exabeam.com/resources/briefs/m-21-31-exabeam-cribl/): M-21-31 is a memorandum issued by the Office of Management and Budget (OMB) mandating federal agencies to maintain more detailed logs to improve the detection, investigation, and remediation of cyberattacks.
- [Exabeam and Cribl](https://www.exabeam.com/resources/briefs/exabeam-and-cribl/): Exabeam and Cribl provide security teams with better visibility into the right data sets to accelerate threat detection, investigation, and response (TDIR).
- [Achieving OMB M-21-31 with Exabeam](https://www.exabeam.com/resources/briefs/achieving-omb-m-21-31-with-exabeam/): With the breakthrough combination of cloud-native capabilities offered by Exabeam, agencies can detect, defend, and defeat attackers while scaling speed, productivity, accuracy, and outcomes.
- [State and Local Government](https://www.exabeam.com/resources/briefs/state-and-local-government/): With Exabeam, agencies can keep critical systems up and running and protect citizens’ valuable personal data.
- [Automated Investigation Experience](https://www.exabeam.com/resources/briefs/automated-investigation-experience/): Automate and modernize the entire TDIR workflow to gain a complete picture of a threat, reduce manual routines, and simplify complex work.
- [Exabeam Ingester for CrowdStrike](https://www.exabeam.com/resources/briefs/exabeam-ingester-for-crowdstrike/): Detect and investigate advanced attacks and insider threats with UEBA.
- [Your Greatest Adversary Could Be an Insider Threat](https://www.exabeam.com/resources/briefs/your-greatest-adversary-could-be-an-insider-threat/): As a pioneer in UEBA, Exabeam behavioral analytics is always working in the background to baseline what normal activity looks like for every user or asset in an organization.
- [External Attacks: Ransomware and Phishing Attacks](https://www.exabeam.com/resources/briefs/external-attacks-ransomware-and-phishing-attacks/): Exabeam confronts external attacks head-on with packaged use case content that includes end-to-end workflows. Prepackaged content with detection rules, models, and workflows simplify addressing these fast-moving threats.
- [Malware](https://www.exabeam.com/resources/briefs/malware/): Exabeam detects malware attacks by identifying abnormal behavior that is indicative of malicious applications.
- [Ransomware](https://www.exabeam.com/resources/briefs/ransomware/): Exabeam helps security teams outsmart adversaries committing ransomware attacks with the support of behavior analytics, automation, and purpose-built content across the full analyst workflow, from detection to response.
- [Destruction of Data](https://www.exabeam.com/resources/briefs/destruction-of-data/): Exabeam helps security and insider threat teams outsmart users destroying data with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Exabeam Overview](https://www.exabeam.com/resources/briefs/exabeam-overview/): Exabeam delivers industry-leading security analytics coupled with automated threat, detection, investigation, and response (TDIR) purpose-built for today’s environments.
- [Data Leak](https://www.exabeam.com/resources/briefs/data-leak/): Exabeam helps security and insider threat teams outsmart threats from insiders leaking data with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Manufacturing](https://www.exabeam.com/resources/briefs/manufacturing/): Exabeam accurately detects high risk, anomalous user and entity activity across your network, through behavioral analytics.
- [Retail](https://www.exabeam.com/resources/briefs/retail/): By analyzing the logs and applying behavioral analytics to detect adversaries’ techniques and malicious insider threats; Exabeam’s automated workflows help you to secure the omnichannel and multi-channel, protect critical data and support a culture of regulatory compliance.
- [Data Access Abuse](https://www.exabeam.com/resources/briefs/data-access-abuse/): Exabeam helps security and insider threat teams outsmart users abusing their access to data with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Workforce Protection](https://www.exabeam.com/resources/briefs/workforce-protection/): Employees may come and go. Make sure they do not harm the organization on the way out the door.
- [Privilege Abuse](https://www.exabeam.com/resources/briefs/privilege-abuse/): Exabeam helps security and insider threat teams outsmart users abusing their access to privileged accounts or assets with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Account Manipulation](https://www.exabeam.com/resources/briefs/account-manipulation/): Exabeam helps security teams outsmart adversaries using account manipulation with the support of automation and use case content across the full analyst workflow, from detection to response.
- [Exabeam Threat Detection Investigation and Response Use Case Packages](https://www.exabeam.com/resources/briefs/exabeam-threat-detection-investigation-and-response-use-case-packages/): Exabeam TDIR Use Case Packages provide prescriptive, end-to-end workflows and prepackaged content that enable organizations to easily automate detection, investigation and response to compromised insiders, malicious insiders and external threats.
- [Exabeam and Amazon S3](https://www.exabeam.com/resources/briefs/exabeam-and-amazon-s3/): The Exabeam Security Management Platform and Amazon S3 integration allows for a single platform to monitor the activity of users and entities, including cloud storage buckets.
- [Healthcare](https://www.exabeam.com/resources/briefs/healthcare/): Mitigate your cybersecurity risks, support a culture of regulatory compliance, and overcome the cybersecurity skills shortage.
- [Exabeam and Code42](https://www.exabeam.com/resources/briefs/exabeam-and-code42/): The Exabeam and Code42 integration enables security teams at joint customers to quickly detect and investigate data exfiltration.
- [CBEST 2.0 Security Assessment Framework](https://www.exabeam.com/resources/briefs/cbest-2-0-security-assessment-framework/): The CBEST 2.0 Security Assessment Framework is designed to assist organizations as they assess and improve their cybersecurity readiness.
- [Financial Services](https://www.exabeam.com/resources/briefs/financial-services/): It’s time to mitigate cybersecurity risks, improve customer experience, and overcome the cybersecurity skills gap.
- [Exabeam for Cisco Security](https://www.exabeam.com/resources/briefs/exabeam-for-cisco-security/): The combination of Cisco’s market-leading security enforcement and analytics products and Exabeam’s most-deployed behavioral analytics solution brings a truly modern approach to cybersecurity.
## New-Scale SIEM
- [New-Scale SIEM](https://www.exabeam.com/resources/data-sheets/new-scale-siem/): AI-powered, cloud-native SIEM for fast, modern search, dashboarding, and coordinated response from a single workbench.
- [Exabeam vs. Microsoft Sentinel: Five Ways to Compare and Evaluate](https://www.exabeam.com/resources/guides/exabeam-vs-microsoft-sentinel-five-ways-to-compare-and-evaluate/): Your IT is more than just Microsoft, so why use a SIEM that doesn’t work well with others? Exabeam SIEM is the superior choice over Microsoft Sentinel.
- [Exabeam vs. Splunk: Six Ways to Compare and Evaluate](https://www.exabeam.com/resources/guides/exabeam-vs-splunk-six-ways-to-compare-and-evaluate/): Built by security people for security people, it’s the SIEM that many organizations choose to replace Splunk.
- [A Security Operation Leader’s Guide to New Efficiencies](https://www.exabeam.com/resources/white-papers/a-security-operations-leaders-guide-to-new-efficiencies/): This guide helps SOC managers determine where to leverage automation in their workflows to significantly reduce resourcing and budget constraints while ensuring the best security for their organization.
- [Four Ways to Augment Microsoft Sentinel With the Exabeam Microsoft Sentinel Collector](https://www.exabeam.com/resources/guides/four-ways-to-augment-microsoft-sentinel-with-the-exabeam-microsoft-sentinel-collector/): Augment your SIEM capabilities with Exabeam. Our security analytics and Microsoft Sentinel Collector integrate seamlessly, unlocking your system’s potential.
- [A CISO’s Guide to Rethinking Insider Risk](https://www.exabeam.com/resources/white-papers/a-cisos-guide-to-rethinking-insider-threats/): Explore strategies, collaboration tips, and frameworks to mitigate insider threats and enhance your organization's security posture.
- [Eight Steps to Migrate your SIEM](https://www.exabeam.com/resources/white-papers/8-steps-to-migrate-your-siem/): This white paper provides eight strategic steps to guide migration and put your organization on a path to success.
- [10 SIEM Questions Outcomes Navigator Helps You Answer ](https://www.exabeam.com/resources/guides/10-siem-questions-outcomes-navigator-helps-you-answer/): Use this checklist to explore 10 essential questions every smart SOC leader should ask when evaluating a cloud SIEM—questions that go beyond ingestion volume and deployment model. The right answers help you detect true threats, streamline detection with automation, and continuously improve your security posture.
- [New-Scale Security Operations Platform: April 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/new-scale-security-operations-platform-april-2025-quarterly-launch/): Join us for this webinar to learn the latest news and enhancements to New-Scale Security Operations Platform to help safeguard your environment with confidence.
- [New-Scale Security Operations Platform: January 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/new-scale-security-operations-platform-january-2025-quarterly-launch/): Join us for this webinar to learn the latest news and enhancements to New-Scale Security Operations Platform to help safeguard your environment with confidence.
- [A Guide to Creating an Incident Response Plan With Template](https://www.exabeam.com/resources/guides/a-guide-to-creating-an-incident-response-plan-with-template/): Being prepared against cyberattacks using an Incident Response Plan (IRP) ensures that your organisation has a united course of action when an incident occurs.
- [A Programmatic Approach to Threat Hunting](https://www.exabeam.com/resources/white-papers/a-programmatic-approach-to-threat-hunting/): Building a threat hunting program? Read our guide on building an effective and scalable program, essential tools, and how to prove your success.
- [Four Ways Exabeam Delivers Better Security Outcomes Than Palo Alto Networks XSIAM](https://www.exabeam.com/resources/guides/four-ways-exabeam-delivers-better-security-outcomes-than-palo-alto-networks-xsiam/): Ensure your organization’s security with a proven, next-generation solution. Download the guide today!
- [Considering Microsoft Sentinel for SIEM?](https://www.exabeam.com/resources/white-papers/considering-microsoft-sentinel-for-siem/): The cybersecurity crisis in the United States has become so severe that President Joe Biden has reached out to the private sector to help. Other governments are taking legislative actions as well.
- [Rules Versus Models in Your SIEM](https://www.exabeam.com/resources/white-papers/rules-versus-models-in-your-siem/): Explore the evolution of SIEM from rule-based to model-driven security analytics. Learn the pros, cons, and use cases of each and how to optimize your strategy.
- [Threat Detection and Response: Technologies and Best Practices](https://www.exabeam.com/explainers/new-scale-siem/threat-detection-and-response-technologies-and-best-practices/): Threat detection and response, often abbreviated as TDR, refers to a collection of cybersecurity processes and solutions aimed at identifying, analyzing, and responding to security threats.
- [10 Reasons SIEM Should Remain Dedicated to Security](https://www.exabeam.com/resources/white-papers/10-reasons-siem-should-remain-dedicated-to-security/): Learn why SIEM is key for security. Understand the risks of a unified tool for ITOM, APM, and security, and the unique needs of different stakeholders.
- [Four Steps to Migrate from Splunk to Exabeam](https://www.exabeam.com/resources/guides/four-steps-to-migrate-from-splunk-to-exabeam/): Migrate from Splunk to Exabeam and streamline your security operations with our four-step guide.
- [Replacing or Augmenting Splunk with Exabeam](https://www.exabeam.com/resources/briefs/replacing-or-augmenting-splunk-with-exabeam/): Whether you’ve deployed Splunk and need to augment it or replace it, compare the outcomes for your security team.
- [Overcoming the Limitations of Addressing Insider Threat: Real Solutions for Real Security Challenges with Exabeam](https://www.exabeam.com/resources/webinars/overcoming-the-limitations-of-addressing-insider-threat-real-solutions-for-real-security-challenges-with-exabeam/): In this webinar we explore the challenges organizations face with Insider Threats, how to identify the blindspots, and how a SOC platform lcan help you protect what other tools can’t see.
- [Exabeam Security Log Management Overview](https://www.exabeam.com/resources/videos/product-tour-exabeam-security-log-management/): Affordable, cloud-scale log management built for security and compliance use cases.
- [Exabeam SIEM Overview](https://www.exabeam.com/resources/videos/product-tour-exabeam-siem/): Exabeam unveils the vision for New-Scale SIEM to advance security operations and introduces innovation across a new platform.
- [Using Behavior Analytics to Stave Off Compromised Credential Attacks](https://www.exabeam.com/resources/webinars/using-behavior-analytics-to-stave-off-compromised-credential-attacks/): This webinar addresses the challenges associated with compromised credentials and the steps organizations can take to improve their detection and response.
- [Combating Cyber Attacks With SOAR](https://www.exabeam.com/explainers/new-scale-siem/combating-cyber-attacks-with-soar/): What is SOAR - Learn how to leverage cutting-edge SOAR technologies to fight and block cyber attacks.
- [10 Must-Have Features to be a Modern SIEM](https://www.exabeam.com/explainers/new-scale-siem/10-must-have-features-to-be-a-modern-siem/): Next-gen SIEMs can now apply new solutions to your security domain that weren’t available with legacy SIEMs. But many SIEMs claim to be “next-generation,” and yet don’t have what’s needed to solve the problems most security teams face today. What features are needed to be a modern SIEM?
- [Cloud SIEM in 2025: Features, Deployment, and Best Practices](https://www.exabeam.com/explainers/new-scale-siem/cloud-siem-features-capabilities-and-advantages/): A cloud SIEM (Security Information and Event Management) is a cloud-based platform that helps organizations collect, monitor, and analyze security data to identify and respond to threats in real time. It's delivered as a service, offering monitoring, analysis, and management of security events.
- [5 Steps to Design Your Cybersecurity Strategy](https://www.exabeam.com/resources/infographics/5-steps-to-design-your-cybersecurity-strategy/): Success is not operating incident-free but learning from them. Here are steps to design your cybersecurity strategy.
- [Planning Before the Breach: You Can’t Protect What You Can’t See](https://www.exabeam.com/resources/webinars/planning-before-the-breach-you-cant-protect-what-you-cant-see-2/): Learn how to assess your risk; improve security detection and response capabilities; and level the playing field against sophisticated adversaries.
- [Top Three Reasons to Replace Your Existing SIEM with Exabeam](https://www.exabeam.com/resources/webinars/top-three-reasons-to-replace-your-existing-siem-with-exabeam/): Learn why traditional SIEMs are hard to deploy and the top three reasons why customers replace their SIEM with Exabeam.
- [Top Five Reasons to Augment your Existing SIEM with Exabeam Fusion XDR](https://www.exabeam.com/resources/webinars/top-five-reasons-to-augment-your-existing-siem-with-exabeam-fusion-xdr/): Learn the top five reasons why you should consider augmenting your existing SIEM with Exabeam, providing you with real customer case stories you can use to justify evaluating Exabeam.
## New-Scale Security Analytics
- [New-Scale Analytics](https://www.exabeam.com/resources/data-sheets/new-scale-analytics/): Automated threat detection powered by user and entity behavioral analytics with correlation and threat intelligence.
- [10 Reasons to Augment Your SIEM with Behavioral Analytics](https://www.exabeam.com/resources/guides/10-reasons-to-augment-your-siem-with-behavioral-analytics/): Struggling with too many SIEM alerts? Augment your SIEM with behavioral analytics to add context, prioritize risk, and automatically detect insider threats and compromised users that traditional tools miss.
- [14 Behavioral Analytics Use Cases Security Operations Teams Should Evaluate](https://www.exabeam.com/resources/guides/14-behavioral-analytics-use-cases-security-operations-teams-should-evaluate/): Discover 14 behavioral analytics use cases to help SecOps detect and investigate identity-driven risk across users, service accounts, and AI agents.
- [Exabeam vs. IBM QRadar and Cortex XSIAM: Four Ways to Compare and Evaluate](https://www.exabeam.com/resources/guides/exabeam-vs-qradar-four-ways-to-compare-and-evaluate/): Discover why Exabeam outperforms IBM QRadar and Palo Alto Networks XSIAM with superior threat detection, automation, and scalable cloud-native solutions.
- [Exabeam Elevate | 2026](https://www.exabeam.com/resources/webinars/exabeam-elevate-2026/): Watch this on-demand webinar where Warby Warburton, VP of Product Management at Exabeam delves into the future of cyber defense with New-Scale Analytics. This event is designed for cybersecurity professionals, IT leaders, and anyone interested in the latest advancements in cybersecurity technology.
- [Revolutionizing Cyber Defense: Driving Efficiency with New-Scale Analytics](https://www.exabeam.com/resources/webinars/revolutionizing-cyber-defense-driving-efficiency-with-new-scale-analytics/): Watch this on-demand webinar where Warby Warburton, VP of Product Management at Exabeam delves into the future of cyber defense with New-Scale Analytics. This event is designed for cybersecurity professionals, IT leaders, and anyone interested in the latest advancements in cybersecurity technology.
- [Enabling the High-Fidelity SOC with Behavioral Detection](https://www.exabeam.com/resources/white-papers/enabling-the-high-fidelity-soc-with-behavioral-detection/): This white paper reveals the architectural secrets behind a modern, multi-dimensional approach to behavioral detection. Learn how to move beyond one-size-fits-all UEBA and empower your SOC with the context needed to focus on high-fidelity threats.
- [Unlocking the Power of AI in Security Operations: A Primer](https://www.exabeam.com/resources/white-papers/unlocking-the-power-of-ai-in-security-operations-a-primer/): Learn to tackle malware, compromised credentials, and malicious insiders effectively. Download the white paper to strengthen your security strategy today!
- [Breaking the Rules: When Static Detection Logic Reaches Its Limits, What’s Next?](https://www.exabeam.com/resources/white-papers/breaking-the-rules-when-static-detection-logic-reaches-its-limits-whats-next/): Correlation rules are no longer enough to protect against advanced threats. An over-reliance on static, manually written rules creates alert fatigue, introduces complexity, and leaves your SOC struggling to detect modern attacks. It’s time for a more effective approach.
- [Multi-Layered Risk Scoring](https://www.exabeam.com/resources/videos/multi-layered-risk-scoring/): Security analysts spend up to 75% of their time triaging alerts, often without enough context to separate signal from noise. Exabeam helps reduce this burden by automatically grouping related detections, linking users and assets, and assigning dynamic risk scores.
- [October Quarterly Launch: New-Scale Exabeam Security Operations Platform](https://www.exabeam.com/resources/webinars/october-quarterly-launch-new-scale-exabeam-security-operations-platform/): Join us for this webinar to learn the latest news and enhancements to Exabeam's New-Scale platform to help safeguard your environment with confidence.
- [October Quarterly Launch: LogRhythm SIEM](https://www.exabeam.com/resources/webinars/october-quarterly-launch-logrhythm-siem/): Learn more about the latest enhancements to LogRhythm SIEM, our self-hosted SIEM platform. Product leaders will demo the latest enhancements and provide guidance on how to apply these enhancements to your team.
- [Election Security: Guidance to Assess Risk and Protect Infrastructure](https://www.exabeam.com/resources/webinars/election-security-guidance-to-assess-risk-and-protect-infrastructure/): With the November presidential election approaching, there’s no better time to discuss how you can help ensure the integrity and cyber resilience of the electoral process.
- [Cybersecurity Brew: Episode 9](https://www.exabeam.com/resources/webinars/cybersecurity-brew-episode-9/): With the November presidential election approaching, there’s no better time to discuss how you can help ensure the integrity and cyber resilience of the electoral process.
- [Security Analyst Learning Path](https://www.exabeam.com/resources/data-sheets/security-analyst-learning-path/): The Learning Path will enable analysts to utilize the Exabeam Security Operations Platform for daily, weekly, and monthly tasks.
- [Exabeam for Analysts](https://www.exabeam.com/resources/data-sheets/exabeam-for-analysts/): This course covers analyst workflows, risk assessment, and case management, providing a comprehensive overview of threat handling.
- [Three Ways to Get More Value from Splunk](https://www.exabeam.com/resources/webinars/three-ways-to-get-more-value-from-splunk/): Join Randeep Gill to learn how Exabeam can provide unmatched security outcomes when paired with a traditional SIEM such as Splunk.
- [Using Advanced Analytics](https://www.exabeam.com/resources/data-sheets/using-advanced-analytics/): Students will learn the basics of user and entity behavior analytics (UEBA) and how to leverage Smart Timelines™, risk scoring, and other features in Advanced Analytics to accelerate their daily tasks
- [Investigating Threats with Advanced Analytics](https://www.exabeam.com/resources/data-sheets/investigating-threats-with-advanced-analytics/): This hands-on training program delves into the intricacies of Exabeam's analytics platform, focusing on its capabilities in identifying and mitigating compromised credentials, lateral movement, insider threats, and other types of cyberattacks.
- [Create Dashboards and Correlation Rules](https://www.exabeam.com/resources/data-sheets/create-dashboards-and-correlation-rules/): Students will gain practical, hands-on experience with the features and functionalities of Search, Dashboards, and Correlation Rules.
- [Working with Context and Parsing in Log Stream](https://www.exabeam.com/resources/data-sheets/working-with-context-and-parsing-in-log-stream/): The hands-on lab exercises will give you practice creating and populating context tables from CSV files and Active Directory, as well as custom dynamic context tables filtered from Active Directory attributes.
- [Unlock the Secrets of Cybersecurity Investments ](https://www.exabeam.com/resources/webinars/unlock-the-secrets-of-cybersecurity-investments/): Learn what CISOs think about their TDIR capabilities, the challenges, and the future investments shaping the cybersecurity landscape.
- [Using Search](https://www.exabeam.com/resources/data-sheets/using-search/): In this one-day instructor-led course, students will learn the skills and features needed to effectively search the log data in the Exabeam Security Operations Platform.
- [Critical Security Lessons Airlines Need to Know](https://www.exabeam.com/resources/webinars/critical-security-lessons-airlines-need-to-know/): Exabeam and Allegiant Airlines discuss key topics around cybersecurity approaches, challenges, and more specific to the airline industry:
- [Rule Tuning for Advanced Analytics](https://www.exabeam.com/resources/data-sheets/rule-tuning-for-advanced-analytics/): This course's purpose is to develop a strong understanding of why rule tuning is necessary, and enable learners to create and edit Advanced Analytics rules for optimization.
- [Advanced Analytics for Administrators](https://www.exabeam.com/resources/data-sheets/advanced-analytics-for-administrators/): This course includes administrative concepts and configuration around Event Selection, Advanced Analytics, Case Manager, and Incident Responder.
- [Behavioral Analytics](https://www.exabeam.com/resources/briefs/behavioral-analytics/): Behavioral analytics baseline the normal behavior of users and devices with behavioral models, to detect, prioritize, and respond to anomalies based on risk.
- [The Ultimate Guide to User and Entity Behavior Analytics (UEBA)](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-behavioral-analytics/): This eBook was created to help organizations evaluating UEBA solutions better understand it and how it can be adopted to improve your overall security posture with faster, easier, and more accurate TDIR.
- [Overview of Exabeam’s SIEM & Security Analytics Product Innovations](https://www.exabeam.com/resources/webinars/overview-of-exabeams-siem-security-analytics-product-innovations/): If you are reviewing your SIEM or broader security stack in the next 12 months, this webinar is for you!
- [Fantastic Attack Types and How to Find Them](https://www.exabeam.com/resources/webinars/fantastic-attack-types-and-how-to-find-them/): Learn the difference between chasing IoCs and leveraging TTPs, why credential theft and subsequent usage is key to detect virtual pickpockets, and automated threat analytics helps outsmart the fantastic and turn it into commonplace.
- [SOC Efficiency and Advanced Analytics](https://www.exabeam.com/resources/infographics/soc-efficiency-and-advanced-analytics/): See how Exabeam immediately detected an alert that signaled a lateral movement attack.
## Security Operations
- [How Insider Risk Builds Over Time Without Obvious Violations](https://www.exabeam.com/blog/security-operations-center/why-low-and-slow-attacks-look-normal/): Why gradual insider activity blends into normal behavior and avoids detection.
- [Why Legitimate Access Makes Insider Risk Hard to Detect](https://www.exabeam.com/blog/security-operations-center/why-short-correlation-windows-miss-insider-risk/): Why short correlation windows fail to reveal insider risk that develops gradually.
- [Why Insider Threats Don’t Trigger Alerts](https://www.exabeam.com/blog/security-operations-center/why-insider-threats-dont-trigger-alerts/): Why insider threats often go unnoticed when activity looks legitimate and authorized.
- [The Price Tag Is Not the Price](https://www.exabeam.com/blog/security-operations-center/the-price-tag-is-not-the-price/): Security platform costs extend beyond price—compare acquisition, deployment, operations, and scale.
- [Detect AI Agent Risk With Behavioral Analytics](https://www.exabeam.com/blog/security-operations-center/owasp-defines-ai-agent-risk-behavioral-analytics-detects-it/): Behavioral analytics detects AI agent risk by modeling user, agent, and interaction behavior across the AI lifecycle.
- [Add Context, Risk Scoring, and Automation to Microsoft Sentinel With the Exabeam Microsoft Sentinel Collector](https://www.exabeam.com/blog/security-operations-center/add-context-risk-scoring-and-automation-to-microsoft-sentinel/): The Exabeam Microsoft Sentinel Collector sends telemetry to New-Scale Fusion for analytics, risk scoring, and automated response.
- [The Cost of Compromise Begins Inside the SOC](https://www.exabeam.com/blog/security-operations-center/the-cost-of-compromise-begins-inside-the-soc/): Why settling for bundled tools quietly erodes security from the inside out. Read what most platforms won’t tell you.
- [Why Threat Hunting Programs Fail and How to Make Yours Succeed](https://www.exabeam.com/blog/security-operations-center/why-your-threat-hunting-program-might-be-failing/): Learn why conventional threat hunting misses key threats and how to build a smarter, scalable detection strategy.
- [Why Agentic AI Will Transform TDIR: A Look at Exabeam Nova](https://www.exabeam.com/blog/security-operations-center/from-reactive-to-strategic-why-ai-agents-will-transform-tdir/): Discover how Exabeam Nova uses agentic AI to help SOC teams detect faster and prove value across the business.
- [Why Agentic AI Could Finally Deliver for CISOs](https://www.exabeam.com/blog/security-operations-center/why-this-time-might-be-differentcan-agentic-ai-deliver-on-its-promise-to-cisos/): See how Exabeam agentic AI and Outcomes Navigator help CISOs prove value and drive security strategy.
- [RSAC 2025 Recap: How Exabeam Is Advancing Agentic AI in Security Operations](https://www.exabeam.com/blog/security-operations-center/rsac-2025-exabeam-showcases-the-power-of-agentic-ai-in-security-operations/): Explore RSAC 2025 insights and learn how Exabeam Nova empowers SOC teams with agentic AI and automation.
- [The Winning Hand: UEBA, NDR, SIEM, and AI in Cybersecurity](https://www.exabeam.com/blog/security-operations-center/the-winning-hand-in-cybersecurity-ueba-ndr-siem-and-ai/): Discover how integrated UEBA, NDR, and SIEM with AI can help you outsmart cyber adversaries.
- [Why Agentic AI Is the Future of Cybersecurity](https://www.exabeam.com/blog/security-operations-center/theres-hope-beyond-the-hype-why-agentic-ai-is-the-future-of-cybersecurity/): Explore what 1,000 security pros revealed about AI in cybersecurity. Learn why agentic AI—not today’s passive tools—is the key to faster, smarter threat detection and real-world SOC impact.
- [](https://www.exabeam.com/blog/security-operations-center/how-to-fix-burnout-in-the-soc-and-why-ciso-turnover-keeps-climbing/): SOC teams are burned out. Discover how modern SIEM gives them time, focus, and clarity.
- [The story behind Exabeam Nova, the autonomous AI agent for security operations](https://www.exabeam.com/blog/security-operations-center/the-story-behind-exabeam-nova-shining-a-light-on-cybersecurity-threats/): Learn the story behind Exabeam Nova and how its helping security operations teams respond to threats faster and reduce investigation times.
- [Exabeam Unveils First Fully Integrated Multi-Agent AI for Security Operations](https://www.exabeam.com/blog/security-operations-center/exabeam-launches-the-first-fully-integrated-multi-agent-ai-for-security-operations/): Revolutionize security with a new agentic AI that automates investigations, enhances threat detection, and boosts SOC efficiency.
- [How Network Monitoring Detects Insider Threats and Compromised Devices](https://www.exabeam.com/blog/security-operations-center/insider-threats-and-compromised-devices-how-network-monitoring-uncovers-security-blind-spots/): Gain full network visibility, detect threats in real-time, and stop insider attacks with advanced network monitoring.
- [Traditional Security Can’t Stop LOTL Attacks. Exabeam UEBA Destroys Them.](https://www.exabeam.com/blog/security-operations-center/traditional-security-cant-stop-lotl-attacks-exabeam-ueba-destroys-them/): Learn how Exabeam UEBA provides the best defense for hard to spot attacks such as living-off-the-land.
- [Top 10 Ways Exabeam Support for OpenAPI Will Transform Security Operations](https://www.exabeam.com/blog/security-operations-center/top-10-ways-exabeam-support-for-openapi-will-transform-security-operations/): With the recent announcement of support of Open API Standard, Exabeam is transforming the way security tools can integrate and work together for better security outcomes.
- [Launching a New Era in SOC Productivity: Exabeam New-Scale Analytics and Automation Management ](https://www.exabeam.com/blog/security-operations-center/launching-a-new-era-in-soc-productivity-exabeam-new-scale-analytics-and-automation-management/): The Exabeam January release includes game changing enhancements for threat detection and security automation.
- [What’s New in Exabeam Product Development – July 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-july-2024/): Explore the latest in Exabeam product development for July 2024, including new Collectors and enhanced Search features.
- [What’s New in Exabeam Product Development – June 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-june-2024/): Explore the latest in Exabeam product development for June 2024, including Investigation Timelines and administrative enhancements
- [What’s New in Exabeam Product Development – May 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-may-2024/): Explore the latest in Exabeam product development for May 2024, including Investigation Timelines and administrative enhancements.
- [How to Prove Security Effectiveness with a Cybersecurity Board Report](https://www.exabeam.com/blog/security-operations-center/how-to-prove-security-effectiveness-with-a-cybersecurity-board-report/): Prove security effectiveness to executive stakeholders and explore how a SIEM cybersecurity board report can empower organizations to make informed decisions.
- [What’s New in Exabeam Product Development – April 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-april-2024/): Explore the latest in Exabeam product development for March 2024, including Threat Center and Automation Management.
- [What’s New in Exabeam Product Development – March 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-march-2024/): Explore the latest in Exabeam product development for March 2024, including Threat Center and Automation Management.
- [Take TDIR to a Whole New Level: Achieving Security Operations Excellence](https://www.exabeam.com/blog/security-operations-center/take-tdir-to-a-whole-new-level-achieving-security-operations-excellence/): Streamline threat detection, investigation, and response processes with integrated solutions for SOC excellence.
- [Action, Remediation, and Lessons Learned: Implementing Incident Response](https://www.exabeam.com/blog/security-operations-center/action-remediation-and-lessons-learned-implementing-incident-response/): Discover how to fortify your cyber defenses by overcoming TDIR challenges with advanced, innovative solutions.
- [The Power of Prioritization and Analysis: Understanding Threat Investigation](https://www.exabeam.com/blog/security-operations-center/the-power-of-prioritization-and-analysis-understanding-threat-investigation/): Discover how to fortify your cyber defenses by overcoming TDIR challenges with advanced, innovative solutions.
- [Sophisticated Attacks and Subtle Anomalies: Why Modern Detection Matters](https://www.exabeam.com/blog/security-operations-center/sophisticated-attacks-and-subtle-anomalies-why-modern-detection-matters/): Learn why modern threat detection matters in cybersecurity. Explore challenges to today’s SOCs.
- [Centralized TDIR From Exabeam With New Threat Center, Automation Management, and Exabeam Copilot](https://www.exabeam.com/blog/security-operations-center/centralized-tdir-from-exabeam-with-new-threat-center-automation-management-and-exabeam-copilot/): Streamline SOC workflows with advanced automation, expert AI assistance, and intuitive threat management.
- [What’s New in Exabeam Product Development — February 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-february-2024/): Discover new Exabeam offerings with Threat Center, Exabeam Copilot, Automation Management, and Sentinel integration.
- [New Cloud Coverage – Switzerland: Exabeam Support for Swiss and European Businesses Grows](https://www.exabeam.com/blog/security-operations-center/new-cloud-coverage-switzerland-exabeam-support-for-swiss-and-european-businesses-grows/): Learn how Exabeam leverages our own platform to achieve feats in GenerativeAI visibility, detection, and protection.
- [How To Monitor Kubernetes Audit Logs with LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/how-to-monitor-kubernetes-audit-logs-with-logrhythm-siem/): In this blog, learn how to enable audit logging in Kubernetes to monitor the logs in a security information and event management system.
- [What’s New in Exabeam Product Development — January 2024](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-january-2024/): Learn about new features and functionality delivered with the Exabeam January release.
- [What’s New in Exabeam Product Development – November 2023](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-november-2023/): Explore the latest Exabeam November release with enhanced security, partner integrations, and IRAP assessment. Elevate threat detection and streamline SOC workflows.
- [Exabeam SIEM: Bridging the Gaps for Advanced SOC Functionality](https://www.exabeam.com/blog/security-operations-center/exabeam-siem-bridging-the-gaps-for-advanced-soc-functionality/): Discover how Exabeam SIEM enhances cyberdefense in security operations centers. Request a demo.
- [What’s New in Exabeam Product Development – October 2023](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-october-2023/): Explore the Exabeam October feature releases and enhancements, and stay up to date with the latest developments.
- [Enhancing the Exabeam Customer Experience: Top Five Updates for Fall 2023](https://www.exabeam.com/blog/security-operations-center/enhancing-the-exabeam-customer-experience-top-five-updates-for-fall-2023/): Top 5 Exabeam customer experience updates. Improve security operations with new features, resources, and training.
- [From Anomalies to Action: CISO Insights on Insider Threats and Red Team Thinking](https://www.exabeam.com/blog/security-operations-center/from-anomalies-to-action-ciso-insights-on-insider-threats-and-red-team-thinking/): Explore CISO insights on tackling insider threats, email risks, and the power of red team thinking.
- [What’s New in Exabeam Product Development – September 2023](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-september-2023/): Exabeam September 2023 Product Developments: New Features, Integrations, Compliance Certifications, and Awards.
- [Generative AI and Top Honors: Highlights from Google Cloud Next ‘23](https://www.exabeam.com/blog/security-operations-center/generative-ai-and-top-honors-highlights-from-google-cloud-next-23/): Exabeam: Partner of the Year & AI advancements at Google Next 2023. Explore our SOC solutions and AI innovation.
- [What’s New in Exabeam Product Development – August 2023](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-august-2023/): Enhanced threat analysis and data visualization: Discover what's new in the Exabeam August release.
- [Exabeam Security Investigation Now Includes Seven Days of Search](https://www.exabeam.com/blog/security-operations-center/exabeam-security-investigation-now-includes-seven-days-of-search/): Improve TDIR. Search for events and anomalies over a week. Detect threats, automate responses, and bolster security.
- [Detecting Microsoft Exchange Zero-Day Exploits using LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/detecting-microsoft-exchange-zero-day-exploits-using-logrhythm-siem/): LogRhythm customers can use the information in this blog to learn how to threat hunt for Microsoft Exchange zero-day exploits with SIEM.
- [How to Prevent HL7 Exploits with LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/preventing-healthcare-cyberattacks-via-hl7-exploits-with-logrhythm-siem/): Healthcare organizations are a lucrative target for bad actors due to their unique position; they store sensitive patient information, provide a critical service to the public, and typically do not have massive cybersecurity budgets.
- [Protecting Your Organization Against Insider Threats: Best Practices and Real-world Examples](https://www.exabeam.com/blog/security-operations-center/protecting-your-organization-against-insider-threats-best-practices-and-real-world-examples/): Best practices for protecting your organization against insider threats. Examples from real Exabeam customers included.
- [What to Know About W-2 Phishing Scams](https://www.exabeam.com/blog/security-operations-center/what-to-know-about-w2-phishing-scams/): Every tax season, hackers target your employees with phishing scams. Let’s explore a scenario of how a W2 phishing attack can occur.
- [What’s New in Exabeam Product Development – January 2023](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-january-2023/): A summary of January’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [How Exabeam Can Help Drive Value With APIs](https://www.exabeam.com/blog/security-operations-center/how-exabeam-can-help-drive-value-with-apis/): Automate your threat detection, investigation, and response workflows to accelerate and streamline security operations.
- [What Is a Security Operations Center? Complete Guide | Exabeam](https://www.exabeam.com/blog/security-operations-center/security-operations-center-ultimate-soc-quick-start-guide/): A Security Operations Center (SOC) is a centralized facility that handles an organization's cybersecurity strategy, acting as the "nerve center" for monitoring, detecting, and responding to cyber threats in real time. SOCs aim to protect an organization's data, systems, and reputation.
- [4 Requirements for Building a Successful Insider Threat Team](https://www.exabeam.com/blog/security-operations-center/4-requirements-for-building-a-successful-insider-threat-team/): Detecting insider threats has special requirements, so organizations need an insider threat team as well as a SOC.
- [What’s New in Exabeam Product Development – December 2022](https://www.exabeam.com/blog/security-operations-center/whats-new-in-exabeam-product-development-december-2022/): A summary of December’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [Product Update: What's New in LogRhythm SIEM 7.11](https://www.exabeam.com/blog/security-operations-center/upgrade-your-siem-and-ueba-functions-with-logrhythm-7-11/): LogRhythm SIEM 7.11 expands our library of supported sources, enhances Message Processing Engine (MPE) rule sharing, and adds functionality to the APIs for greater automation.
- [The New CISO Podcast: Train the Way You Fight, Fight the Way You Train](https://www.exabeam.com/blog/security-operations-center/the-new-ciso-podcast-train-the-way-you-fight-fight-the-way-you-train/): Dr. Adrian Mayers, VP and CISO at Premera Blue Cross, is our guest on The New CISO Podcast.
- [Are Systems Integrators Pricey? Not If You Consider How They Reduce Costs Long Term](https://www.exabeam.com/blog/security-operations-center/are-systems-integrators-pricey-not-if-you-consider-how-they-reduce-costs-long-term/): Trusted advisors can help prepare organizations for security eventualities and avoid hidden costs in the future.
- [The New CISO Podcast: Solving Security Puzzles](https://www.exabeam.com/blog/security-operations-center/the-new-ciso-podcast-solving-security-puzzles/): Kevin DeLange, VP and CISO of IGT, talks with Exabeam’s Chief Security Strategist, Steve Moore, on The New CISO Podcast.
- [New-Scale SIEM Brings Powerful Behavioral Analytics and Automated Investigation to Threat Detection, Investigation, and Response](https://www.exabeam.com/blog/security-operations-center/new-scale-siem-brings-powerful-behavioral-analytics-and-automated-investigation-to-threat-detection-investigation-and-response/): New-Scale SIEM from Exabeam leverages analytics and machine learning to deliver comprehensive automation to the SOC.
- [Exabeam Security Log Management — Because Security Operations Isn’t IT Operations](https://www.exabeam.com/blog/security-operations-center/exabeam-security-log-management-because-security-operations-isnt-it-operations/): Exabeam Security Log Management is a cloud-native log management solution built for cybersecurity professionals.
- [New-Scale SIEM Expands Exabeam Threat Coverage with Content Library and TDIR Use Cases](https://www.exabeam.com/blog/security-operations-center/new-scale-siem-expands-exabeam-threat-coverage-with-content-library-and-tdir-use-cases/): New-Scale SIEM from Exabeam includes new content for the entire threat detection, investigation, and response workflow.
- [Exabeam: A Company and Platform that Puts Customers First](https://www.exabeam.com/blog/security-operations-center/exabeam-a-company-and-platform-that-puts-customers-first/): Customer-First strategy aims to help customers get the most out of the new Exabeam Security Operations Platform.
- [The Strategic Value of the Modular, App-centric Exabeam Security Operations Platform](https://www.exabeam.com/blog/security-operations-center/the-strategic-value-of-the-modular-app-centric-exabeam-security-operations-platform/): Exabeam Security Operations Platform has apps that use common data sets and components in a modular, efficient approach.
- [Anomaly Search and Advanced Analytics: Threat Hunting for Everyone](https://www.exabeam.com/blog/security-operations-center/anomaly-search-and-advanced-analytics-threat-hunting-for-everyone/): Exabeam capabilities for threat hunting. Reduce time between intrusion and discovery to minimize damage from attacks.
- [Panacea or Money Pit? Six Design Considerations for Your Security Data Lake](https://www.exabeam.com/blog/security-operations-center/panacea-or-money-pit-six-design-considerations-for-your-security-data-lake/): If you’re considering investing in or replacing a security data lake, consider these six things in your design.
- [Introducing the New Exabeam Security Operations Platform](https://www.exabeam.com/blog/security-operations-center/introducing-the-new-exabeam-security-operations-platform/): New Exabeam cloud-native SOC platform for security log management, behavioral analytics, and automated investigation.
- [Deloitte Implements Exabeam for Advanced Analytics on Insider Threats](https://www.exabeam.com/blog/security-operations-center/deloitte-implements-exabeam-for-advanced-analytics-on-insider-threats/): Deloitte and Exabeam partner to help Deloitte clients detect, assess, and escalate risk indicators of insider activity.
- [Exabeam’s Cloud-based Security Operations Platform Improves Insights and Efficiency for BBS](https://www.exabeam.com/blog/security-operations-center/exabeams-cloud-based-security-operations-platform-improves-insights-and-efficiency-for-bbs/): Japan’s BBS discovered Exabeam fulfills its security needs without replacing equipment or adding additional personnel.
- [Simplify Security Operations Workflows and Management](https://www.exabeam.com/blog/security-operations-center/simplify-security-operations-workflows-and-management/): Better analyst productivity & faster response times with centralized ID & response to critical security issues & attacks.
- [How to Integrate PowerShell and Command Line logs with LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/powershell-and-command-line-logging-with-logrhythm/): PowerShell can be used to gather data, steal system information, dump credentials, pivot between systems, create backdoors and much more.
- [What is Data Loss Prevention (DLP)? 2025 Guide](https://www.exabeam.com/blog/security-operations-center/what-is-dlp-data-loss-prevention-for-critical-business-information/): What is a DLP and why should you adopt it? How to build your DLP policy, and what are the data loss prevention implementation best practices?
- [Data Loss Prevention Policy Template](https://www.exabeam.com/blog/security-operations-center/data-loss-prevention-policy-template/): Learn how to build a data loss prevention policy template, and how to use the DLP templates provided by three common enterprise tools.
- [Detect Ransomware Using LogRhythm SIEM’s MITRE ATT&CK Module](https://www.exabeam.com/blog/security-operations-center/detect-ransomware-mitre-attck-module-logrhythm/): Here are the top MITRE ATT&CK techniques to improve your ransomware detection and prevention efforts.
- [Security Operations Center Roles and Responsibilities](https://www.exabeam.com/blog/security-operations-center/security-operations-center-roles-and-responsibilities/): The SOC manager is responsible for the SOC team. They direct SOC operations and are responsible forsyncing between analysts and engineers; hiring; training; and creating and executing on cybersecurity strategy. They also directand orchestrate the company's response to major security threats.
- [Centralize AWS Multi-Account Logging & Detect Defense Evasion with LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/centralize-aws-multi-account-logging-detect-defense-evasion-with-logrhythm-siem/): Learn best practices for AWS security and investigate ways to improve visibility and detection of CloudTrail logs using a SIEM solution.
- [SOC Analyst: Job Description, Skills, and Certifications](https://www.exabeam.com/blog/security-operations-center/soc-analyst-job-description-skills-and-5-key-responsibilities/): Discover essential SOC processes and best practices, and learn how SOC processes will evolve as organizations make the move to DevSecOps.
- [SOC Processes and Best Practices in a DevSecOps World](https://www.exabeam.com/blog/security-operations-center/soc-processes-and-best-practices-in-a-devsecops-world/): Cloud-based security information and event management (SIEM) solutions—also known as cloud SIEM or SIEM as a Service—unify security management into one, cloud-based location.
- [Automated SOCs — Musings from Industry Analysts (and Ex-analysts)](https://www.exabeam.com/blog/security-operations-center/automated-socs-musings-from-industry-analysts-and-ex-analysts/): One of the main and most visible mission of SOCs is to bring the organization back to a known, good operating state after an incident.
- [Demystifying the SOC, Part 5: The New SOC Maturity Model based on Outcomes](https://www.exabeam.com/blog/security-operations-center/demystifying-the-soc-part-5-the-new-soc-maturity-model-based-on-outcomes/): If an organization can automate most of TDIR for levels 1 and 2, it most likely can handle 80 to 95 percent of anticipated threats without much effort and focus manual resources on the more challenging potentially riskier Level 3 and other edge cases.
- [Demystifying the SOC, Part 4: The Old SOC Maturity Model based on Speeds and Feeds](https://www.exabeam.com/blog/security-operations-center/demystifying-the-soc-part-4-the-old-soc-maturity-model-based-on-speeds-and-feeds/): Do you have the right approach as you think about your SOC? Is your SOC operating under the right maturity model?
- [Demystifying the SOC, Part 3: Whether You Know It or Not, You Have a SOC](https://www.exabeam.com/blog/security-operations-center/demystifying-the-soc-part-3-whether-you-know-it-or-not-you-have-a-soc/): We discuss why, whether you know it or not, you already have a SOC. And if you look around and there is nobody else in the security team, then you — are — the SOC!!
- [Demystifying the SOC, Part 2: Prevention isn’t Enough, Assume Compromise](https://www.exabeam.com/blog/security-operations-center/demystifying-the-soc-part-2-prevention-isnt-enough-assume-compromise/): SOCs are part of a longstanding shift in cybersecurity from prevention to a blend of prevention and threat detection, investigation and response (TDIR), the latter of which is the mission of the SOC.
- [Demystifying the SOC, Part 1: Whether You Know It or Not, You Need a SOC](https://www.exabeam.com/blog/security-operations-center/demystifying-the-soc-part-1-whether-you-know-it-or-not-you-need-a-soc/): Why does every organization, including yours, need a SOC?
- [Detecting Water Utility Cyberattacks with LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/detect-water-utility-cyberattacks-with-logrhythm-siem/): Critical infrastructure cybersecurity is vital to protect public health and safety. Learn to detect SCADA network security threats with SIEM.
- [Understanding Cloud DLP: Key Features and Best Practices](https://www.exabeam.com/blog/security-operations-center/understanding-cloud-dlp-key-features-and-best-practices/): Cloud DLP enables organizations to protect data residing in the cloud, but capabilities and practices vary between solutions. Discover key features and practices.
- [How to Enable Process Creation Events to Track Malware Activity](https://www.exabeam.com/blog/security-operations-center/enable-process-creation-events-to-track-malware/): Learn the ins-and-outs of how to enable process creation events and how they can be used to track malware and threat activity.
- [US, Australia Security Teams are Behind the Times in Gender Pay Equality](https://www.exabeam.com/blog/security-operations-center/us-australia-security-teams-are-behind-the-times-in-gender-pay-equality/): US, Australia Security Teams are Behind the Times in Gender Pay Equality The Exabeam 2020 Cybersecurity Professionals Salary Skills and Stress survey reports.
- [What is an ICS Attack and How to Defend Against it](https://www.exabeam.com/blog/security-operations-center/what-is-an-ics-attack-and-how-to-defend-against-it/): Attacks on operation technology have been on the rise for decades — here’s what you need to know about ICS security.
- [CISO Liability and Lawsuits in the Face of a Crisis, Part 2](https://www.exabeam.com/blog/security-operations-center/ciso-liability-and-lawsuits-in-the-face-of-a-crisis-part-2/): The cost of security failures is more than being a headline. Large breaches can take years to clean up and settle in court.
- [Twas the Night Before the Pen Test](https://www.exabeam.com/blog/security-operations-center/twas-the-night-before-the-pen-test/): We’re taking a break from our regularly-scheduled programming for some light-hearted holiday fun dedicated to all the Blue Teams out there…enjoy.
- [What Is Data Exfiltration, Attack Examples, and 6 Defensive Measures](https://www.exabeam.com/blog/security-operations-center/data-exfiltration-threats-and-prevention-techniques-you-should-know/): Data exfiltration attacks often mimic normal activity. This is why it is difficult to detect data exfiltration attacks on time, before some portion of the data was already transferred.
- [Escaping Dante’s SOC Inferno: Gluttony and the SOC Skills Shortage](https://www.exabeam.com/blog/security-operations-center/escaping-dantes-soc-inferno-gluttony-and-the-soc-skills-shortage/): Gluttony is having a profound effect on our ability to do our jobs, and it’s compounding the problem of the security skills shortage.
- [How to Configure Windows Event Forwarding (WEF) using Supercharger](https://www.exabeam.com/blog/security-operations-center/how-to-configure-windows-event-forwarding-wef-using-supercharger/): With a few simple commands and a VM acting as a Windows Event Collector (WEC), all Windows logs can be centralized into one location in minutes. Continuing our blog series on sourcing Windows logs including with NXLog This post will walk you through configuring WEF using Supercharger.
- [Escaping Dante’s SOC Inferno: The Violence of Destructive Metrics](https://www.exabeam.com/blog/security-operations-center/escaping-dantes-soc-inferno-the-violence-of-destructive-metrics/): SOC analysts are often being measured by what are frankly bullsh*t metrics, driven by out-of-date thinking and tools that don't drive a change of practice. Even worse, bad metrics mean threats aren't remediated. Here's what you can do about it.
- [7 Tips for Successfully Onboarding Your Analysts](https://www.exabeam.com/blog/security-operations-center/7-tips-for-successfully-onboarding-your-analysts/): Andy Skrei shares tips for successfully onboarding your cybersecurity analysts with a checklist of things to consider. Exabeam can speed up the process of onboarding your analysts.
- [Exabeam 2020 Cybersecurity Survey Reveals Job Satisfaction Despite Stress and Opportunities for Change](https://www.exabeam.com/blog/security-operations-center/exabeam-2020-cybersecurity-survey-reveals-job-satisfaction-despite-stress-and-opportunities-for-change/): Exabeam’s 2020 Cybersecurity Professionals Salary, Skills and Stress Survey, compiled from a survey of 351 international security professionals, was just released with interesting findings: Cybersecurity professionals are satisfied and secure in their jobs despite high-stress levels.
- [Complying with RMIT Malaysia using LogRhythm SIEM](https://www.exabeam.com/blog/security-operations-center/complying-with-rmit-malaysia-using-logrhythm-siem/): The Risk Management in Technology (RMiT) policy ensures Malaysian financial institutions manage their cyber-risk exposure by establishing risk frameworks and governance.
- [Exabeam Survey Highlights Negative Impact of the COVID-19 Pandemic](https://www.exabeam.com/blog/security-operations-center/exabeam-survey-highlights-negative-impact-of-the-covid-19-pandemic/): Insights from Exabeam's latest survey of 1,005 U.S. and U.K. cybersecurity professionals who manage and operate SOCs shows the negative impact of the COVID-19 pandemic.
- [Exabeam 2020 State of the SOC Report: The SOC Practitioner’s Perspective](https://www.exabeam.com/blog/security-operations-center/exabeam-2020-state-of-the-soc-report-the-soc-practitioners-perspective/): Exabeam 2020 State of the SOC Report: The SOC Practitioner’s Perspective. Find out what SOCs believe they need to do their jobs effectively
- [Key Findings from the Exabeam 2020 State of the SOC Report ](https://www.exabeam.com/blog/security-operations-center/key-findings-from-the-exabeam-2020-state-of-the-soc-report/): Exabeam’s 2020 State of the SOC Report lets you to compare your company’s security operations center to your peers.
- [How to Self-study to Become a Software Engineer, Part 2](https://www.exabeam.com/blog/security-operations-center/how-to-self-study-to-become-a-software-engineer-part-2/): Hera Huang's tips on how to self study to become a software engineer includes how a mentor can help you and how to take care of yourself when working on a project and looking for a job.
- [How to Self-study to Become a Software Engineer, Part 1](https://www.exabeam.com/blog/security-operations-center/how-to-self-study-to-become-a-software-engineer-part-1/): Hera Huang graduated college and self studied at home for a year before she started working as a software engineer.
- [Using LogRhythm SIEM to Monitor Remote Desktop Connections](https://www.exabeam.com/blog/security-operations-center/using-logrhythm-siem-to-monitor-remote-desktop-connections/): Remote desktop is a common feature in operating systems. But it can be open to abuse by bad actors or malicious insiders.
- [Penetration Testing: Process and Tools](https://www.exabeam.com/blog/security-operations-center/penetration-testing-process-and-tools/): Learn the benefits of penetration testing, how a pentester simulates an attack against an organization, and some of the common tools used in a real penetration test.
- [Gaining an Edge on Attackers with the MITRE ATT&CK® Knowledge Base](https://www.exabeam.com/blog/security-operations-center/gaining-an-edge-on-attackers-with-the-mitre-attck-knowledge-base/): In response to these effective exploits, many SOC analysts are finding that a reliable, effective and proven edge against attackers is the MITRE ATT&CK (knowledge base. Find out how Exabeam aligns with the knowledge base.
- [5 Preemptive Measures Your SOC Can Take to Protect Your Organization](https://www.exabeam.com/blog/security-operations-center/5-preemptive-measures-your-soc-can-take-to-protect-your-organization/): Security tools are important for protecting your company and environment, but there are additional preemptive measures that your SOC can take regardless of the security tools you have in place to help improve your chances of not being the target of an attack.
- [Security Breaches: What You Need to Know](https://www.exabeam.com/blog/security-operations-center/security-breaches-what-you-need-to-know/): Learn what constitutes a security breach, types of breaches to be aware of, see some examples of past breaches, and learn how incident response planning can keep you secure.
- [How to Build a Security Operations Center for Small Companies](https://www.exabeam.com/blog/security-operations-center/how-to-build-a-security-operations-center-for-small-companies/): Building a fully operational SOC can be challenging, but it is worthwhile if you want the ability to handle any internal or external threats to your organization.
- [How to Build a Modern SOC](https://www.exabeam.com/blog/security-operations-center/how-to-build-a-modern-soc/): A SOC employs processes and technologies to monitor, detect, contain and remediate IT security threats across both cloud and on-premises environments.
- [Data Loss Prevention Tools](https://www.exabeam.com/blog/security-operations-center/data-loss-prevention-tools/): With many different data loss prevention tools providers available, learning about the top offerings in the field is a good starting point.
- [Survey Finds 35% of Security Professionals Say the Blue Team Rarely Catches the Red Team](https://www.exabeam.com/blog/security-operations-center/survey-finds-35-of-security-professionals-say-the-blue-team-rarely-catches-the-red-team/): A new study from Exabeam reports that the majority of organizations see significant value in red/blue team testing. 35% of security professionals surveyed say the blue team rarely catches the red team during pentesting exercises.
- [Staffing, Budget Among Top Challenges SOCs Face in 2019](https://www.exabeam.com/blog/security-operations-center/staffing-budget-among-top-challenges-socs-face-in-2019-infographic/): The Exabeam annual State of the SOC Report identifies the various factors that contribute to a successful SOC. This year, staffing and budget remain a top pain point, with budget issues only continuing to feed the challenges that SOC teams face.
- [How to Investigate a DLP Alert [Video]](https://www.exabeam.com/blog/security-operations-center/how-to-investigate-a-dlp-alert-video-series/): Learn how to conduct a DLP incident investigation using a legacy SIEM vs. a modern SIEM.
- [Key Findings of the Exabeam 2019 State of the SOC Report](https://www.exabeam.com/blog/security-operations-center/key-findings-of-the-exabeam-2019-state-of-the-soc-report/): How does your SOC stack up? If you are asking the question, now you can compare your company’s security operations center to peer responses in the Exabeam 2019 State of the SOC Report.
- [6 Key Things to Do When Building a Modern SOC](https://www.exabeam.com/blog/security-operations-center/6-key-things-to-do-when-building-a-modern-soc/): Read about what it takes to stay on top of threats, be current with emerging technology and trends, and hire and keep the right talent.
- [Understanding the Challenges of Frontline Security Teams and the CISOs who Lead Them](https://www.exabeam.com/blog/security-operations-center/understanding-the-challenges-of-frontline-security-teams-and-the-cisos-who-lead-them/): Exabeam’s 2018 State of the SOC Report dove into the mindset of those in the security trenches, managers and CISOs. The study reveals several common concerns— from staffing and retention to frustration over legacy technologies.
- [Preparing for the Log Data Tsunami? Security Best Practices for the Exabeam Data Lake](https://www.exabeam.com/blog/security-operations-center/preparing-for-the-log-data-tsunami-security-best-practices-for-the-exabeam-data-lake/): Many modern enterprises—like the airlines, cruise ship, and retail industries—produce massive amounts of data on a daily basis. Exabeam’s Data Lake is designed for exponential log data growth and the complexity of cybersecurity analysis.
- [The Massive Data Breach – Reducing “Dwell Time” and the Resulting Damage](https://www.exabeam.com/blog/security-operations-center/the-massive-data-breach-reducing-dwell-time-and-the-resulting-damage/): After a data breach has been discovered, investigators often find out that the hackers have been occupying their network for days, if not months—and sometimes years.
- [Effective Strategies for Detecting and Stopping Malware Attacks](https://www.exabeam.com/blog/security-operations-center/effective-strategies-for-detecting-and-stopping-malware-attacks/): Stopping Malware from Compromised Insiders: Many of the most devastating data breaches are caused by attackers using stolen credentials to gain access to organizations’ network assets.
- [2018 State of the SOC Report](https://www.exabeam.com/blog/security-operations-center/2018-state-of-the-soc-report/): The results are in — on Exabeam’s comprehensive survey of U.S. and U.K. cybersecurity professionals involved in the management of a Security Operations Center (SOC).
- [Hidden SOC Killers: Three Signs Your SOC is Broken](https://www.exabeam.com/blog/security-operations-center/hidden-soc-killers-three-signs-your-soc-is-broken/): Observe how often analysts use Notepad to copy and paste details from their SIEM and numerous point solutions to manually find out what happened before, during, and after an event —otherwise known as manual timeline creation.
- [How to Use Exabeam’s Natural Language Correlation Rule Builder](https://www.exabeam.com/blog/security-operations-center/how-to-use-exabeams-natural-language-correlation-rule-builder/): This probably doesn’t come as a surprise. One of the major complaints of SIEM customers is that correlation rules are a pain.
- [What are you worth? The Exabeam Security Professionals’ Salary, Job Satisfaction, and Technology Outlook Report](https://www.exabeam.com/blog/security-operations-center/what-are-you-worth-the-exabeam-security-professionals-salary-job-satisfaction-and-technology-outlook-report/): The purpose of the report was to gain insights on the trends in the salaries of security professionals, their education levels, job satisfaction, and attitudes towards innovative and emerging technologies such as artificial Intelligence and machine learning.
- [How Union Bank Gets the Most from Its Data Loss Prevention Solution](https://www.exabeam.com/blog/security-operations-center/how-union-bank-gets-the-most-from-its-data-loss-prevention-solution/): This post will help you understand the limits of commonly used solutions, as well as how to use Exabeam to improve DLP detection and match the scale at which such programs can operate.
- [No SIEM? No Problem!](https://www.exabeam.com/blog/security-operations-center/no-siem-no-problem/): SOCs belonging to organizations of all sizes rely on their SIEM to aggregate logs, detect known bad behavior using correlation rules, and generate alerts for analysts to triage. But should they?
## LogRhythm SIEM
- [Exabeam LogRhythm Platform: July 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/exabeam-logrhythm-platform-july-2026-quarterly-launch/)
- [Eight Threat Hunts You Can Run Today](https://www.exabeam.com/resources/guides/eight-threat-hunts-you-can-run-today/): Discover 8 practical threat hunts to run today using existing SIEM log data. Download Exabeam's guide to proactively detect hidden threats and stop attackers.
- [Exabeam LogRhythm Platform: April 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/exabeam-logrhythm-platform-april-2026-quarterly-launch/)
- [Strengthen Federal Compliance With LogRhythm SIEM](https://www.exabeam.com/resources/briefs/strengthen-federal-compliance-with-logrhythm-siem/): Strengthen federal compliance with LogRhythm SIEM. Centralize monitoring, automate reporting for mandates like NIST & FISMA, and simplify audits. Download the brief.
- [Strengthening Threat Detection and Investigation With Network Traffic Analysis](https://www.exabeam.com/resources/white-papers/strengthening-threat-detection-and-investigation-with-network-traffic-analysis/): Boost your threat detection capabilities with Network Traffic Analysis (NTA). Discover how to interpret unusual network activity, monitor unmanaged devices, and improve security operations. Download the free white paper.
- [Insider Threat Risks in Mergers and Acquisitions](https://www.exabeam.com/resources/guides/insider-threat-risks-in-mergers-and-acquisitions/): Mergers and acquisitions are prime opportunities for insider threats to emerge, whether from misaligned access controls, overlooked privileged users, or gaps in data governance. This checklist helps security teams proactively address these risks and maintain operational resilience during transitions.
- [LogRhythm SIEM: January 2026 Quarterly Launch](https://www.exabeam.com/resources/webinars/logrhythm-siem-january-2026-quarterly-launch/)
- [Six Reasons Why SIEM May Remain On-Premises to Power Security Operations](https://www.exabeam.com/resources/guides/six-reasons-why-siem-may-remain-on-premises-to-power-security-operations/): This guide explores six key drivers for keeping your SIEM on-premises. You’ll learn why organizations in regulated industries, government, and mission-critical environments choose to maintain direct control over their security infrastructure.
- [LogRhythm SIEM: October 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/logrhythm-siem-october-2025-quarterly-launch/)
- [New-Scale Security Operations Platform: July 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/new-scale-security-operations-platform-april-2025-quarterly-launch-july-2025-quarterly-launch/): Learn more about the latest enhancements to LogRhythm SIEM, our self-hosted SIEM platform.
- [LogRhythm SIEM: July 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/logrhythm-siem-july-2025-quarterly-launch/): Learn more about the latest enhancements to LogRhythm SIEM, our self-hosted SIEM platform.
- [Exabeam July 2025 Quarterly Launches](https://www.exabeam.com/resources/webinars/exabeam-july-quarterly-launches/): "Promises Made, Promises Kept" - This webinar summarises our commitment to deliver innovation for customers to keep up with the ever-evolving threat environment, while making cybersecurity the number one priority for everyone in the organization from the analyst to the CEO. The series, allows you to view all launch webinars future and past showcasing the continuous improvements made to our product portfolios.
- [LogRhythm SIEM: April 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/logrhythm-siem-april-2025-quarterly-launch/): Learn more about the latest enhancements to LogRhythm SIEM, our self-hosted SIEM platform.
- [High-Performance Appliances](https://www.exabeam.com/resources/briefs/high-performance-appliances/)
- [Total Economic Impact™ of the LogRhythm SIEM Platform](https://www.exabeam.com/resources/reports/total-economic-impact-of-the-logrhythm-siem-platform/): Forrester found that after investing in the LogRhythm Platform, a composite organization based on the interviewed organizations saw a 258% ROI and $2.24M net present value (NPV) over three years.
- [Exabeam Support for the NYDFS Cybersecurity Regulation (23 NYCRR 500)](https://www.exabeam.com/resources/data-sheets/exabeam-support-for-the-nydfs-cybersecurity-regulation-23-nycrr-500/)
- [Protect Your Manufacturing Operation’s Network and Data](https://www.exabeam.com/resources/briefs/protect-your-manufacturing-operations-network-and-data/): Your job is to keep your manufacturing facility safe from cyberattacks.
- [LogRhythm SIEM: January 2025 Quarterly Launch](https://www.exabeam.com/resources/webinars/logrhythm-siem-january-2025-quarterly-launch/): Learn more about the latest enhancements to LogRhythm SIEM, our self-hosted SIEM platform.
- [Protecting Patient and Healthcare Provider Data with LogRhythm SIEM](https://www.exabeam.com/resources/briefs/protecting-patient-and-healthcare-provider-data-with-logrhythm-siem/): Ensure patient data safety with LogRhythm SIEM. Protect your organization from cyber threats and intrusions while maintaining compliance with data security regulations.
## Podcast
- [CISO 3.0: The Playbook for Delivering Impact and Influence](https://www.exabeam.com/resources/podcasts/ciso-3-0-the-playbook-for-delivering-impact-and-influence/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Walt Powell, Lead Field CISO at CDW.
- [Rogue Agents: The New Era of AI Insider Threats (Part 2)](https://www.exabeam.com/resources/podcasts/rogue-agents-the-new-era-of-ai-insider-threats-part-2/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Eric O'Neill, author and former FBI operative.
- [Lessons From a Spy Hunter: The Real Cost of a Breach (Part 1)](https://www.exabeam.com/resources/podcasts/lessons-from-a-spy-hunter-the-real-cost-of-a-breach-part-1/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Eric O'Neill, author and former FBI operative.
- [Your Most Valuable Skills Aren’t Technical](https://www.exabeam.com/resources/podcasts/your-most-valuable-skills-arent-technical/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Rob Knoblauch, a global CISO with over 25 years of experience in the cybersecurity industry.
- [From Chef to CISO: Unlocking the Recipe to Security Leadership](https://www.exabeam.com/resources/podcasts/from-chef-to-ciso-unlocking-the-recipe-to-security-leadership/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Myke Lyons, CISO at Cribl.
- [Architect and Firefighter: How a Modern CISO Leads in Crisis](https://www.exabeam.com/resources/podcasts/architect-and-firefighter-how-a-modern-ciso-leads-in-crisis/): In this episode of The New CISO, host Steve Moore is joined by guest Alan Lucas, CISO at Worldstream and Greenhouse Datacenters.
- [Six Steps for Better Communication as a CISO](https://www.exabeam.com/resources/podcasts/six-steps-for-better-communication-as-a-ciso/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Dean Sapp, CISO at Filevine.
- [The Four Cs: Why a Schoolteacher Makes a Great CISO](https://www.exabeam.com/resources/podcasts/the-four-cs-why-a-schoolteacher-makes-a-great-ciso/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Manuel "Manu" Ressel, CISO at SAUTER Group.
- [Safety Third: Why Security Shouldn’t Be Your Top Priority](https://www.exabeam.com/resources/podcasts/safety-third-why-security-shouldnt-be-your-top-priority/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Alex Rice, Founder and CTO/CISO at HackerOne.
- [Just Starting in Security? Here’s What You Need to Succeed](https://www.exabeam.com/resources/podcasts/just-starting-in-security-heres-what-you-need-to-succeed/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Iain Paterson, CISO at WELL Health Technologies.
- [Think Outside the Job: How to Shift Your Career Mindset](https://www.exabeam.com/resources/podcasts/think-outside-the-job-how-to-shift-your-career-mindset/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Gideon Knocke, CISO at Visage Imaging.
- [Pick Your Pain: A Methodical Approach to Career Growth](https://www.exabeam.com/resources/podcasts/pick-your-pain-a-methodical-approach-to-career-growth/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Carl Cahill, an experienced CISO and US Army veteran.
- [Are You Relying on the Right Tools?](https://www.exabeam.com/resources/podcasts/are-you-relying-on-the-right-tools/): In this episode of The New CISO, host Steve Moore is joined by guest Dr. Timo Wandhöfer, Group CISO and Head of Information Security and Business Continuity Management at Klöckner & Co.
- [How to Score a Security Role — Without Collecting Certifications](https://www.exabeam.com/resources/podcasts/how-to-score-a-security-role-without-collecting-certifications/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Marius Poskus, CISO of Glow Financial Services.
- [Ask the Right Questions: How Building Trust Brings Value](https://www.exabeam.com/resources/podcasts/ask-the-right-questions-how-building-trust-brings-value/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Aleksandar Radosavljevic, Global CISO at Global Fashion Group.
- [The Challenge of Securing Critical Infrastructure](https://www.exabeam.com/resources/podcasts/the-challenge-of-securing-critical-infrastructure/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Keith Price, Chief Security Officer at National Highways.
- [Is Done Better Than Perfect? Self-Awareness as a CISO](https://www.exabeam.com/resources/podcasts/is-done-better-than-perfect-self-awareness-as-a-ciso/): In this episode of The New CISO, Steve is joined by guest Ben Bachmann, Director Group Security and Architecture at Bilfinger.
- [Classroom to Boardroom: How Teaching Makes Leaders Better](https://www.exabeam.com/resources/podcasts/classroom-to-boardroom-how-teaching-makes-leaders-better/): On this episode of The New CISO Podcast, host Steve Moore speaks with Nithin Reddy, Global VP of Cyber Security at Dayforce.
- [What Can Cutting Cake Teach a CISO?](https://www.exabeam.com/resources/podcasts/what-can-cutting-cake-teach-a-ciso/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Rich Durost, CISO at Froedtert ThedaCare Health.
- [Why the Best Security Leaders Stay Curious](https://www.exabeam.com/resources/podcasts/why-the-best-security-leaders-stay-curious/): In this episode of The New CISO, host Steve Moore is joined by guest Michael Mendelsohn, CISO at Majesco.
- [Embracing Naivety as a New CISO](https://www.exabeam.com/resources/podcasts/embracing-naivety-as-a-new-ciso/): In this episode of The New CISO, Steve is joined by guest Yannick Herrebaut, Cyber Resilience Manager at Port of Antwerp-Bruges.
- [Take a Preemptive Strike on Your Career](https://www.exabeam.com/resources/podcasts/take-a-preemptive-strike-on-your-career/): In this episode of The New CISO Podcast, host Steve Moore is joined by guest Azzam Zahir, an accomplished IT and security leader.
- [When and How to Find Your Next Role](https://www.exabeam.com/resources/podcasts/when-and-how-to-find-your-next-role/): In this episode of The New CISO, Steve is joined by guest Sanju Misra, CISO at Alnylam Pharmaceuticals, to cover her tips for finding your next role.
- [Don’t Check Every Box of the Job Description](https://www.exabeam.com/resources/podcasts/dont-check-every-box-of-the-job-description/): In this episode of The New CISO, Steve is joined by guest Sanju Misra, CISO at Alnylam Pharmaceuticals, to cover hiring and applying for new roles.
- [How to Tackle Tough Interviews and Career Transitions](https://www.exabeam.com/resources/podcasts/how-to-tackle-tough-interviews-and-career-transitions/): In this episode host Steve Moore welcomes Ryan Shaw who shares his unique journey from working in kitchens and warehousing to becoming a leader in cybersecurity.
- [Taking the First Step Toward Your Career Dreams](https://www.exabeam.com/resources/podcasts/taking-the-first-step-toward-your-career-dreams/): In this episode of The New CISO, Nicola Sotira talks about his journey from technical expert to business leader, all while following his dreams.
- [What Legacy Tech Can Teach New Leaders](https://www.exabeam.com/resources/podcasts/what-legacy-tech-can-teach-new-leaders/): In this episode of The New CISO, Steve is joined by guest Nicola Sotira, Head of CERT of Poste Italiane
- [What CISOs Get Wrong: Advice From a Cybersecurity Entrepreneur](https://www.exabeam.com/resources/podcasts/what-cisos-get-wrong-advice-from-a-cybersecurity-entrepreneur/): In this episode of The New CISO, Steve Moore sits down with Larry Pfeifer for a deep dive into the evolving role of the CISO and the increasing importance of cybersecurity insurance.
- [Why the Best Salespeople Are Engineers](https://www.exabeam.com/resources/podcasts/why-the-best-salespeople-are-engineers/): In this episode of The New CISO, host Steve is joined by Larry Pfeifer, CEO and President of Metrics That Matter.
- [How to Become a “T-Shaped” Leader](https://www.exabeam.com/resources/podcasts/how-to-become-a-t-shaped-leader/): In this episode of The New CISO, Steve is joined by guest Grant Lockwood, Chief Information Security Office of Virtus Health.
- [Is Security Funny? What Hobbies Can Teach a CISO](https://www.exabeam.com/resources/podcasts/is-security-funny-what-hobbies-can-teach-a-ciso/): In this episode of The New CISO, Steve is joined by guest Grant Lockwood, Chief Information Security Office of Virtus Health.
- [Be the Coach of Your Security Team](https://www.exabeam.com/resources/podcasts/be-the-coach-of-your-security-team/): Listen to Steve and Sándor discuss how software development is like an F1 race and how to make a candidate confident during an interview.
- [Perspectives on Security as a CISO and Police Officer](https://www.exabeam.com/resources/podcasts/perspectives-on-security-as-a-ciso-and-police-officer/): Listen to Steve and Sándor discuss what a police officer and a CISO have in common and when it’s appropriate to be “lazy”.
- [Work Smarter: How to Empower Your Team and Yourself](https://www.exabeam.com/resources/podcasts/work-smarter-how-to-empower-your-team-and-yourself/): In this episode of The New CISO, Steve is joined again by guest Ash Hunt, Global CISO at Apex Group Ltd.
- [Change the Way You Think About Loss, Risk, and Revenue](https://www.exabeam.com/resources/podcasts/change-the-way-you-think-about-loss-risk-and-revenue/): In this episode of The New CISO, Steve is joined by guest Ash Hunt, Global CISO at Apex Group Ltd.
- [Keep Calm and Communicate Better: Advice for Young Managers](https://www.exabeam.com/resources/podcasts/keep-calm-and-communicate-better-advice-for-young-managers/): Steve Moore is joined by Ron Banks, CISO of Toyota Financial Services, for the second part of a special two-part episode.
- [Public-Private Partnership – How to Punish Bad Actors, Not Organizations](https://www.exabeam.com/resources/podcasts/public-private-partnership-how-to-punish-bad-actors-not-organizations/): In this episode of The New CISO, host Steve is joined by guest Ron Banks, CISO at Toyota Financial Services.
- [Why CISOs Need to be Champions of AI](https://www.exabeam.com/resources/podcasts/why-cisos-need-to-be-champions-of-ai/): On this episode of The New CISO Podcast, host Steve Moore chats with Mani Masood about embracing AI as a security leader.
- [A CISO’s Advice On Learning, Earning, and Dodging Burnout](https://www.exabeam.com/resources/podcasts/a-cisos-advice-on-learning-earning-and-dodging-burnout/): In this episode of The New CISO, guest Chris Fredrick, Deputy CISO at Baxter International, returns for the final part of his interview series with host Steve.
- [How to Respond When You Don’t Get the Job](https://www.exabeam.com/resources/podcasts/how-to-respond-when-you-dont-get-the-job/): In this episode of The New CISO, guest Chris Fredrick, Deputy CISO at Baxter International, returns for the final part of his interview series with host Steve.
- [Great Leaders Make Leaders, Especially During a Breach](https://www.exabeam.com/resources/podcasts/great-leaders-make-leaders-especially-during-a-breach/): In this episode of The New CISO, Steve is kicking off the first part of a three-part series with guest Chris Fredrick, Deputy CISO at Baxter International.
- [How One Job Taught Five Important Leadership Lessons](https://www.exabeam.com/resources/podcasts/how-one-job-taught-five-important-leadership-lessons/): In this episode of The New CISO, Steve is kicking off the first part of a three-part series with guest Chris Fredrick, Deputy CISO at Baxter International.
- [Why CISOs Should Solve Business Problems, Not Technology Problems](https://www.exabeam.com/resources/podcasts/why-cisos-should-solve-business-problems-not-technology-problems/): In this episode of The New CISO, Steve is joined by guest Scott Moser, CISO at the Sabre Corporation.
- [The CISO Triforce: Preparing Your Post-Breach Go Bag](https://www.exabeam.com/resources/podcasts/the-ciso-triforce-preparing-your-post-breach-go-bag/): In this episode of The New CISO, Steve is joined by guest Mike Melo, CISO and VP of IT Shared Services with LifeLabs.
- [What About Third-Party Risk: A CISO’s Questions for the SEC](https://www.exabeam.com/resources/podcasts/what-about-third-party-risk-a-cisos-questions-for-the-sec/): In this episode of The New CISO, Steve is joined by guest Dan Creed, CISO at Allegiant.
- [Six Mentorship Questions with Two Top Leaders](https://www.exabeam.com/resources/podcasts/six-mentorship-questions-with-two-top-leaders/): Listen to Steve, Michael, and Mark discuss managing stress while diving head-first into challenging situations, as well as tips for maximizing the growth of junior team members.
- [Know Your Strengths: How to Lead with Skills You Already Have](https://www.exabeam.com/resources/podcasts/know-your-strengths-how-to-lead-with-skills-you-already-have/): In this episode of The New CISO, Steve is joined by guest Maria Sexton, Chief Information Officer at the University Medical Center of Southern Nevada.
- [What’s In a Word: Managing Your Message More Effectively](https://www.exabeam.com/resources/podcasts/whats-in-a-word-managing-your-message-more-effectively/): In this episode of The New CISO, Steve is joined by guest Frank Vesce, CISO for Allvue Systems.
- [Confidence or Arrogance: Ego Problems and How to Solve Them](https://www.exabeam.com/resources/podcasts/confidence-or-arrogance-ego-problems-and-how-to-solve-them/): In this episode of The New CISO, Steve is joined by guest Brad Sexton, Chief Information Officer, and Information Security Officer at Terrible’s.
- [The 70-20-10 Rule: Steps You Can Take for Professional Growth](https://www.exabeam.com/resources/podcasts/the-70-20-10-rule-steps-you-can-take-for-professional-growth/): In this episode of The New CISO, Steve is joined by guest Andrew Wilder, Adjunct Professor at Washington University in St. Louis and a multi-time CISO.
- [Security Engineer to CEO: Taking a Chance on Yourself](https://www.exabeam.com/resources/podcasts/security-engineer-to-ceo-taking-a-chance-on-yourself/): In this episode of The New CISO, Steve is joined by guest Suid Adeyanju, CEO and Co-Founder of RiverSafe Ltd.
- [The ABCs of Threat Actors: How to Stop Attackers From Becoming Insiders](https://www.exabeam.com/resources/podcasts/the-abcs-of-threat-actors-how-to-stop-attackers-from-becoming-insiders/): In this episode of The New CISO, Steve is joined by guest Jeff Schilling, Global CISO for Teleperformance.
- [Great Minds Think Differently: Neurodiversity and Vulnerability in Leadership](https://www.exabeam.com/resources/podcasts/great-minds-think-differently-neurodiversity-and-vulnerability-in-leadership/): In this episode of The New CISO, Steve is joined by guest Chris Nolke, multi-time CISO, founder of Skycrane.
- [The Power of Automation: Which Tools Can Help Your Security Team?](https://www.exabeam.com/resources/podcasts/the-power-of-automation-which-tools-can-help-your-security-team/): In this episode of The New CISO, Steve is joined by guest Peter Frochtenicht, National Manager for Security and Compliance and CISO at NEC Australia.
- [Taking Extreme Ownership: How 3 Common Excuses Hurt Security Leaders](https://www.exabeam.com/resources/podcasts/taking-extreme-ownership-how-3-common-excuses-hurt-security-leaders/): In this episode of The New CISO, Steve is joined by guest Michael Meis, Associate CISO of the University of Kansas Health System.
- [How To Build Trust Within Your Team, Your Business, and Yourself](https://www.exabeam.com/resources/podcasts/how-to-build-trust-within-your-team-your-business-and-yourself/): In this episode of The New CISO, Steve is joined by guest Adam Currie, CSO at HCL Software.
- [Be Comfortable Being Uncomfortable: Managing New Roles and Next Steps](https://www.exabeam.com/resources/podcasts/be-comfortable-being-uncomfortable-managing-new-roles-and-next-steps/): In this episode of The New CISO, Steve is joined by guest Mike Kelley, CISO of the E.W. Scripps Company.
- [The Patient Safety Model: Developing a Hospital’s Security Culture](https://www.exabeam.com/resources/podcasts/the-patient-safety-model-developing-a-hospitals-security-culture/): In this episode of The New CISO, Steve is joined by Martin Fisher, CISO at Northside Hospital.
- [What Would a Breach Cost You? Personal Risk vs. Reward as a CISO](https://www.exabeam.com/resources/podcasts/what-would-a-breach-cost-you-personal-risk-vs-reward-as-a-ciso/): In this episode of The New CISO, Steve is joined by guest Jeff Farinich, SVP of Technology Services and CISO at New American Funding.
- [Self-Sufficient Security: The Perks of Being a vCISO](https://www.exabeam.com/resources/podcasts/self-sufficient-security-the-perks-of-being-a-vciso/): In this episode of The New CISO, Steve is joined by guest Laura Louthan, CISO at Angel Cybersecurity.
- [5 Top Tips for Boosting Security Mindfulness](https://www.exabeam.com/resources/podcasts/5-top-tips-for-boosting-security-mindfulness/): In this episode of The New CISO, Steve is joined by guest Rupa Parameswaran, former Head of Security at Amplitude and current VP of Security & IT at Handshake.
- [Are You Ready to be a CISO? Why Mentors Matter](https://www.exabeam.com/resources/podcasts/are-you-ready-to-be-a-ciso-why-mentors-matter/): In this episode of The New CISO, Steve is joined by returning guest Mark Weatherford, CSO and SVP of Regulated Industries at AlertEnterprise.
- [Be the One Who Gets the Call: The Keys to Landing New Opportunities](https://www.exabeam.com/resources/podcasts/be-the-one-who-gets-the-call-the-keys-to-landing-new-opportunities/): In this episode of The New CISO, Steve is joined by guest Mark Weatherford, CISO and Head of Regulated Industries at AlertEnterprise.
- [Learning From a Layoff: Career Growth, Change, and Opportunity](https://www.exabeam.com/resources/podcasts/learning-from-a-layoff-career-growth-change-and-opportunity/): In this episode of The New CISO, Steve is joined by guest Sandy Dunn, Lead Consultant and Founder at Quark IQ.
- [Protecting Your Revenue with Machine Learning and Data Science](https://www.exabeam.com/resources/podcasts/protecting-your-revenue-with-machine-learning-and-data-science/): Listen to Steve and Steve discuss educating executives and how utilizing data science in your security program can reduce friction and translate risk.
- [Life After Breach: How Hospitals Can Protect Patient Data](https://www.exabeam.com/resources/podcasts/life-after-breach-how-hospitals-can-protect-patient-data/): Listen to Steve and Jackie discuss the unique challenges of working as a healthcare CISO and handling security breaches.
- [Building Your Framework for Fulfillment](https://www.exabeam.com/resources/podcasts/building-your-framework-for-fulfillment/): In this episode of The New CISO, Steve is joined by Demetrios “Laz” Lazarikos, three-time CISO and Co-founder of Blue Lava Security.
- [Bridging the Effectiveness Gap: A CISO’s Perspective on New-Scale SIEM](https://www.exabeam.com/resources/podcasts/bridging-the-effectiveness-gap-a-cisos-perspective-on-new-scale-siem/): In this episode of The New CISO, Steve is joined by Tyler Farrar, the CISO at Exabeam.
- [Storytelling For CISOs: How to Make Your Message Resonate](https://www.exabeam.com/resources/podcasts/storytelling-for-cisos-how-to-make-your-message-resonate/): In this episode, Steve is joined by Tom August, a seasoned CISO with over thirty years of experience.
- [Translating Your Military Skills for Security Success](https://www.exabeam.com/resources/podcasts/translating-your-military-skills-for-security-success/): In this episode, Steve is joined by Jason Hamilton, CISO at Mutual of Omaha, to discuss how having a military background leads to security success.
- [Broad Knowledge is Power: Building a Better Security Team](https://www.exabeam.com/resources/podcasts/broad-knowledge-is-power-building-a-better-security-team/): In this episode, Steve is joined by Bryan Willett, CSO at Lexmark International, Inc, to highlight the importance of collaboration and team building.
- [Success After CISO: How to Become Your Own Boss](https://www.exabeam.com/resources/podcasts/success-after-ciso-how-to-become-your-own-boss/): In this episode, Steve is joined by Aaron Bailey, CISO and co-founder of The Missing Link, to discuss what it takes to start your own security business.
- [Leading with a Military Mindset: It’s We, Not Me](https://www.exabeam.com/resources/podcasts/leading-with-a-military-mindset-its-we-not-me/): In this episode, Steve is joined by Steve Magowan, VP of Cyber Security at BlackBerry, to discuss how military teachings apply to tech.
- [Landing a Seat in the C-Suite](https://www.exabeam.com/resources/podcasts/landing-a-seat-in-the-c-suite/): In this episode of The New CISO, Steve is joined by Mike Woodson, Director of Information Security and Privacy at Sonesta International Hotel Corporation, to discuss the risk and rewards of being a CISO.
- [Train the Way You Fight, Fight the Way You Train](https://www.exabeam.com/resources/podcasts/train-the-way-you-fight-fight-the-way-you-train/): In this episode of The New CISO, Steve is joined again by Dr. Adrian Mayers, VP and CISO at Premera Blue Cross, to dig deeper into his knowledge of insider threat management and intelligence.
- [Trusting Your Tech to Tackle Human Problems](https://www.exabeam.com/resources/podcasts/trusting-your-tech-to-tackle-human-problems/): Steve is joined by Dr. Adrian Mayers, VP and CISO at Premera Blue Cross, to discuss what to consider when interviewing for CISO positions and how to trust your tech in the security field.
- [Solving Security Puzzles](https://www.exabeam.com/resources/podcasts/solving-security-puzzles/): On this episode of The New CISO, Steve is joined by Kevin DeLange, the VP and CISO of IGT, to discuss how Kevin’s love of problem-solving led him to a career in cyber security.
- [Building The Right Relationships](https://www.exabeam.com/resources/podcasts/building-the-right-relationships/): On this episode of The New CISO, Steve is joined by Den Jones, the Chief Security Officer at Banyan Security, to discuss the importance of trustworthy and transparent relationships in the cyber security field.
- [Don’t Be Afraid to Break Things](https://www.exabeam.com/resources/podcasts/dont-be-afraid-to-break-things/): On this episode of The New CISO, Steve is joined by David Lingenfelter discuss the requirement to constantly learn and evolve in the IT security field.
- [Investing in Your Security Team](https://www.exabeam.com/resources/podcasts/investing-in-your-security-team/): On this special episode of The New CISO, Tim Lowe and Katie Hatch sit down with Zane Gittins, IT security manager. Listen to hear about Zane’s day-to-day, his news intake, and how he manages his growing team.
- [Cybersecurity Trends and Practices](https://www.exabeam.com/resources/podcasts/cybersecurity-trends-and-practices/): On this special episode of The New CISO, Steve chats once again with Chuck Markarian and Sean Murphy. Learn how the government has influenced cybersecurity, the importance of cyber insurance, and much more.
- [Management Training: Learning How To Manage Managers](https://www.exabeam.com/resources/podcasts/management-training-learning-how-to-manage-managers/): Jeremy Sneeden joins Steve to chat about needing management training to learn how to manage others, advocate for his team, and quantify risks.
- [Managing Your First Zero-Day Attack](https://www.exabeam.com/resources/podcasts/managing-your-first-zero-day-attack/): On today’s episode, we are joined by Chris Wolski, the CISO of Port of Houston. He chats about job hunting, the aftermath of an attack and more.
- [Demonstrating the Value of Your Program to the “Layman”](https://www.exabeam.com/resources/podcasts/demonstrating-the-value-of-your-program-to-the-layman/): On today’s episode, we are joined by Andrew Obadiaru, CISO and Head of IT for Cobalt. Andrew discusses using soft skills to build connections within an organization.
- [Don’t Cut Corners When It Comes To Credentials](https://www.exabeam.com/resources/podcasts/dont-cut-corners-when-it-comes-to-credentials/): On today’s episode, Martin Littmann, CISO at Kelsey-Seybold clinic in Houston, joins us once again to discuss credentials. The systems in place to create them and protect them are essential. Hear his opinions on these systems.
- [Invest in People as Much as Tools](https://www.exabeam.com/resources/podcasts/invest-in-people-as-much-as-tools/): On today’s episode, Luk Schoonaert, CISO for Exclusive Networks, joins us to discuss his experiences becoming a new CISO as well as the digital transformations and threat hunting.
- [Empowering People to Bring Their “Whole Self” to Work](https://www.exabeam.com/resources/podcasts/empowering-people-to-bring-their-whole-self-to-work/): On today’s episode, we are joined by Azzam Zahir, Global Director of Insider Threat and Security at General Motors. He discusses his journey in becoming a leader in his field and what he has learned in that process.
- [Building Your First Cybersecurity Program](https://www.exabeam.com/resources/podcasts/building-your-first-cybersecurity-program/): Steve speaks with Benjamin Edelen, CISO of Boulder County, Colorado. Steve and Benjamin talk about what it's like building your first program, and the added pressure of it also being your organization’s first cybersecurity program.
- [Knowing When It’s Time to Move Onto New Challenges](https://www.exabeam.com/resources/podcasts/knowing-when-its-time-to-move-onto-new-challenges/): On this episode, Steve sits down with Jerich Beason, CISO at Epiq Global. Jerich and Steve talk about leaving a job that already has a guaranteed path to the top, for a new role; how to approach personal brand building with an eye on the future.
- [Leading Cybersecurity as a Key Business Driver](https://www.exabeam.com/resources/podcasts/leading-cybersecurity-as-a-key-business-driver/): On this episode, Steve and Dr. Tim Proffitt, CISO at Insperity.,talk about why he jumped at the chance of becoming a professor, other potential “next steps” for CISOs looking for their next challenge and how he makes sure the security organization acts as a business-enabler, not the opposite.
- [Defending Data and Corporate Systems Without Sacrificing Revenue and Velocity](https://www.exabeam.com/resources/podcasts/defending-data-and-corporate-systems-without-sacrificing-revenue-and-velocity/): On today’s episode, Tyler Farrar, CISO for Maxar Technologies, joins us to discuss the ins and outs of threat intelligence.
- [Growing Your Confidence as a Young Leader](https://www.exabeam.com/resources/podcasts/growing-your-confidence-as-a-young-leader/): On this episode, Steve speaks with Michael St. Vincent, CISO at The Cosmopolitan of Las Vegas, about helping the next wave of CISOs by sharing real-life learning scenarios, the culture of “always having the answer” and three tenets essential to his leadership approach: confidence, coaching and kindness.
- [Four Key Elements of a Security Strategy](https://www.exabeam.com/resources/podcasts/four-key-elements-of-a-security-strategy/): On this episode, Steve speaks with Rob Hornbuckle, CISO at Allegiant Airlines. Rob shares why “looking like the smartest person in the room” can stifle collaboration and why earning the business’ trust won’t happen until you’re seen as an equal… and how to get there.
- [Earning the Business’ Trust as a New CISO](https://www.exabeam.com/resources/podcasts/earning-the-business-trust-as-a-new-ciso/): On this episode, Steve speaks with Rob Hornbuckle, CISO at Allegiant Airlines. Rob shares why “looking like the smartest person in the room” can stifle collaboration and why earning the business’ trust won’t happen until you’re seen as an equal… and how to get there.
- [Why Teams Fail: Building Resilience Into Your Security Program and Culture](https://www.exabeam.com/resources/podcasts/why-teams-fail-building-resilience-into-your-security-program-and-culture/): On this special episode, originally recorded at RSA Conference 2021, Steve welcomes back Dave Damato, CSO at Gemini and Sandro Bucchianeri, CISO at the ABsa Group, to talk about an element of success and resilience that leaders don’t always consider or prioritize: people.
- [Sugarcoating Security Data Doesn’t Help Anyone](https://www.exabeam.com/resources/podcasts/sugarcoating-security-data-doesnt-help-anyone/): On this whopper of a show, Steve speaks with Chuck Markarian, CISO of PACCAR and Sean Murphy, CISO of BECU, about the value of professional relationships early in your career.
- [Getting the Job Done Doesn’t Always Mean Getting Credit for It](https://www.exabeam.com/resources/podcasts/getting-the-job-done-doesnt-always-mean-getting-credit-for-it/): On this episode, Steve speaks with Brian Fricke, CISO at City National Bank, about cultivating a “tinkerer's” mindset for creative problem-solving; the link between listening and leadership, and why getting the job done and getting credit for it don’t always go hand in hand.
- [Why Does Cybersecurity Mentorship Matter?](https://www.exabeam.com/resources/podcasts/why-does-cybersecurity-mentorship-matter/): On this episode, Steve speaks with Sandro Bucchianeri, CISO of the ABSA Group, about finding a mentor early on in your career, why he chose to use his security experience to help others, and an initiative he’s leading in South Africa.
- [Why Great Teams Need “Lifelong Learners”](https://www.exabeam.com/resources/podcasts/why-great-teams-need-lifelong-learners/): On this awesome episode, Steve speaks with Matt King, CISO at Belcan, about how he learned not to make assumptions about people’s capabilities and why he believes lifelong learners make for great team members.
- [Don’t Aspire to be a CISO](https://www.exabeam.com/resources/podcasts/dont-aspire-to-be-a-ciso/): On this episode, Steve speaks with Dr. Rebecca Wynn, about the positive impact leaders can have on the mental health of their team members, why she believes CISOs are changing jobs more frequently and why a title alone isn’t something you should aspire to.
- [Exploring New Job Opportunities Amid a Global Pandemic](https://www.exabeam.com/resources/podcasts/exploring-new-job-opportunities-amid-a-global-pandemic/): On this episode, Rinki shares how she approached the idea of a new position, what factors contributed to the decision, how personal development and helping others played into the move and what tips she has to share for others going through a similar process.
- [How Do Leaders Cultivate Diversity of Thought?](https://www.exabeam.com/resources/podcasts/how-do-leaders-cultivate-diversity-of-thought/): On this episode, Steve speaks with Artie Wilkowsy, CISO at Dish Network, about why he thinks a broader understanding of security could be more beneficial than specialization early on in your career, and how giving each member of your team a stake in the decision-making process cultivates diversity of thought.
- [Balance Budget and Tools by Rationalizing Your Security Stack](https://www.exabeam.com/resources/podcasts/balance-budget-and-tools-by-rationalizing-your-security-stack/): On this episode we headed in a slightly different direction, speaking to Gorka Sadowski, Chief Strategy Officer at Exabeam.
- [The Moments After a Major Breach](https://www.exabeam.com/resources/podcasts/the-moments-after-a-major-breach/): On this episode, Steve speaks with Dave Damato, CSO of Gemini, about all the cogs that start turning once a breach has been detected. Dave and Steve even do a roleplay of how an organization could respond publicly.
- [Building a Student-Run SOC to Meet Threats Head-On](https://www.exabeam.com/resources/podcasts/building-a-student-run-soc-to-meet-threats-head-on/): On this episode, Steve speaks with Aaron Baillio, CISO of the University of Oklahoma, about his move from the Department of Defense to higher education.
- [2021 Cybersecurity Trends](https://www.exabeam.com/resources/podcasts/2021-cybersecurity-trends/): On this all-star show, Steve invites previous guests Deneen Defiore from United Airlines, Charlie McNerney from Expedia, and Colin Anderson from Levi’s back for our very first live recording of The New CISO Podcast; to talk all things 2021.
- [Are Hiring Policies Driving the Cybersecurity Skills Shortage?](https://www.exabeam.com/resources/podcasts/are-hiring-policies-driving-the-cybersecurity-skills-shortage/): On this show, Steve speaks with Steve Marshall, CISO for Bytes Software Services, about why he moved from Biophysics to InfoSec and how business decisions drive risk.
- [Translating Your Military Experience in Operationalizing Security to the Private Sector](https://www.exabeam.com/resources/podcasts/translating-your-military-experience-in-operationalizing-security-to-the-private-sector/): On this episode, Steve speaks with Jeffery Schilling, Global CISO at TelePerformance.
- [Culture Eats… Security for Breakfast](https://www.exabeam.com/resources/podcasts/culture-eats-security-for-breakfast/): You’ve heard that culture eats strategy for breakfast, but can it also take a bite out of security? On this episode, Steve chats to George Finney, CISO of Southern Methodist University.
- [Managing Risk While Building Trust in a Post-Breach Environment](https://www.exabeam.com/resources/podcasts/managing-risk-while-building-trust-in-a-post-breach-environment/): On this show Steve sits down with Charlie McNerney, CISO of Expedia Group, to discuss how to be a respectful leader and finding respectful leadership, the notion of trust, and how diagnosing a problem before treating it can be a good strategy.
- [Lessons Learned from the “First CISO” Part 2″](https://www.exabeam.com/resources/podcasts/lessons-learned-from-the-first-ciso-part-2/): On the second of this two-part conversation, Stephen and Steve talk about how to build security awareness within your organization, identifying why the business needs a cybersecurity program and, ultimately, how to build your first program.
- [Lessons Learned from the “First CISO” Part 1″](https://www.exabeam.com/resources/podcasts/lessons-learned-from-the-first-ciso-part-1/): On the first of a two-part conversation, Steve sits down with Steve Katz, unofficially the first person to hold the CISO title.
- [The Benefits of Finding a Security Vendor Who Can Act as a Trusted Advisor](https://www.exabeam.com/resources/podcasts/the-benefits-of-finding-a-security-vendor-who-can-act-as-a-trusted-advisor/): On this episode, Steve sits down with Damien Manuel from Deakin University Australia.
- [Why the “Shiny New Thing” in Cybersecurity Isn’t Necessarily the Best Solution](https://www.exabeam.com/resources/podcasts/why-the-shiny-new-thing-in-cybersecurity-isnt-necessarily-the-best-solution/): On this episode, Steve and Newmont Corporation CISO, Chris Ard, talk about the benefits to your career when the role you are in has a tangible human impact and how chasing the next new cybersecurity tool might not be as effective as a cybersecurity posture that’s tailored to your organization’s unique needs.
- [Making the Leap from Engineering to Cybersecurity Leadership](https://www.exabeam.com/resources/podcasts/making-the-leap-from-engineering-to-cybersecurity-leadership/): This episode sees Steve speak with David Rule, first-time CISO who, prior to this, had a more technical role.
- [Is Our Understanding of Who Owns Risk Driving CISOs to the Edge?](https://www.exabeam.com/resources/podcasts/is-our-understanding-of-who-owns-risk-driving-cisos-to-the-edge/): On this episode, Steve speaks to Gary Hayslip, US Navy veteran, author of The CISO Desk Reference Guide, and CISO at SoftBank Investment Advisers.
- [The State of the SOC in 2020](https://www.exabeam.com/resources/podcasts/the-state-of-the-soc-in-2020/): On this special edition of The New CISO, returning guest Brian Haugli, vCISO, and founder of SideChannel Security joins Steve to give his perspective on the Exabeam 2020 State of the SOC report.
- [Determining Risk Tolerance for a 100-Million-User per Month Organization](https://www.exabeam.com/resources/podcasts/determining-risk-tolerance-for-a-100-million-user-per-month-organization/): On this episode, Steve speaks to Chris Hymes, CISO and Head of Enterprise IT for Riot Games, about acceptable risk, the parallels between anti-cheat teams and threat hunting, and the benefit of sharing intelligence between competitors.
- [Getting on With the Business of Security, by Building Trust](https://www.exabeam.com/resources/podcasts/getting-on-with-the-business-of-security-by-building-trust/): On this episode, Steve speaks to Deneen DeFiore, CISO of United Airlines, about making the operational AND cultural shift between different businesses in the same industry, and how to get on with security by building trust straight off the bat.
- [Recovering from a ‘Bad CISO’](https://www.exabeam.com/resources/podcasts/recovering-from-a-bad-ciso/): A tough topic, yes, but there's more to it than just being good or bad at the job you have right now. On this episode, Stephen talks to Edward Kiledjian, OpenText CISO, about the 'bad CISO' and how they come to be.
- [How Do You Measure the Success of Your Cybersecurity Program?](https://www.exabeam.com/resources/podcasts/how-do-you-measure-the-success-of-your-cybersecurity-program/): On this episode, Cisco Cloud Security CISO, Marzena Fuller, talks about the consulting world vs traditional CISO roles; and the different elements that add to the success of a cybersecurity program.
- [How Emotional Intelligence Fortifies Capability in the Midst of a Crisis](https://www.exabeam.com/resources/podcasts/how-emotional-intelligence-fortifies-capability-in-the-midst-of-a-crisis/): Steve and Kirsten discuss the CISO's role in managing risk AND reputation throughout the incident response process; and how empathy and the ability to build relationships come into play in the midst of a crisis.
- [Strategies for Securing A Remote Workforce](https://www.exabeam.com/resources/podcasts/strategies-for-securing-a-remote-workforce/): On this episode, Kelsey-Seybold Clinic CISO Martin Littmann and Steve talk about remote working; and cybersecurity strategies for a sudden shift to where your entire organization finds itself working from home.
- [No as a Service: Why Security Can Stifle Innovation and How to Prevent It](https://www.exabeam.com/resources/podcasts/no-as-a-service-why-security-can-stifle-innovation-and-how-to-prevent-it/): How do you bridge the chasm between the board and the SOC team, between the non-technical and the experts in the field? More importantly perhaps, how do you do that AND protect innovation? Amedisys CISO Richard Kaufmann and can help.
- [Four Questions Every CISO Should Ask Their Board](https://www.exabeam.com/resources/podcasts/four-questions-every-ciso-should-ask-their-board/): On this episode, Steve speaks with Eric Cole of Secure Anchor Consulting, about why Eric believes it’s important for CISOs to step away from the more technical aspects of security.
- [Losing Your Job as a CISO: Does the Cybersecurity Skills Shortage Extend to Executives?](https://www.exabeam.com/resources/podcasts/losing-your-job-as-a-ciso-does-the-cybersecurity-skills-shortage-extend-to-executives/): This episode is an open, honest discussion with Port Houston CISO and US Navy vet, Chris Wolski about his experiences after being let go from his previous position; and the challenges he faced landing his next job.
- [Influencing and Informing Non-Technical Business Partners on Security Issues](https://www.exabeam.com/resources/podcasts/influencing-and-informing-non-technical-business-partners-on-security-issues/): On this episode, Steve speaks with Curtis Simpson, CISO at Armis. The two talk shop around the pros and cons of starting your career in small vs large organizations, influencing and informing other business partners from a security perspective, and why he believes the CISO shouldn’t report to the CIO.
- [Your First 90 Days As A New CISO](https://www.exabeam.com/resources/podcasts/your-first-90-days-as-a-new-ciso/): So you're starting your job as a first-time CISO and there's already a security team in place; with their own habits, personalities and procedures... now what?
- [From the ‘Basement’ to the Board: Giving Cybersecurity Teams Greater Visibility](https://www.exabeam.com/resources/podcasts/from-the-basement-to-the-board-giving-cybersecurity-teams-greater-visibility/): Rubrik CISO, Rinki Sethi, talk about the challenges some security teams face when the organizations they're meant to protect bury them so deep inside their organizational structure, that they end up having to compete for resources and visibility with other departments.
- [Taking a Step back and Learning to Trust the Experts on Your Team](https://www.exabeam.com/resources/podcasts/taking-a-step-back-and-learning-to-trust-the-experts-on-your-team/): Our guest, Steve Person, talks about continuously refocusing on the really important work; and learning how people outside of security measure their own success, in order to build lasting relationships.
- [Why 3rd Party Security Testing is the New Password Rotation](https://www.exabeam.com/resources/podcasts/why-3rd-party-security-testing-is-the-new-password-rotation/): On this episode, Chris Castaldo, #CISO of Dataminr and US Army Veteran, and Stephen Moore, speak plainly about the challenges of leadership early on in your career, and call out some of the more... intrusive aspects of third party security testing.
- [Unique Challenges, but Opportunities for Women in Cybersecurity](https://www.exabeam.com/resources/podcasts/unique-challenges-but-opportunities-for-women-in-cybersecurity/): On this episode, Olivia Rose talks about the challenges women in security face, and how these can translate into unique opportunities.
- [2020 Cybersecurity Trends](https://www.exabeam.com/resources/podcasts/2020-cybersecurity-trends/): This show back two previous guests, Brian Haugli and Scott Morris, to talk about security trends we see going into 2020, specifically changes to the role of the CISO, breaking out of that purely IT and security silo.
- [Partnering with Higher Education to Prepare Students for a Career in Cybersecurity](https://www.exabeam.com/resources/podcasts/partnering-with-higher-education-to-prepare-students-for-a-career-in-cybersecurity/): On this episode, Woodforest National Bank CISO Marc Crudgington, MBA explains how building effective cyber programs in higher education can help prepare the next generation of CISOs for the challenges of an industry in flux.
- [Assessing Security Reporting Structures](https://www.exabeam.com/resources/podcasts/assessing-security-reporting-structures/): On this episode, Lenny Levy talks to Stephen Moore about how we can influence and ultimately correct existing lines of reporting.
- [Digital Trust for Digital Transformation](https://www.exabeam.com/resources/podcasts/digital-trust-for-digital-transformation/): On this episode, Box CISO, Lakshmi Hanspal talks about how she has reshaped the way her organization sees her team; from a security office into a “trust office” and runs through the core pillars that make up her role as CISO.
- [Securing a Cybersecurity Organization](https://www.exabeam.com/resources/podcasts/securing-a-cybersecurity-organization/): As cybersecurity becomes entrenched in the business cycle, other business functions have expanded their interactions with security teams. That said, the understanding of what a CISO does – hasn’t always followed the same trajectory.
- [Understanding the Adversary](https://www.exabeam.com/resources/podcasts/understanding-the-adversary/): Building a career in security can be a challenge, even for those of us who start off early. For some however, the job can be a natural progression from Her Majesty’s armed forces to helping secure the 2012 Olympics and ultimately becoming a CISO.
- [Contributing to the Cybersecurity Community](https://www.exabeam.com/resources/podcasts/contributing-to-the-cybersecurity-community/): Not too long ago you’d be hard pressed to find cybersecurity communities to engage with, whereas today their ubiquity might be putting them at risk.
- [Does Security Training Really Work?](https://www.exabeam.com/resources/podcasts/does-security-training-really-work/): The CISO and the board generally share something in common – they both want to manage risk and make the business successful. But a CISO has to earn the board’s trust, even when it’s well established that they’re the security subject matter expert.
- [Winning Over the Board](https://www.exabeam.com/resources/podcasts/winning-over-the-board/): The CISO and the board generally share something in common – they both want to manage risk and make the business successful. But a CISO has to earn the board’s trust, even when it’s well established that they’re the security subject matter expert.
- [What It Means to Be an Honest Broker](https://www.exabeam.com/resources/podcasts/what-it-means-to-be-an-honest-broker/): As a former CISO in Hanover Insurance Group, Brian Haugli shares what it means to be an honest broker in the context of security leadership, which might be better described as an agent of trust and transparency for a business.
- [The Ins and Outs of Budgeting](https://www.exabeam.com/resources/podcasts/the-ins-and-outs-of-budgeting/): Andrew Wild, CISO at QTS Data Centers, talks about building an IT security budget, the challenges of prioritizing resources to balance risk, and the value of cooperation–something often more difficult to obtain than the budget itself.
- [Lessons Learned from a Virtual CISO](https://www.exabeam.com/resources/podcasts/lessons-learned-from-a-virtual-ciso/): On our first episode of The New CISO podcast, Host Stephen Moore and Matt Klein share insights on teamwork, getting visibility at the executive level, and the right prep for effective board conversations when you’re not always ‘in the room’.
## InfoSec Trends
- [Beyond the Budget: What CISOs Need to Understand About Their CFO Relationship ](https://www.exabeam.com/blog/infosec-trends/beyond-the-budget-what-cisos-need-to-understand-about-their-cfo-relationship/): CISOs gain credibility with CFOs by explaining tradeoffs and connecting security to the business.
- [Three ways to use behavioral analytics to detect and respond to autonomous, AI-driven attacks](https://www.exabeam.com/blog/infosec-trends/stopping-the-agentic-breach-how-to-operationalize-your-defense-against-mythos-speed-attacks/): This article explains how security teams detect autonomous AI attacks by analyzing behavior instead of signatures.
- [Why Security Leaders Lose Budget](https://www.exabeam.com/blog/infosec-trends/why-security-leaders-lose-budget/): Security budgets lose support when tools seem interchangeable and risk is not translated into business impact.
- [Behavior Intelligence for Securing the Agentic Enterprise](https://www.exabeam.com/blog/infosec-trends/behavior-intelligence-the-new-model-for-securing-the-agentic-enterprise/): Behavior Intelligence detects risk through behavior, automates response, and tracks security progress over time.
- [Claude Mythos, Project Glasswing, and the Future of AI Cybersecurity](https://www.exabeam.com/blog/infosec-trends/claude-mythos-project-glasswing-and-the-future-of-ai-cybersecurity/): Claude Mythos and Project Glasswing show how AI is compressing the time from vulnerability discovery to exploitation. Here’s what security teams need to do next.
- [AI Access Without Add-Ons or Limits](https://www.exabeam.com/blog/infosec-trends/ai-access-without-add-ons-or-limits/): Exabeam Nova delivers agentic AI included in the New-Scale Platform so teams work faster without usage limits.
- [Rethinking Detection for AI Agents: Why Behavioral Analytics Wins](https://www.exabeam.com/blog/infosec-trends/ai-agents-are-the-new-detection-problem-nobody-designed-for/): AI agents break old detection models. See why behavioral analytics is key to scalable security.
- [2025 MITRE ATT&CK® Evals: Insider Tips for EDR Selection](https://www.exabeam.com/blog/infosec-trends/decoding-the-2025-mitre-attck-evals-a-call-for-clarity-and-a-guide-for-analysts/): Get an insider’s analysis of the 2025 MITRE ATT&CK® Evals and learn how to select the right EDR for your team.
- [Understanding MCP and the Future of AI-Driven Security Interoperability](https://www.exabeam.com/blog/infosec-trends/model-context-protocol-server-the-universal-remote-for-ai-agents/): Learn how the Model Context Protocol (MCP) makes security data agent-ready, enriching detections and enabling new interoperability for AI.
- [Agent Behavior Analytics with Google Cloud](https://www.exabeam.com/blog/infosec-trends/securing-the-future-of-work-agent-behavior-analytics-with-google-cloud/): Learn how Exabeam and Google Cloud are extending behavioral analytics to AI agents, addressing the rise of insider risks in the enterprise.
- [How CISOs Use Agentic AI to Prove SOC Value](https://www.exabeam.com/blog/infosec-trends/the-ciso-as-strategist-how-ai-agents-help-prove-the-value-of-the-soc/): Discover how agentic AI helps CISOs measure outcomes, reduce risk, and align with business goals.
- [Why CISOs Need Agentic AI to Prove SOC Value](https://www.exabeam.com/blog/infosec-trends/why-traditional-ai-isnt-enough-and-what-cisos-need-now/): Discover how the Exabeam Nova AI agents help CISOs reduce risk, boost efficiency, and communicate outcomes.
- [How Agentic AI Supports Top CISO Priorities](https://www.exabeam.com/blog/infosec-trends/cisos-are-focused-on-outcomes-can-agentic-ai-deliver/): Learn how AI agents can help CISOs reduce risk, retain talent, and prove the value of the SOC.
- [Explore Flexible Paths for Your Self-Hosted SIEM Deployment](https://www.exabeam.com/blog/infosec-trends/choose-your-own-adventure-finding-the-right-path-for-your-self-hosted-siem-deployment/): Explore three flexible security paths for your self-hosted SIEM. Stay on-prem, augment with AI, or go cloud native.
- [Why Most SOCs Aren’t Ready for AI—and What to Do About It](https://www.exabeam.com/blog/infosec-trends/why-your-soc-isnt-ready-for-ai-and-what-to-do-about-it/): Learn why generic AI tools fall short in the SOC—and what CISOs and analysts must do to prepare for real-world adoption.
- [How Network Monitoring Helps Banks Detect Fraud Before It’s Too Late](https://www.exabeam.com/blog/infosec-trends/how-network-monitoring-helps-banks-stop-fraud-and-payment-attacks-before-theyspread/): Banks need real-time visibility. NetMon detects fraud before funds are lost.
- [The Rise of AI-Generated Attacks: Why UEBA is the Best Defense](https://www.exabeam.com/blog/ueba/the-rise-of-ai-generated-attacks-why-ueba-is-the-best-defense/): This blog explores how generative AI is fueling unknown attacks, why traditional detection methods are failing, and how User and Entity Behavior Analytics (UEBA) is the best defense against this growing threat.
- [2025 Cybersecurity Trends: Nine Ways the Future Could Thrill, Challenge, and Surprise Us ](https://www.exabeam.com/blog/infosec-trends/2025-cybersecurity-trends-nine-ways-the-future-could-thrill-challenge-and-surprise-us/): Explore 2025 cybersecurity trends: triple extortion, deepfakes, AI risks, and evolving regulations. Stay secure, stay ahead!
- [Generative AI is Reshaping Cybersecurity. Is Your Organization Prepared?](https://www.exabeam.com/blog/infosec-trends/generative-ai-is-reshaping-cybersecurity-is-your-organization-prepared/): Unlocking Cybersecurity Potential: The Role of Generative AI in Defending Your Organization
- [Strengthening Cyber Defenses: Innovative Solutions for TDIR Challenges](https://www.exabeam.com/blog/infosec-trends/strengthening-cyber-defenses-innovative-solutions-for-tdir-challenges/): Discover how to fortify your cyber defenses by overcoming TDIR challenges with advanced, innovative solutions.
- [Introducing Exabeam Copilot: Your New Generative AI Cybersecurity Virtual Assistant](https://www.exabeam.com/blog/infosec-trends/introducing-exabeam-copilot-your-new-generative-ai-cybersecurity-virtual-assistant/): Discover how Exabeam Copilot’s AI-driven capabilities transform threat detection, investigation, and response (TDIR).
- [The AI-Driven Exabeam Security Operations Platform: Revolutionizing Threat Detection, Investigation, and Response](https://www.exabeam.com/blog/infosec-trends/the-ai-driven-exabeam-security-operations-platform-revolutionizing-threat-detection-investigation-and-response/): Transform cybersecurity with Exabeam: AI-driven threat detection, investigation, and rapid response capabilities.
- [Building Custom and Comprehensive Visibility and Security Enforcement for Generative AI](https://www.exabeam.com/blog/infosec-trends/practice-what-you-preach-an-introspective-on-building-custom-and-comprehensive-visibility-and-security-enforcement-for-generative-ai/): Learn how Exabeam leverages our own platform to achieve feats in GenerativeAI visibility, detection, and protection.
- [Integrating, Instead of Disrupting: How AI Will Impact Security](https://www.exabeam.com/blog/infosec-trends/integrating-instead-of-disrupting-how-ai-will-impact-security/): As AI becomes increasingly adopted by organizations, SOCs will be bracing for the changes it brings.
- [What You Don’t Know Can Hurt You: How to Use AI Responsibly](https://www.exabeam.com/blog/infosec-trends/what-you-dont-know-can-hurt-you-how-to-use-ai-responsibly/): Threat actors are already developing new AI tactics for evading SOCs, and more methods are likely to emerge.
- [Security Operations in the AI Era: Opportunities and Challenges](https://www.exabeam.com/blog/infosec-trends/security-operations-in-the-ai-era-opportunities-and-challenges/): Explore AI's impact on cybersecurity with Jeannie Warner and Exabeam CISO Tyler Farrar's insights on evolving SOCs.
- [Stranger Than Science Fiction: The Future of AI-Augmented Attacks](https://www.exabeam.com/blog/infosec-trends/stranger-than-science-fiction-the-future-of-ai-augmented-attacks/): Threat actors are already developing new AI tactics for evading SOCs, and more methods are likely to emerge.
- [Revolution or Evolution? The Old Origins of Today’s New AI](https://www.exabeam.com/blog/infosec-trends/revolution-or-evolution-the-old-origins-of-todays-new-ai/): People may not realize that they’ve been using AI constantly for the past decade.
- [Exabeam Completes Information Security Registered Assessors Program (IRAP) Assessment at the PROTECTED Level](https://www.exabeam.com/blog/infosec-trends/exabeam-completes-information-security-registered-assessors-program-irap-assessment-at-the-protected-level/): The IRAP assessment enhances data security by evaluating ICT infrastructures that handle this critical information.
- [Unlocking Leadership: The 100th Episode of The New CISO Podcast](https://www.exabeam.com/blog/infosec-trends/unlocking-leadership-the-100th-episode-of-the-new-ciso-podcast/): Celebrate 100 episodes of The New CISO with host Steve Moore and returning guests Michael Meis and Mark Weatherford.
- [Dream Jobs and Diamonds: Communicating Success with Maria Sexton](https://www.exabeam.com/blog/infosec-trends/dream-jobs-and-diamonds-communicating-success-with-maria-sexton/): After three decades in IT, Maria Sexton has her dream job as CIO at the University Medical Center of Southern Nevada.
- [Revolutionizing SOC Efficiency: Cribl Observability Pipelines in Cloud-Native SIEM](https://www.exabeam.com/blog/infosec-trends/revolutionizing-soc-efficiency-cribl-observability-pipelines-in-cloud-native-siem/): Boost SOC efficiency with Cribl and New-Scale SIEM from Exabeam. Streamline data for smarter security.
- [The Promises and Perils of AI in Cybersecurity](https://www.exabeam.com/blog/infosec-trends/the-promises-and-perils-of-ai-in-cybersecurity/): Explore the power of AI in security, potential pitfalls, & how to use it safely and effectively in security operations.
- [From “WarGames” to Wall Street: Frank Vesce’s Cybersecurity Journey](https://www.exabeam.com/blog/infosec-trends/from-wargames-to-wall-street-frank-vesces-cybersecurity-journey/): Explore Frank Vesce’s infosec journey, from adoring “WarGames” & “The Cuckoo’s Egg” to bringing the human touch to tech.
- [Spotlight23 Highlights in Review](https://www.exabeam.com/blog/infosec-trends/spotlight23-highlights-in-review/): Explore Exabeam Innovations at Spotlight23 — Elevate Your Security Game with AI and Cybersecurity Experts.
- [Human Connections in Tech: A Dialogue With Brad Sexton](https://www.exabeam.com/blog/infosec-trends/human-connections-in-tech-a-dialogue-with-brad-sexton/): Dive into Brad Sexton's journey – from tinkering with printers to fostering tech innovation and meaningful relationships.
- [From Unassuming Beginnings to CISO Excellence: A Journey with Andrew Wilder](https://www.exabeam.com/blog/infosec-trends/from-unassuming-beginnings-to-ciso-excellence-a-journey-with-andrew-wilder/): Follow Andrew Wilder's evolution to CISO excellence, filled with insights for emerging leaders.
- [10 Essential Episodes of The New CISO Podcast](https://www.exabeam.com/blog/infosec-trends/10-essential-episodes-of-the-new-ciso-podcast/): The New CISO Podcast is highlighting our top ten essential episodes in advance of the upcoming 100th episode special.
- [Cybersecurity Trailblazer: Suid Adeyanju’s Journey from Analyst to CISO](https://www.exabeam.com/blog/infosec-trends/cybersecurity-trailblazer-suid-adeyanjus-journey-from-analyst-to-ciso/): An unconventional path to cybersecurity success: Suid Ageyanju’s remarkable journey to CISO and entrepreneur.
- [Patient Privacy and Artificial Intelligence](https://www.exabeam.com/blog/infosec-trends/artificial-intelligence-a-danger-to-patient-privacy/): Using artificial intelligence in healthcare poses a risk to privacy and compliance within regulatory frameworks, such as the Health Insurance Portability and Accountability Act of 1996 (HIPAA) Security Rule.
- [The Eternal Learner: Tackling Insider Threats and AI-enhanced Phishing](https://www.exabeam.com/blog/infosec-trends/the-eternal-learner-tackling-insider-threats-and-ai-enhanced-phishing/): Get insights on tackling insider threats & AI-enhanced phishing from cybersecurity expert & CISO Jeff Schilling.
- [AI has Arrived: How Does it Impact IT and Security?](https://www.exabeam.com/blog/infosec-trends/ai-has-arrived-how-does-it-impact-it-and-security/): AI has triggered a mad dash for IT and security teams to familiarize themselves with these fascinating advancements.
- [Neurodivergence, Vulnerability, and Happiness: A Fresh Take on Cybersecurity Leadership](https://www.exabeam.com/blog/infosec-trends/neurodivergence-vulnerability-and-happiness-a-fresh-take-on-cybersecurity-leadership/): Explore Chris Nolke's insights on neurodivergence, vulnerability, and happiness in cybersecurity leadership.
- [The New CISO: Harnessing the Power of Automation in Cybersecurity](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-harnessing-the-power-of-automation-in-cybersecurity/): Explore the CISO role, the power of automation in cybersecurity, and the importance of understanding user behavior.
- [Navigating Cybersecurity Leadership: Debunking Excuses and Embracing Change](https://www.exabeam.com/blog/infosec-trends/navigating-cybersecurity-leadership-debunking-excuses-and-embracing-change/): Explore cybersecurity leadership, the evolving role of CISOs, and the importance of adaptability in the field.
- [A New Paradigm for CISOs: Aligning Security with Revenue Generation](https://www.exabeam.com/blog/infosec-trends/a-new-paradigm-for-cisos-aligning-security-with-revenue-generation/): Discover how CISOs are driving revenue generation and aligning security with business objectives.
- [The Journey to CISO Success Through Authenticity and Adaptability](https://www.exabeam.com/blog/infosec-trends/the-journey-to-ciso-success-through-authenticity-and-adaptability/): Explore Mike Kelley's CISO journey, embracing adaptability, authenticity, and relationship-building for success in cybersecurity.
- [Bots in SOCs — The Rise of AI in Security Operations Centers](https://www.exabeam.com/blog/infosec-trends/bots-in-socs-the-rise-of-ai-in-security-operations-centers/): Discover the impact of AI in security operations centers (SOCs) and its potential for revolutionizing cybersecurity.
- [The Resilient CISO: Balancing Mental Health, Team Dynamics, and Incident Response](https://www.exabeam.com/blog/infosec-trends/the-resilient-ciso-balancing-mental-health-team-dynamics-and-incident-response/): CISO insights on mental health, building strong teams, and navigating cybersecurity challenges.
- [New gTLDs and Old Unicode Issues](https://www.exabeam.com/blog/infosec-trends/new-gtlds-and-old-unicode-issues/): Cybersecurity issues created by .zip and.mov gTLDs, Unicode in URLs, and how to find and block them with your SIEM solution.
- [Exabeam News Wrap-up – July 6, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-july-6-2023/): Stay informed with Exabeam news on cloud-native SIEM, ransomware, AI impact, gender equality, and pay transparency.
- [The Role of Today’s CISO: Opportunities, Challenges, and Personal Liabilities](https://www.exabeam.com/blog/infosec-trends/the-role-of-todays-ciso-opportunities-challenges-and-personal-liabilities/): Explore insights on the CISO role, vendor selection, career growth, and personal liability from The New CISO podcast.
- [Four Key Components of a Strong Insider Threat Management Strategy](https://www.exabeam.com/blog/infosec-trends/four-key-components-of-a-strong-insider-threat-management-strategy/): Learn the four key components for a robust insider threat mitigation plan.
- [Four Days of Gartner Security and Risk Management Summit in Four Minutes](https://www.exabeam.com/blog/infosec-trends/four-days-of-gartner-security-and-risk-management-summit-in-four-minutes/): 2023 Gartner Security Summit highlights: AI, platform/tool consolidation, vendor consolidation.
- [Developing a Proactive Strategy to Mitigate Insider Threats](https://www.exabeam.com/blog/infosec-trends/developing-a-proactive-strategy-to-mitigate-insider-threats/): Mitigate insider threats with effective strategies and a risk-aware organizational culture.
- [The Insider Threat Dilemma: Why It Matters More Than You Think](https://www.exabeam.com/blog/infosec-trends/the-insider-threat-dilemma-why-it-matters-more-than-you-think/): Uncover insider threats' prevalence, impact, and importance in cybersecurity strategies.
- [Time for an Upgrade — Why Banks Should Ditch Legacy SIEM Technology for Cloud-native SIEM](https://www.exabeam.com/blog/infosec-trends/time-for-an-upgrade-why-banks-should-ditch-legacy-siem-technology-for-cloud-native-siem/): Learn why banks should upgrade to cloud-native SIEM for enhanced security.
- [The New CISO’s Role: Building Security Mindfulness, Credibility, and Influence](https://www.exabeam.com/blog/infosec-trends/the-new-cisos-role-building-security-mindfulness-credibility-and-influence/): Rupa Parameswaran shares insights on security mindfulness, CISO leadership, and engaging with the board.
- [From Farming to the White House: Mark Weatherford’s Journey to Becoming a CISO](https://www.exabeam.com/blog/infosec-trends/from-farming-to-the-white-house-mark-weatherfords-journey-to-becoming-a-ciso/): Discover Mark Weatherford's insights on cybersecurity leadership, mentorship, and adaptability for success.
- [Cultivating a Risk-aware Culture — Employee Training and Awareness in Bank Cybersecurity](https://www.exabeam.com/blog/infosec-trends/cultivating-a-risk-aware-culture-employee-training-and-awareness-in-bank-cybersecurity/): Explore employee training, key program components, and fostering a security-aware culture in bank cybersecurity.
- [What Is Threat Modeling? Key Steps and Techniques](https://www.exabeam.com/blog/infosec-trends/top-8-threat-modeling-methodologies-and-techniques/): Threat modeling is a proactive strategy for evaluating cybersecurity threats. It involves identifying threats and defining ways to detect and respond to those threats.
- [The Importance of Data Science in Cybersecurity: Insights from Steve Magowan](https://www.exabeam.com/blog/infosec-trends/the-importance-of-data-science-in-cybersecurity-insights-from-steve-magowan/): Learn how data science helps protect revenue & lower security friction. Insights from cybersecurity expert Steve Magowan.
- [The Path to Defender Alignment: Key Strategies and Implementation](https://www.exabeam.com/blog/infosec-trends/the-path-to-defender-alignment-key-strategies-and-implementation/): Implement key strategies to achieve defender alignment, including proactive approaches, collaboration, and comprehensive awareness for robust security.
- [Guardians of Patient Data: Jackie Mattingly’s Journey to Protecting Healthcare Information Security](https://www.exabeam.com/blog/infosec-trends/guardians-of-patient-data-jackie-mattinglys-journey-to-protecting-healthcare-information-security/): Explore Jackie Mattingly's rise to CISO and her insights on safeguarding patient data in the healthcare industry.
- [Empowering Defenders: Skills Development and Proactive Approaches in Defender Alignment](https://www.exabeam.com/blog/infosec-trends/empowering-defenders-skills-development-and-proactive-approaches-in-defender-alignment/): Learn how to empower defenders with accurate information, analytics, and collaboration to achieve defender alignment in cybersecurity operations.
- [The Future of Cybersecurity Leadership: Lessons from CISOs in the Trenches](https://www.exabeam.com/blog/infosec-trends/the-future-of-cybersecurity-leadership-lessons-from-cisos-in-the-trenches/): Get top CISOs' insights on cybersecurity leadership, trust-building, networking, and giving back to the community.
- [The Foundation of Defender Alignment: Awareness, Context, and Collaboration](https://www.exabeam.com/blog/infosec-trends/the-foundation-of-defender-alignment-awareness-context-and-collaboration/): Discover defender alignment essentials, including strategies for fostering organizational awareness and setting cybersecurity priorities.
- [A CISO’s Roadmap: Enhancing Detection, Automation, and Empowerment in Cybersecurity](https://www.exabeam.com/blog/infosec-trends/a-cisos-roadmap-enhancing-detection-automation-and-empowerment-in-cybersecurity/): Explore CISO insights on cybersecurity, behavioral detection, and fostering a culture of risk awareness.
- [Top Five Observations From RSA Conference 2023](https://www.exabeam.com/blog/infosec-trends/top-five-observations-from-rsa-conference-2023/): Discover top 5 takeaways from RSA Conference 2023, including trends in security, XDR, AI, and more.
- [Exabeam News Wrap-up – May 1, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-may-1-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [The Importance of Storytelling and Collaboration for CISOs](https://www.exabeam.com/blog/infosec-trends/the-importance-of-storytelling-and-collaboration-for-cisos/): Explore CISO insights on storytelling, risk management, and fostering collaboration for cybersecurity success.
- [Evaluating Success in Adversary-aligned Security Operations](https://www.exabeam.com/blog/infosec-trends/evaluating-success-in-adversary-aligned-security-operations/): Learn how to evaluate the success of an adversary-aligned SOC through three distinct lenses and foster a culture of risk awareness and communication.
- [Understanding the Different Types of Adversaries](https://www.exabeam.com/blog/infosec-trends/understanding-the-different-types-of-adversaries/): Uncover the diverse types of adversaries that CISOs must address to build robust, adversary-aligned security operations and strengthen security measures.
- [What is Adversary Alignment?](https://www.exabeam.com/blog/infosec-trends/what-is-adversary-alignment/): Discover adversary alignment, a new approach for CISOs to assess cybersecurity and transform security posture within organizations.
- [Exabeam News Wrap-up – April 3, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-april-3-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [The New CISO Podcast: Translating Your Military Skills for Security Success](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-translating-your-military-skills-for-security-success/): In this blog post, we cover highlights of our The New CISO Podcast, Translating Your Military Skills for Security Success.
- [30 Resources to Help CISOs Protect Their Organizations From Breaches](https://www.exabeam.com/blog/infosec-trends/30-resources-to-help-cisos-protect-their-organizations-from-breaches/): Discover 30 essential resources to help CISOs proactively protect their organization against breaches. Don't wait until it's too late to secure your data.
- [Exabeam News Wrap-up – March 1, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-march-1-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [The Exabeam Third Annual Partner of Year Awards Have Been Announced. And the Winners Are](https://www.exabeam.com/blog/infosec-trends/the-exabeam-third-annual-partner-of-year-awards-have-been-announced-and-the-winners-are/): Announcing the winners of the 2022 Partner of the Year Awards where we highlight our leading VARs, resellers, technology alliances, MSSPs, and SI partners.
- [The New CISO Podcast: Broad Knowledge is Power – Building a Better Security Team](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-broad-knowledge-is-power-building-a-better-security-team/): In this blog post, we cover highlights of our The New CISO Podcast, Broad Knowledge is Power: Building a Better Security Team.
- [Exabeam News Wrap-up – February 1, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-february-1-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [The New CISO Podcast: Success After CISO – How to Become Your Own Boss](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-success-after-ciso-how-to-become-your-own-boss/): In this blog post, we cover highlights of our The New CISO Podcast, Success After CISO – How to Become Your Own Boss.
- [The New CISO Podcast: Leading with a Military Mindset – It’s “We,” Not “Me”](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-leading-with-a-military-mindset-its-we-not-me/): Steve Magowan, Vice President of Cybersecurity at BlackBerry, is our guest on The New CISO Podcast.
- [10 Latest Insider Threat Resources](https://www.exabeam.com/blog/infosec-trends/10-latest-insider-threat-resources/): Insider threats are security risks that come from malicious, compromised, or negligent users within the organization.
- [Exabeam News Wrap-up – January 5, 2023](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-january-5-2023/): The latest collection of Exabeam topics, headlines, and news coverage. Stay up to date with the Exabeam News Wrap-up!
- [The New CISO Podcast: Landing a Seat in the C-Suite](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-landing-a-seat-in-the-c-suite/): Mike Woodson, Director of Information Security and Privacy at Sonesta, is our guest on The New CISO Podcast.
- [Exabeamers Make Cybersecurity Predictions for 2023](https://www.exabeam.com/blog/infosec-trends/exabeamers-make-cybersecurity-predictions-for-2023/): Exabeam experts make security predictions for 2023, including insider threats, geopolitics, and criminal group takedowns.
- [The New CISO Podcast: Trusting Your Tech to Tackle Human Problems](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-trusting-your-tech-to-tackle-human-problems/): Dr. Adrian Mayers, VP and CISO at Premera Blue Cross, is our guest on The New CISO Podcast.
- [15 InfoSec Resources You Might Have Missed in November](https://www.exabeam.com/blog/infosec-trends/15-infosec-resources-you-might-have-missed-in-november/): Threat detection and incident response resources for CISOs and information security practitioners.
- [What’s New in Exabeam Product Development – November 2022](https://www.exabeam.com/blog/infosec-trends/whats-new-in-exabeam-product-development-november-2022/): A summary of new updates from the Exabeam Engineering, Education, and Product Management teams.
- [Exabeam News Wrap-up – December 1, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-december-1-2022/)
- [Exabeam Achieves ISO 27017 and ISO 27018 Certifications](https://www.exabeam.com/blog/infosec-trends/exabeam-achieves-iso-27017-and-iso-27018-certifications/): Exabeam has achieved ISO 27017 & 27018 certifications, showing a commitment to data security and privacy in the cloud.
- [Overview of Exabeam SIEM and Security Analytics Product Innovations](https://www.exabeam.com/blog/infosec-trends/overview-of-exabeam-siem-and-security-analytics-product-innovations/): Exabeam SIEM and Security Analytics — New-Scale SIEM for cloud-scale security log management and more.
- [Exabeam News Wrap-up – November 1, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-november-1-2022/): Summary of Exabeam’s key topics and headlines for the week of September 19, 2022
- [Exabeam News Wrap-up – October 10, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-october-10-2022/): Summary of Exabeam’s key topics and headlines for the week of September 19, 2022
- [9 InfoSec Resources You Might Have Missed in September](https://www.exabeam.com/blog/infosec-trends/9-infosec-resources-you-might-have-missed-in-september/): Threat detection and incident response resources for CISOs and information security practitioners
- [Cybersecurity Awareness Month: Time to Recalibrate and Prioritize Security](https://www.exabeam.com/blog/infosec-trends/cybersecurity-awareness-month-time-to-recalibrate-and-prioritize-security/): National Cybersecurity Awareness Month is the time to prioritize security so everyone can work safer online.
- [What’s New in Exabeam Product Development – September 2022](https://www.exabeam.com/blog/infosec-trends/whats-new-in-exabeam-product-development-september-2022/): A summary of new updates from the Exabeam Engineering, Education, and Product Management teams.
- [Exabeam News Wrap-up – September 19, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-september-19-2022/): Summary of Exabeam’s key topics and headlines for the week of September 19, 2022
- [Exabeam News Wrap-up – September 12, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-september-12-2022/): Summary of Exabeam’s key topics and headlines for the week of September 12, 2022
- [Exabeam News Wrap-up – September 5, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-september-5-2022/): Summary of Exabeam’s key topics and headlines for the week of September 5, 2022
- [12 InfoSec Resources You Might Have Missed in August](https://www.exabeam.com/blog/infosec-trends/12-infosec-resources-you-might-have-missed-in-august/): Threat detection and incident response resources for CISOs and information security practitioners.
- [Exabeam News Wrap-up – Week of August 29, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-august-29-2022/): Summary of Exabeam’s key topics and headlines for the week of August 29, 2022
- [Security Automation is Real. Science Fiction is Not.](https://www.exabeam.com/blog/infosec-trends/security-automation-is-real-science-fiction-is-not/): The promise of Open XDR is becoming a reality, thanks to the efforts of the XDR Alliance.
- [Supply Chain Breaches and OT/IoT Scenarios](https://www.exabeam.com/blog/infosec-trends/supply-chain-breaches-and-ot-iot-scenarios/): Learn about top four supply chain risks: third-party vendor risks, digital risk, supplier fraud, data integrity. Learn how UEBA can help to prevent them.
- [Exabeam News Wrap-up – August 22, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-august-22-2022/): Summary of Exabeam’s key topics and headlines for the week of August 22, 2022
- [Anatomy of a Retail Point of Sale Cyberattack](https://www.exabeam.com/blog/infosec-trends/anatomy-of-a-retail-point-of-sale-cyberattack/): The migration of point of sale (POS) management systems to the cloud has also expanded the threat landscape and provided cybercriminals with a very popular vector for exploitation.
- [Exabeam News Wrap-up – August 15, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-august-15-2022/): Summary of Exabeam’s key topics and headlines for the week of August 15, 2022
- [Cyberseer Discovers Exposed Corporate Credentials](https://www.exabeam.com/blog/infosec-trends/cyberseer-discovers-exposed-corporate-credentials-by-integrating-digital-shadows-intelligence-into-exabeam-managed-service-offering/): Cyberseer integrates Exabeam and Digital Shadows to combat ransomware by monitoring for exposed credentials online.
- [Exabeam News Wrap-up – August 8, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-august-8-2022/): Summary of Exabeam’s key topics and headlines for the week of August 8, 2022
- [9 InfoSec Resources You Might Have Missed in July](https://www.exabeam.com/blog/infosec-trends/9-infosec-resources-you-might-have-missed-in-july/): Threat detection and incident response resources for CISOs and information security practitioners.
- [The New CISO Podcast: Building The Right Relationships](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-building-the-right-relationships/): Banyan Security CISO Den Jones talks with Exabeam’s Chief Security Strategist Steve Moore on The New CISO podcast.
- [The CISO’s Response Plan After a Breach](https://www.exabeam.com/blog/infosec-trends/the-cisos-response-plan-after-a-breach/): Through our recent webinar, learn how CISOs can prepare for a breach and the steps to take after a breach occurs.
- [Exabeam News Wrap-up – July 25, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-july-25-2022/): Summary of Exabeam’s key topics and headlines for the week of July 25, 2022
- [The New CISO Podcast: Cybersecurity Trends and Practices](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-cybersecurity-trends-and-practices/): Paccar CISO Chuck Markarian and BECU CISO Sean Murphy are Exabeam’s guests on The New CISO podcast.
- [Exabeam News Wrap-up – July 18, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-july-18-2022/): Summary of Exabeam’s key topics and headlines for the week of July 18, 2022
- [The New CISO Podcast: Invest in Your Team](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-invest-in-your-team/): Rincon Security co-founder and IT Security Manager Zane Gittins is Exabeam’s guest on The New CISO podcast.
- [Exabeam News Wrap-up – July 11, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-july-11-2022/): Summary of Exabeam’s key topics and headlines for the week of July 11, 2022
- [The New CISO Podcast: Don’t Be Afraid to Break Things](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-dont-be-afraid-to-break-things/): Penn National Gaming Vice President Information Security David Lingenfelter is Exabeam’s guest on The New CISO podcast.
- [Exabeam News Wrap-up – July 4, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-july-4-2022/): Summary of Exabeam’s key topics and headlines for the week of July 4, 2022
- [17 InfoSec Resources You Might Have Missed in June](https://www.exabeam.com/blog/infosec-trends/17-infosec-resources-you-might-have-missed-in-june/): Threat detection and incident response resources for CISOs and information security practitioners.
- [The Validation of Open XDR](https://www.exabeam.com/blog/infosec-trends/the-validation-of-open-xdr/): The promise of Open XDR is becoming a reality, thanks to the efforts of the XDR Alliance.
- [Exabeam News Wrap-up – June 20, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-june-20-2022/): Summary of Exabeam’s key topics and headlines for the week of June 20, 2022
- [The New CISO Podcast: Management Tools](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-management-tools/): Allina Health Director of Security Operations and Engineering Jeremy Sneeden talks with Exabeam’s Chief Security Strategist Steve Moore on The New CISO Podcast.
- [Exabeam News Wrap-up – June 13, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-june-13-2022/): Summary of Exabeam’s key topics and headlines for the week of June 13, 2022
- [One Week of Gartner Security & Risk Summit 2022 in 10 Minutes](https://www.exabeam.com/blog/infosec-trends/one-week-of-gartner-security-risk-summit-2022-in-10-minutes/): Miss some of the sessions at the Gartner Security & Risk Summit 2022? Get caught up with Exabeam’s key takeaways.
- [Exabeam News Wrap-up – June 6, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-news-wrap-up-week-of-june-6-2022/): Summary of Exabeam’s key topics and headlines for the week of June 6, 2022
- [16 InfoSec Resources You Might Have Missed in May](https://www.exabeam.com/blog/infosec-trends/16-infosec-resources-you-might-have-missed-in-may/): Threat detection and incident response resources for CISOs and information security practitioners.
- [Exabeam News Wrap-up – May 23, 2022](https://www.exabeam.com/blog/infosec-trends/exabeam-weekly-news-roundup-may-23-2022/): A summary of Exabeam’s key topics and headlines for the week of May 27, 2022
- [Exabeam: A Multiplier for Any Zero Trust Strategy](https://www.exabeam.com/blog/infosec-trends/exabeam-a-multiplier-for-any-zero-trust-strategy/): Exabeam makes it easy to ingest security events from every component within your Zero Trust Architecture.
- [Top 3 Questions from the CISO’s Guide to Communicating Risk Webinar](https://www.exabeam.com/blog/infosec-trends/top-3-questions-from-the-cisos-guide-to-communicating-risk-webinar/): Get answers to the three most pressing questions from Exabeam’s “CISO’s Guide to Communicating Risk” webinar.
- [A CISO’s Guide to Communicating Risk](https://www.exabeam.com/blog/infosec-trends/a-cisos-guide-to-communicating-risk/): In this webinar we discuss how to effectively communicate with other executives by setting expectations and demonstrating transparency before a major breach occurs.
- [29 InfoSec Resources You May Have Missed in April](https://www.exabeam.com/blog/infosec-trends/29-infosec-resources-you-may-have-missed-in-april/): Threat detection and incident response resources for CISOs and information security practitioners.
- [Top 8 Social Engineering Techniques in 2025 and How to Prevent Them](https://www.exabeam.com/blog/infosec-trends/top-8-social-engineering-techniques-and-how-to-prevent-them/): A security operations center (SOC) analyst is a central role in modern security teams. SOC analysts detect and respond to cyber attacks.
- [Sharpening First-Time Access Alerts for Insider Threat Detection](https://www.exabeam.com/blog/infosec-trends/sharpening-first-time-access-alerts-for-insider-threat-detection/): How machine learning can sharpen the precision of insider threat detection by reducing false alert rates.
- [The New CISO Podcast: Empowering People to Bring Their “Whole Self” to Work](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-empowering-people-to-bring-their-whole-self-to-work/): General Motors Global Director of Insider Threat and Security Azzam Zahir is our guest on The New CISO podcast.
- [Five Steps to Effectively Identify Insider Threats](https://www.exabeam.com/blog/infosec-trends/five-steps-to-effectively-identify-insider-threats/): Security teams must have a plan for early detection and mitigation of breaches caused by insider threats.
- [The New CISO Podcast: Invest in People as Much as Tools](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-invest-in-people-as-much-as-tools/): Exclusive Networks CISO Luk Shoonaert talks with Exabeam’s Chief Security Strategist Steve Moore on The New CISO Podcast.
- [17 InfoSec Resources You May Have Missed in March](https://www.exabeam.com/blog/infosec-trends/17-infosec-resources-you-may-have-missed-in-march/): 17 threat detection and incident response resources for CISOs and information security practitioners.
- [The New CISO Podcast: Managing Your First Zero-Day Attack](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-managing-your-first-zero-day-attack/): Chris Wolski, the CISO of Port of Houston shares tips for finding a job as CISO and overcoming a cyberattack.
- [4 Information Security Articles From the Week of March 28](https://www.exabeam.com/blog/infosec-trends/4-information-security-articles-from-the-week-of-march-28/): Information security news for the week of March 28, 2022 honored women in tech as Women’s History Month came to a close.
- [Mitigating Risk: How the Financial Services Sector Is Handling Today’s Cybersecurity Challenges](https://www.exabeam.com/blog/infosec-trends/mitigating-risk-how-the-financial-services-sector-is-handling-todays-cybersecurity-challenges/): Financial institutions face ongoing threats of cyber attacks like ransomware, credential theft, and fraud.
- [The New CISO: Demonstrating Your Value of Your Program to the Layperson](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-demonstrating-your-value-of-your-program-to-the-layperson/): Andrew Obidiaru, CISO and Head of IT at Cobalt, shares tips for demonstrating the value of cybersecurity programs.
- [The Relationship Between Business Risk and Security and the Role of the Modern CISO](https://www.exabeam.com/blog/infosec-trends/the-relationship-between-business-risk-and-security-and-the-role-of-the-modern-ciso/): Businesses face more risk than ever, and modern security teams shoulder the enormous responsibility of protecting their organization's most sensitive and valuable data. We sat down with security leaders to better understand the relationship between business risk and security and the role of today's CISO.
- [7 InfoSec Resources You May Have Missed in February](https://www.exabeam.com/blog/infosec-trends/7-infosec-resources-you-may-have-missed-in-february/): 7 threat detection and incident response resources for CISOs and information security practitioners.
- [Shields Up: What You Can Do Following New Reports of Destructive Malware in Ukraine, Latvia, and Lithuania](https://www.exabeam.com/blog/infosec-trends/shields-up-what-you-can-do-following-new-reports-of-destructive-malware-in-ukraine-latvia-and-lithuania/): The situation in Ukraine continues to escalate, and our hearts are with those who’ve been affected by the conflict. We want our customers to know we are here for you, and we will continue to update and inform you on all cybersecurity reports that impact your ability to protect your businesses and people.
- [Shields Up: Bolstering Your Security Posture Following Ukraine Invasion](https://www.exabeam.com/blog/infosec-trends/shields-up-bolstering-your-security-posture-following-ukraine-invasion/): As we all watch the Ukraine invasion unfold on both physical and cyber warfare levels, we want to provide guidance to ensure all of our customers and partners remain as safe and secure as possible at all times.
- [19 InfoSec Resources You May Have Missed in January](https://www.exabeam.com/blog/infosec-trends/19-infosec-resources-you-may-have-missed-in-january/): In January, we created several resources for you. In case you missed them, here are 19 of our most recent pieces geared towards helping you mature your SOC and enhance your security posture with XDR and Next-gen SIEM. Whether you’re a CISO or a security practitioner, there is something on this list for you.
- [Exabeam/KPMG Joint Special Session After Report](https://www.exabeam.com/blog/infosec-trends/exabeam-kpmg-joint-special-session-after-report/): Exabeam and KPMG co-hosted an online session titled "Manufacturing Industry CISO Roundtable - From 'Prevention' to 'Discovery." The session covered trends in security incidents alongside the approaches and concerns of companies regarding security monitoring, and a discussion on the future outlook in the field.
- [4 Stages of Vulnerability Management: A Process for Risk Mitigation](https://www.exabeam.com/blog/infosec-trends/4-stages-of-vulnerability-management-a-process-for-risk-mitigation/): Learn what is vulnerability management, and how it can help you protect your security perimeter, including vulnerability management stages and best practices.
- [New CISO? 5 Things to Achieve In Your First 90 Days](https://www.exabeam.com/blog/infosec-trends/new-ciso-5-things-to-achieve-in-your-first-90-days/): The digital age and the increase in cyber threats have made the role of the CISO more important than ever. Here are 5 steps to achieve security success in the first 90 days as a CISO.
- [Our Customers Have Spoken: Exabeam named a 2021 Gartner Peer Insights™ Customers’ Choice for SIEM](https://www.exabeam.com/blog/infosec-trends/our-customers-have-spoken-exabeam-named-a-2021-gartner-peer-insights-customers-choice-for-siem/): We’re excited to share that we’ve been named a Customers’ Choice in the 2021 Gartner Peer Insights Voice of the Customer for SIEM.
- [Telecommunications Giant Teams Up with Exabeam to Mitigate Internal Fraud](https://www.exabeam.com/blog/infosec-trends/telecommunications-giant-teams-up-with-exabeam-to-mitigate-internal-fraud/): Capturing log data for threat analysis presented several problems for Jupiter. Learn how Jupiter successfully teamed with Exabeam for superior analytics-driven visibility and control of internal fraud.
- [Exabeam Cyberversity: A Resource for Cybersecurity Professionals](https://www.exabeam.com/blog/infosec-trends/exabeam-cyberversity-a-resource-for-cybersecurity-professionals/): Problem solvers, security mavens and new grads, this one is for you! Register for the next Cyberversity session on November 8 to learn more about a career in #cybersecurity.
- [Exabeam Signs Respect in Security Pledge](https://www.exabeam.com/blog/infosec-trends/exabeam-signs-respect-in-security-pledge/): We are happy to share that Exabeam signed the Respect in Security Pledge to support the prevention of all forms of harassment within the cybersecurity industry.
- [Ransomware: Prevent, Detect and Respond](https://www.exabeam.com/blog/infosec-trends/ransomware-prevent-detect-and-respond/): Ransomware is a form of malware designed to render data on an endpoint inaccessible to the user. In this post we'll be focusing on encrypting ransomware, as it is the most destructive and most common type of ransomware in today's environment.
- [MITRE ATT&CK® Update Covers Insider Threat Attack Techniques](https://www.exabeam.com/blog/infosec-trends/mitre-attck-update-covers-insider-threat-attack-techniques/): Every company is exposed to insider threats and the consequences of these attacks are often devastating. With the right set of behavior-based modeling, abnormal behavior from insiders can be tracked, mapped to attack scenarios and can be stopped before it becomes an issue for an organisation.
- [Detecting the New PetitPotam Attack With Exabeam](https://www.exabeam.com/blog/infosec-trends/detecting-the-new-petitpotam-attack-with-exabeam/): PetitPotam is a technique that could have a dramatic impact on a company's operations if it is used by the attackers. We recommend monitoring for attempts to access pipes named lsarpc/efsrpc/lsass/samr/netlogon.
- [The Challenges of Today’s CISO: Navigating the Balance of Compliance and Security](https://www.exabeam.com/blog/infosec-trends/the-challenges-of-todays-ciso-navigating-the-balance-of-compliance-and-security/): A modern CISO's success can depend on the quality of relationships and lines of communication built with executives, industry peers, and team members.
- [Human Managed Selects Exabeam to Drive Faster Decision-making](https://www.exabeam.com/blog/infosec-trends/human-managed-selects-exabeam-to-drive-faster-decision-making/): Partnering with Exabeam gave the Human Managed team just what it needed – the ability to gather relevant data, tie in context, and deliver necessary intelligence for crucial point-in-time security decisions.
- [Introducing the XDR Alliance!](https://www.exabeam.com/blog/infosec-trends/introducing-the-xdr-alliance/): Why did Exabeam drive the creation of this alliance with key security technology providers Armis, Expel, ExtraHop, Google Cloud Security, Mimecast, Netskope, and SentinelOne?
- [Dazed and Confused by the XDR Telenovela?](https://www.exabeam.com/blog/infosec-trends/dazed-and-confused-by-the-xdr-telenovela/): Confusing drama? Intrigue? Passion? Cliffhangers? Look no further than the XDR Telenovela and its never-ending stream of episodes.
- [Calling all SOC Warriors: Announcing The 2021 Exabeam Cybersecurity Excellence Awards!](https://www.exabeam.com/blog/infosec-trends/calling-all-soc-warriors-announcing-the-2021-exabeam-cybersecurity-excellence-awards/)
- [Detecting the Exploitation of Pentesting Tools: Gaining Power Over PowerShell](https://www.exabeam.com/blog/infosec-trends/detecting-the-exploitation-of-pentesting-tools-gaining-power-over-powershell/): In this post, we will go deeper into detection methodologies and what we should monitor to hunt for the artifacts. Here is the list from the last post.
- [Helping Retailers Deliver a Secure Omnichannel Experience](https://www.exabeam.com/blog/infosec-trends/helping-retailers-deliver-a-secure-omnichannel-experience/): Helping retailers protect data and maintain compliance while delivering a superior omnichannel experience.
- [Integrating Exabeam with Google Cloud IDS](https://www.exabeam.com/blog/infosec-trends/integrating-exabeam-with-google-cloud-ids/): Exabeam is proud to be an integration partner for the launch of Cloud IDS, giving our joint customers the ability to dramatically increase their threat visibility across their Google Cloud workload traffic, be those compute engines (GCE) or containers (GKE).
- [What is Phishing: 5 Signs of a Phishing Email](https://www.exabeam.com/blog/infosec-trends/what-is-phishing-5-signs-of-a-phishing-email/): Phishing is a cybersecurity threat and a type of social engineering tactic, aimed at collecting private information on the internet. Phishing scams are based on fake websites.
- [Detecting Printnightmare CVE 2021-1675/34527 Using Exabeam](https://www.exabeam.com/blog/infosec-trends/detecting-printnightmare-cve-2021-1675-34527-using-exabeam/): PrintNightmare allows an attacker to execute remote commands to gain full access to a domain controller and take over the whole domain — with user-level access.
- [Lessons From a New CISO: A Conversation with OU’s Aaron Baillio](https://www.exabeam.com/blog/infosec-trends/lessons-from-a-new-ciso-a-conversation-with-ous-aaron-baillio/): We sat down with Aaron Baillio, CISO at the University of Oklahoma, to discuss the path he took to his current role and the lessons learned along the way
- [How Attackers Leverage Pentesting Tools in the Wild](https://www.exabeam.com/blog/infosec-trends/how-attackers-leverage-pentesting-tools-in-the-wild/): In this two-part blog series we will be discussing in depth the use of pentesting tools in malware.
- [The New CISO Foundations: Building an Insider Threat Program from Scratch](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-foundations-building-an-insider-threat-program-from-scratch/): How should we build out a robust cybersecurity platform that doesn’t fall prey to complacency and become static in the face of ever-evolving threats? Rakuten's Senior Manager of Cybersecurity KT Boyle advises on how to build an insider threat program from scratch.
- [Exabeam Growth and the Opportunity Ahead](https://www.exabeam.com/blog/infosec-trends/exabeam-growth-and-the-opportunity-ahead/): Exabeam announced a $200 million Series F growth round at a valuation of $2.4 billion and we welcomed a new president and CEO, Michael (Mike) DeCesare, to the company.
- [Expand Coverage Against Threats with Exabeam Content Library and TDIR Use Case Packages](https://www.exabeam.com/blog/infosec-trends/expand-coverage-against-threats-with-exabeam-content-library-and-tdir-use-case-packages/): In this post, we explain more about each use case package and where to find supporting information in the Content Library.
- [MITRE Publishes Code Signing Policy Modification T1553.006 in the ATT&CK Framework](https://www.exabeam.com/blog/infosec-trends/mitre-publishes-code-signing-policy-modification-t1553-006-in-the-attck-framework/): On April 27, 2021, MITRE released a significant update to the MITRE ATT&CK framework which included several new and updated techniques, including T1553.006, code signing policy modification.
- [Exabeam Launches Cloud-delivered Fusion SIEM and Fusion XDR to Address Security Needs at Scale](https://www.exabeam.com/blog/infosec-trends/exabeam-launches-cloud-delivered-fusion-siem-and-fusion-xdr-to-address-security-needs-at-scale/): Today we announced Exabeam Fusion XDR and Exabeam Fusion SIEM, two new powerful cloud-delivered security products that efficiently solve threat detection, investigation and response (TDIR) without disrupting your existing technology stack.
- [Open XDR versus Native XDR](https://www.exabeam.com/blog/infosec-trends/open-xdr-versus-native-xdr/): In this blog post, we’ll define key attributes for each type of XDR solution, their respective advantages and disadvantages, and what type of XDR is best suited for what type of organization.
- [Equipping Sitech Services with the Tools to Tackle Insider Threats Head-On](https://www.exabeam.com/blog/infosec-trends/equipping-sitech-services-with-the-tools-to-tackle-insider-threats-head-on/): Leveraging all that the Exabeam Security Management Platform offers, Sitech is able to provide 24/7 protection and proactively detect the latest forms of cyber threats in a timely manner.
- [An XDR Prerequisite; Prescriptive, Threat-Centric Use Cases](https://www.exabeam.com/blog/infosec-trends/an-xdr-prerequisite-prescriptive-threat-centric-use-cases/): In this post, we’ll discuss why a use case-based approach is key to an effective XDR platform.
- [Why does the XDR market exist?](https://www.exabeam.com/blog/infosec-trends/why-does-the-xdr-market-exist/): In this post, we’ll talk about the market trends and drivers that have created the necessity for the XDR category... and emerging SIEMs.
- [How UEBA Could Have Detected the SolarWinds Breach](https://www.exabeam.com/blog/infosec-trends/how-ueba-could-have-detected-the-solarwinds-breach/): The infamous SolarWinds supply chain cyberattack in December was devastating not only because of its reach — extending to at least nine federal agencies, critical infrastructure entities, and more than 100 private sector organizations.
- [An Exchange Vulnerability in Ransomware](https://www.exabeam.com/blog/infosec-trends/an-exchange-vulnerability-in-ransomware/): A few days ago, in an article by Lawrence Abrams, a new ransomware flavor has been discussed in depth and I truly recommend that you read it.
- [Introducing Exabeam Alert Triage](https://www.exabeam.com/blog/infosec-trends/introducing-exabeam-alert-triage/): Today we announced Exabeam Alert Triage, a new cloud application that categorizes, aggregates and enriches security alerts, so analysts can confidently and efficiently dismiss or escalate security alerts from a single screen.
- [Ransomware’s Weakness: How to Turn Ransomware’s Achilles’ Heel Into the Defender’s Golden Hour](https://www.exabeam.com/blog/infosec-trends/ransomwares-weakness-how-to-turn-ransomwares-achilles-heel-into-the-defenders-golden-hour/): Ransomware has an Achilles’ heel, yet few organizations are paying attention to the canary in the coal mine.
- [Zero-days Like HAFNIUM Attacks on Exchange Servers Are the New Norm: Why UEBA Matters More Than Ever](https://www.exabeam.com/blog/infosec-trends/zero-days-like-hafnium-attacks-on-exchange-servers-are-the-new-norm-why-ueba-matters-more-than-ever/): Zero-days and compromises like the SolarWinds supply chain attack from late last year will continue to affect organizations and governments at scale.
- [Detecting Malicious Usage of Microsoft Binaries with Exabeam](https://www.exabeam.com/blog/infosec-trends/detecting-malicious-usage-of-microsoft-binaries-with-exabeam/): As attacks have become increasingly sophisticated and even use Windows-native services to blend in with regular activity, organizations need to remain vigilant in ensuring the correct permissions and monitoring all activity.
- [5 Lessons Learned Implementing a Modern Insider Risk Management Program](https://www.exabeam.com/blog/infosec-trends/5-lessons-learned-implementing-a-modern-insider-risk-management-program/): We’ve accomplished a lot in the past year — implementing and scaling up a modern approach to insider risk management — and, looking back, here are the big lessons we learned along the way.
- [Outcomes Above All: Helping Security Teams Outsmart the Odds](https://www.exabeam.com/blog/infosec-trends/outcomes-above-all-helping-security-teams-outsmart-the-odds/): I’m excited to share the most recent phase of Exabeam’s transformative journey—complete with a new website —as we help security teams outsmart attackers from the start.
- [Ethical Hacking: Why It’s Important & What Makes a Good Hacker](https://www.exabeam.com/blog/infosec-trends/ethical-hacking-why-its-important-what-makes-a-good-hacker/): Learn why ethical hacking is important, types of ethical hackers, and guidelines, techniques and certifications that can make a good hacker great.
- [How Lineas, Europe’s Largest Private Rail Freight Operator Found the Right Cybersecurity Tool](https://www.exabeam.com/blog/infosec-trends/how-lineas-europes-largest-private-rail-freight-operator-found-the-right-cybersecurity-tool/): Securing Lineas, How Europe’s largest private rail freight operator found the right cybersecurity tool.
- [Our Journey to Diversity and Inclusion in the Workplace](https://www.exabeam.com/blog/infosec-trends/our-journey-to-diversity-and-inclusion-in-the-workplace/): Our Journey to Diversity and Inclusion in the Workplace. Read more about Exabeam's CommUNITY Council and an interview with LaChristian Taylor who leads the Council.
- [Top 12 Posts from the Exabeam Blog](https://www.exabeam.com/blog/infosec-trends/top-12-posts-from-the-exabeam-blog/): Top 12 Posts from the Exabeam Blog including An Incident Investigator’s Cheat Code and Advanced Analytics Use Case: Detecting Compromised Credentials
- [Zero Trust Architecture, Practical Considerations for Implementation](https://www.exabeam.com/blog/infosec-trends/zero-trust-architecture-practical-considerations-for-implementation/): Zero Trust Architecture, Practical Considerations for Implementation The problem and its challenges Tackling the challenges The capabilities of various zero-trust solutions.
- [10 Cybersecurity Predictions for 2021: Trends in Protecting Remote Workforces, Part 3](https://www.exabeam.com/blog/infosec-trends/10-cybersecurity-predictions-for-2021-trends-in-protecting-remote-workforces-part-3/): ConclusionWith a pandemic driving the need for remote workforces as the major trend in 2020 and continuing through to 2021, we see an opportunity for security organizations to take action against malicious cyber criminals that will try to take advantage of this shift.
- [10 Cybersecurity Predictions for 2021: Trends in Protecting Remote Workforces, Part 2](https://www.exabeam.com/blog/infosec-trends/10-cybersecurity-predictions-for-2021-trends-in-protecting-remote-workforces-part-2/): This post looks at how processes will drive the rapid shift to digital transformation for organizations.
- [10 Cybersecurity Predictions for 2021: Trends in Protecting Remote Workforces, Part 1](https://www.exabeam.com/blog/infosec-trends/10-cybersecurity-predictions-for-2021-trends-in-protecting-remote-workforces-part-1/): We’ve compiled this list of cybersecurity predictions from experts across the Exabeam team, our partners and customers.
- [Escaping Dante’s SOC Inferno: Don’t Leave Me in Limbo](https://www.exabeam.com/blog/infosec-trends/escaping-dantes-soc-inferno-dont-leave-me-in-limbo/): When we’re doing investigations in the SOC, uncertainty can crop up, especially when you’re lacking a clear line of sight into what’s really happening.
- [FireEye and SolarWinds Cyber Attack: Information for Exabeam Customers and Partners](https://www.exabeam.com/blog/infosec-trends/fireeye-and-solarwinds-cyber-attack-information-for-exabeam-customers-and-partners/): As a cybersecurity vendor, we know how hard it is when a breach happens – especially one perpetrated by a well-funded, state-sponsored actor.
- [Escaping Dante’s SOC Inferno: A Question of Lust](https://www.exabeam.com/blog/infosec-trends/escaping-dantes-soc-inferno-a-question-of-lust/): In this penultimate post, today we’re looking at the second circle: Lust.
- [How to Protect Your Business When Credentials Fail](https://www.exabeam.com/blog/infosec-trends/how-to-protect-your-business-when-credentials-fail/): Are you like the 29% of organizations who still view passwords as one of the more effective security tools? If so, this is your wake-up call — and hopefully, it will be far less painful than the one Fortinet recently received.
- [My Take on the Market Trends Outlined in the Latest Analyst Report](https://www.exabeam.com/blog/infosec-trends/my-take-on-the-market-trends-outlined-in-the-latest-analyst-report/): One of the most significant changes for companies and governments alike in 2020, has been the acceleration of their digital transformation, including an expedited move to the cloud.
- [Helping Swedbank Secure a Global Financial Network](https://www.exabeam.com/blog/infosec-trends/helping-swedbank-secure-a-global-financial-network/): The Exabeam Security Management Platform gave Swedbank’s team the tools necessary to make quick, thorough investigations.
- [Outsmart the Odds ](https://www.exabeam.com/blog/infosec-trends/outsmart-the-odds/): Today at Spotlight20, I announced that Exabeam is refocusing to help security teams outsmart the odds.
- [And the Winners of the Exabeam Cybersecurity Scholarships Are…](https://www.exabeam.com/blog/infosec-trends/and-the-winners-of-the-exabeam-cybersecurity-scholarships-are/): Exabeam is proud to announce three winners of our Cybersecurity Scholarship Program who are all passionately pursuing their education and careers in information security.
- [Insider Threats: What Your Business Needs to Know](https://www.exabeam.com/blog/infosec-trends/insider-threats-what-your-business-needs-to-know-infographic/): Our infographic, “Mitigating insider threats with Exabeam” provides a high-level view of insider threat and the costs associated with it. When it comes to security breaches, insiders are responsible for a full 75 percent of all security events.
- [Riot Games’ Chris Hymes on Cybersecurity for the Gaming Industry](https://www.exabeam.com/blog/infosec-trends/riot-games-chris-hymes-on-cybersecurity-for-the-gaming-industry/): Recently, Riot Games’ Chris Hymes appeared on “The New CISO” podcast to discuss the company’s security measures, as well as his own thoughts on building a safe infrastructure.
- [Apache NiFi, SQL Server, and Kerberos Authentication](https://www.exabeam.com/blog/infosec-trends/apache-nifi-sql-server-and-kerberos-authentication/): In this post, the third of our series on using NiFi, you’ll learn get how to set up Apache NiFi to pull from a SQL database with Kerberos authentication, convert the output to JSON format, then stream that to a remote log collection platform.
- [Zero Trust Architecture: 5 Pillars, Pros/Cons & Tips for Success](https://www.exabeam.com/blog/infosec-trends/zero-trust-architecture-best-practices-for-safer-networks/): Zero trust architectures are constructed on the basis that there is no secure perimeter—every event and connection is considered untrusted and potentially malicious.
- [Who is APT29?](https://www.exabeam.com/blog/infosec-trends/who-is-apt29/): Who is this group APT29, and why are they interested in COVID-19 data? We’ll break it down.
- [Getting Visibility of High-Risk Activity Across Your Cloud Applications ](https://www.exabeam.com/blog/infosec-trends/getting-visibility-of-high-risk-activity-across-your-cloud-applications/): This post discusses getting visibility of high-risk activity in your cloud applications as you support remote workers and the importance of collecting log data from those applications for investigations in your UEBA for real-time analysis.
- [Are Passwords a Thing of the Past? Getting Ahead of Credential Stuffing Attacks](https://www.exabeam.com/blog/infosec-trends/are-passwords-a-thing-of-the-past-getting-ahead-of-credential-stuffing-attacks/): Password management has always been a significant challenge for IT organizations trying to balance user experience and security.
- [Disruptive Transformation: What Caterpillars Can Teach Us about Cybersecurity in the Pandemic Era](https://www.exabeam.com/blog/infosec-trends/disruptive-transformation-what-caterpillars-can-teach-us-about-cybersecurity-in-the-pandemic-era/): We are dealing with the COVID-19 pandemic. this post helps provide guidance on how security practitioners can adapt to the Cybersecurity changes they face as in the Pandemic-Era, and then eventually reemerge to a post-pandemic world.
- [The New CISO Podcast: Ed Kiledjian on Recovering from a “Bad CISO”](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-ed-kiledjian-on-recovering-from-a-bad-ciso/)
- [Dark Mode Now Available for Exabeam Customers](https://www.exabeam.com/blog/infosec-trends/dark-mode-now-available-for-exabeam-customers/): We recently launched a dark mode screen option for Exabeam Advanced Analytics, Incident Response and Case Manager release i52 in response to customer feedback.
- [Kubernetes Security Monitoring: How to Gain Visibility and Prevent Breaches](https://www.exabeam.com/blog/infosec-trends/kubernetes-security-monitoring-how-to-gain-visibility-and-prevent-breaches/): Kubernetes makes your applications faster. However, that does not eliminate the need to keep an eye on security.
- [Military Awareness Month: Helping Veterans Start a Career in Cybersecurity](https://www.exabeam.com/blog/infosec-trends/military-awareness-month-helping-veterans-start-a-career-in-cybersecurity/): In this post we look at the efforts of one employee and the nonprofit organization he works with to help veterans start a career in security.
- [How to Syslog Windows Logs for Free](https://www.exabeam.com/blog/infosec-trends/how-to-syslog-windows-logs-for-free/): In this article Jim Chrisos will cover the installation of the free NXLog Community Edition and its configuration.
- [Are Your Systems NIST 800-171 Compliant? What You Need to Know](https://www.exabeam.com/blog/infosec-trends/are-your-systems-nist-800-171-compliant-what-you-need-to-know/): This white paper explains the recent NIST 800-171 guidelines and how to safeguard data or controlled unclassified information in non-government systems against cyberattacks.
- [7 Cloud Security Tools to Watch for in 2020](https://www.exabeam.com/blog/infosec-trends/7-cloud-security-tools-to-watch-for-in-2020/)
- [The New CISO Podcast: Martin Littmann on Managing a Remote Team](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-martin-littmann-on-managing-a-remote-team/): Cloud security is more important than ever as more workloads move to the cloud, better tools are being developed to secure both data and environments.
- [Is Our U.S. Election Process Too Large and Complex to Secure? Part 2](https://www.exabeam.com/blog/infosec-trends/is-our-u-s-election-process-too-large-and-complex-to-secure-part-2/): Securing the election process is challenging. Voting machines are just one piece of our complex American voting system.
- [Securing Your Remote Workforce, Part 5: Helping Your End Users Stay Protected](https://www.exabeam.com/blog/infosec-trends/securing-your-remote-workforce-part-5-helping-your-end-users-stay-protected/): In this post, Alex Koshlich Director of InfoSec at Exabeam will describe some of the challenges his team is facing and offer suggestions to help secure your workforce and ensure your employees stay protected.
- [Top Cybersecurity Best Practices for the Hybrid Cloud](https://www.exabeam.com/blog/infosec-trends/top-cybersecurity-best-practices-for-the-hybrid-cloud/): Hybrid clouds are complex environments that require special and careful care during every step—from migration and configuration, to monitoring and data protection.
- [Are Vulnerabilities in our U.S. Elections Insurmountable? Part 1Are Vulnerabilities in our U.S. Elections Insurmountable? Part 1Are Vulnerabilities in our U.S. Elections Insurmountable? Part 1](https://www.exabeam.com/blog/infosec-trends/are-vulnerabilities-in-our-u-s-elections-insurmountable-part-1/): In this two-part blog series, we look at vulnerabilities in campaigns, the election process, and the voting system.
- [Securing Your Remote Workforce, Part 2: Detecting Unusual VPN Access and Best Practices to Secure VPN Services](https://www.exabeam.com/blog/infosec-trends/securing-your-remote-workforce-part-2-detecting-unusual-vpn-access-and-best-practices-to-secure-vpn-services/): This is Securing Your Remote Workforce, Part 2: Detecting Unusual VPN Access and Best Practices to Secure VPN Services. Learn how you can improve VPN security.
- [Machine Learning for Cybersecurity: Next-Gen Protection Against Cyber Threats](https://www.exabeam.com/blog/infosec-trends/machine-learning-for-cybersecurity-next-gen-protection-against-cyber-threats/): Learn why machine learning is critical for defending against new cyber threats, and how machine learning is used to protect networks and applications.
- [How Exabeam Helps Blue Teams Counter Red Team Attacks](https://www.exabeam.com/blog/infosec-trends/how-exabeam-helps-blue-teams-counter-red-team-attacks/): Although red teams test security systems and blue teams focus on defense, he demonstrated how vital it is that both teams work in collaboration.
- [Recent Ransomware Attacks Raise the Stakes for Data Exfiltration](https://www.exabeam.com/blog/infosec-trends/recent-ransomware-attacks-raise-the-stakes-for-data-exfiltration/): Threat actors are no longer content with just encrypting data and then asking for a ransom before they decrypt the information. Instead, they’re exfiltrating the data during the attack and making a copy off site to extort money and conduct smear campaigns later.
- [2020 U.S. Elections: Vulnerable to Cyberattacks?](https://www.exabeam.com/blog/infosec-trends/2020-u-s-elections-vulnerable-to-cyberattacks/): Although there’s so much at stake with this year’s U.S. presidential election, security weaknesses throughout the election process, including the voting system still exist exposing the election to cyber threats.
- [Leverage MITRE ATT&CK to Gain Iranian Cyberattack Insights](https://www.exabeam.com/blog/infosec-trends/leverage-mitre-attck-to-gain-iranian-cyberattack-insights/): Continued tension between the US and Iran—along with attacks originating from Iranian groups—suggest that such cyberattacks from Iran-affiliated actors will continue.
- [Census Security: Solutions for Protecting Complex Cloud Systems](https://www.exabeam.com/blog/infosec-trends/census-security-solutions-for-protecting-complex-cloud-systems/): Is the census secure? Results of a 2020 Census cloud security audit, however, validate reasons for concern – and carry lessons that may apply to other organizations that are moving vital operations into the cloud.
- [12 Cybersecurity Podcasts For Your Playlist](https://www.exabeam.com/blog/infosec-trends/12-cybersecurity-podcasts-for-your-playlist/): Podcasts provide a great opportunity to learn from peers, gain knowledge and hear the latest on incidents. But weeding through them in the app store can feel overwhelming. We’ve narrowed it down for you by choosing our security podcast favorites to help you find a podcast that deserves a place on your playlist.
- [How to Reduce Your Attack Surface with 11 Proven Tips ](https://www.exabeam.com/blog/infosec-trends/how-to-reduce-your-attack-surface-with-11-proven-tips/): Reducing your attack surface is often far more effective than layering additional security on top to prevent threats. This post looks at 11 ways to make your environment more secure.
- [The New CISO Podcast: Lakshmi Hanspal’s Six Pillars of Responsibility](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-lakshmi-hanspals-six-pillars-of-responsibility/): The New CISO Podcast features Lakshmi Hanspal and her Six Pillars of Responsibility. Join Steve Moore and Lakshmi to hear what being a modern CISO means.
- [How to Build Logging Pipelines That Outlast Your Security Vendor](https://www.exabeam.com/blog/infosec-trends/how-to-build-logging-pipelines-that-outlast-your-security-vendor/): Security vendors come and go but your logging pipelines should remain forever. This article shows how to build logging pipelines to outlive your security vendor.
- [Lifting the Veil on Cloud Security](https://www.exabeam.com/blog/infosec-trends/lifting-the-veil-on-cloud-security/): Getting a true 360-degree view is never easy, but at least in legacy on-premises scenarios it has felt achievable.
- [Top 11 Posts on Incident Response, DLP, SOC, SIEM and Information Security from the Exabeam Blog](https://www.exabeam.com/blog/infosec-trends/top-11-posts-on-incident-response-dlp-soc-siem-and-information-security-from-the-exabeam-blog/): With 2020 around the corner, we took a look back to see what our readers were reading this year. Here’s the list of the most popular topics and posts from our blog.
- [Cyber Crime: Types, Examples, and What Your Business Can Do](https://www.exabeam.com/blog/infosec-trends/cyber-crime-types-examples-and-what-your-business-can-do/): Learn about the widespread, dangerous phenomenon of cyber crime, how it works and how it spreads, and how incident response can help your business prepare.
- [How Magnetic Stripes Revolutionized the Payment Industry](https://www.exabeam.com/blog/infosec-trends/how-mag-stripes-revolutionized-the-payment-industry/): The move from the magnetic stripe toward EMV chips on credit cards is driven, in large part, by how easy it is for criminals to capture a customer’s information, then create a new magnetic-stripe card that can be used anywhere strip-based cards are accepted.
- [Drive By Downloads: What They Are and How to Avoid Them](https://www.exabeam.com/blog/infosec-trends/drive-by-downloads-what-they-are-and-how-to-avoid-them/): Learn what drive by downloads are, how they work and how attackers use them, and discover some steps you can take to keep your organization protected.
- [Eight Cybersecurity Predictions for 2020](https://www.exabeam.com/blog/infosec-trends/eight-cybersecurity-predictions-for-2020/): Here are the eight cybersecurity predictions for 2020, structured by People, Processes and Technology—the familiar pillars of organization transformation that underpin the globally used information security standard, ISO/IEC 27001.
- [MITRE ATT&CK Technique T1503: Credentials from Web Browsers](https://www.exabeam.com/blog/infosec-trends/mitre-attck-technique-t1503-credentials-from-web-browsers/): MITRE ATT&CK Technique T1503: Credentials from Web Browsers. The technique was submitted by Exabeam. This post explains how T1503 works and how to protect against it.
- [Morris Worm: How a Simple Experiment Led to the First Computer Worm](https://www.exabeam.com/blog/infosec-trends/morris-worm-how-a-simple-experiment-led-to-the-first-computer-worm/): The Morris Worm specifically targeted Unix operating systems, but it had multiple vectors that allowed it to spread beyond that initial limitation.
- [Highlights from the Inaugural Hackathon at Spotlight ’19 ](https://www.exabeam.com/blog/infosec-trends/highlights-from-the-inaugural-hackathon-at-spotlight-19/): Our team enjoyed hanging out with you all and witnessing your creativity and problem-solving skills.
- [The Exabeam 2019 Cybersecurity Salary, Skills and Stress Survey Results are Here](https://www.exabeam.com/blog/infosec-trends/the-exabeam-2019-cybersecurity-salary-skills-and-stress-survey-results-are-here/): The Exabeam 2019 Cybersecurity Salary, Skills and Stress Survey was compiled from an international survey of 479 security professionals who work in the field (or related fields) of cybersecurity, threat management, or information security.
- [Top 10 Threat-Hunting Terms for the Security Practitioner](https://www.exabeam.com/blog/infosec-trends/top-10-threat-hunting-terms-for-the-security-practitioner/): We’ve put together the top 10 threat-hunting terms as a refresher for enterprise security staff who deal with them on a daily basis. Each term is linked to a previous Exabeam blog posts and educational resources that provide greater detail on the topic.
- [Spotlight19 Recap: Three Trends in Security Management](https://www.exabeam.com/blog/infosec-trends/spotlight19-recap-three-trends-in-security-management/): I spent last week engaging with the 250 Exabeam customers and partners attending our annual user conference, Exabeam Spotlight19. It is a great opportunity to identify market trends.
- [Keeping Up with Insider Risk Management in an Ever-Changing Landscape](https://www.exabeam.com/blog/infosec-trends/keeping-up-with-insider-risk-management-in-an-ever-changing-landscape/): In the new book, Insider Risk Management: Adapting to the Evolving Security Landscape, Shawn M. Thompson discusses the threat a business’s trusted employees pose to their organizations.
- [The Story Behind the Anonymous Mask](https://www.exabeam.com/blog/infosec-trends/the-story-behind-the-anonymous-mask/): The Anonymous mask has an interesting history. It pays tribute to a man named Guy Fawkes who is best known for trying to blow up the House of Lords in London in the Gunpowder Plot of 1605.
- [The New CISO Podcast: David Tyburski on Cybersecurity Education vs. Training … and the Best Sushi in Vegas](https://www.exabeam.com/blog/infosec-trends/the-new-ciso-podcast-david-tyburski-on-cybersecurity-education-vs-training-and-the-best-sushi-in-vegas/): Exabeam Chief Security Strategist Steve Moore speaks to CISO David Tyburski of ynn Resorts and gets his take on cybersecurity Education Vs. Training…and the Best Sushi in Vegas
- [IT Security: What You Should Know](https://www.exabeam.com/blog/infosec-trends/it-security-what-you-should-know/): What is Information Technology (IT) security? Why makes it important and What are the best practices and tools for IT security?
- [The Case for Automating Security in the Development Process ](https://www.exabeam.com/blog/infosec-trends/the-case-for-automating-security-in-the-development-process/): Security automation is the use of technology to automate analysis of security vulnerabilities and incident response in applications and systems.
- [How RSA and the Diffie-Hellman Key Exchange Became the Most Popular Cryptosystems](https://www.exabeam.com/blog/infosec-trends/how-rsa-and-the-diffie-hellman-key-exchange-became-the-most-popular-cryptosystems/): RSA is a form of public-key cryptography, which is used to secure communication between multiple parties. The exchange uses public keys to encrypt data as it travels electronically. RSA is what’s known as asymmetric cryptography, which uses a combination of public and private keys for security.
- [How to Start Security Automation with Exabeam](https://www.exabeam.com/blog/infosec-trends/how-to-start-security-automation-with-exabeam/): Achieve security automation and detection for advanced insights With Exabeam. When most organizations look for automation solutions, they turn to a security orchestration and automated response (SOAR) solution, which uses application programming interfaces (APIs) to automate response and remediation through playbooks.
- [Active Directory: a New Product for a New Millennium](https://www.exabeam.com/blog/infosec-trends/active-directory-a-new-product-for-a-new-millennium/): A history of active directory and how Microsoft is likely to continue to dominate the network and identity management space for many years to come.
- [Announcing the Security Management Excellence Awards ](https://www.exabeam.com/blog/infosec-trends/announcing-the-security-management-excellence-awards/): The Security Management Excellence Awards recognize Exabeam customers that distinguish themselves through excellence and innovation in security management across the following five categories:
- [Protecting Data in University and Higher Education Institutions](https://www.exabeam.com/blog/infosec-trends/protecting-data-in-university-and-higher-education-institutions/): Learn how hackers identify security weaknesses in higher education networks during a penetration test.
- [How to Investigate a Phishing Incident](https://www.exabeam.com/blog/infosec-trends/how-to-investigate-a-phishing-incident-video-series/): Watch a phishing email investigation using a legacy SIEM vs. a modern SIEM and the advantages a phishing investigation with Exabeam.
- [Sircam: Worm, Virus, Trojan Horse?](https://www.exabeam.com/blog/infosec-trends/sircam-worm-virus-trojan-horse/): In the early 2000s Sircam, a dangerous program that combined the characteristics of a worm, virus, and a Trojan horse began to appear in people's inboxes.
- [How an Airline Solves Unique, Non-Security Use Cases With Exabeam’s Analytics](https://www.exabeam.com/blog/infosec-trends/how-an-airline-solves-unique-non-security-use-cases-with-exabeams-analytics/): In this article, we look at the experiences of a major global airline that uses Exabeam primarily for enterprise security but also leverages analytics to solve problems ranging from fraud to operations.
- [Top 10 Data Lake Query Tricks](https://www.exabeam.com/blog/infosec-trends/top-10-data-lake-query-tricks/): Ten handy query tips that can help you use Exabeam Data Lake to its fullest.
- [DEF CON: From Failed Party and Movie Inspiration to Global Dominance](https://www.exabeam.com/blog/infosec-trends/def-con-from-failed-party-and-movie-inspiration-to-global-dominance/): Learn the history of DEF CON - a legendary cybersecurity convention.
- [Happy Birthday GDPR: A Party Without Cake Is Just a Meeting](https://www.exabeam.com/blog/infosec-trends/happy-birthday-gdpr-a-party-without-cake-is-just-a-meeting/): On Friday, May 25th, 2018, the General Data Protection Regulation (GDPR) launched. Now one year later we take a look at how it has impacted the protection of privacy and data security.
- [From Military Service to Cybersecurity: Veterans Share Their Experiences](https://www.exabeam.com/blog/infosec-trends/from-military-service-to-cybersecurity-veterans-share-their-experiences/): With May being National Military Appreciation Month we asked veterans at Exabeam to share some tips for those who want to get into cybersecurity and their thoughts about the industry.
- [Advanced Encryption Standard: Keeping Classified Information Safe](https://www.exabeam.com/blog/infosec-trends/advanced-encryption-standard-keeping-classified-information-safe/): Advanced Encryption Standard (AES) is available royalty-free worldwide and used by the US government to encrypt classified documents. AES brought 128-bit encryption to the market.
- [MITRE Publishes Domain Generation Algorithm T1483 in the ATT&CK Framework](https://www.exabeam.com/blog/infosec-trends/mitre-publishes-domain-generation-algorithm-t1483-in-the-attck-framework/): Yesterday MITRE released a significant update to the MITRE ATT&CK framework which included several new and updated techniques. One of those techniques, T1483 domain generation algorithms (DGA) was submitted by our research team.
- [Five Takeaways from Google Next on how to Secure Your Cloud Deployments](https://www.exabeam.com/blog/infosec-trends/five-takeaways-from-google-next-on-how-to-secure-your-cloud-deployments/): Learn the key takeaways from the “Secure Your Google Cloud Deployments Using Leading Security Partner Solutions” at Google Next panel.
- [Announcing “The New CISO” Podcast](https://www.exabeam.com/blog/infosec-trends/announcing-the-new-ciso-podcast/): We are excited to launch The New CISO, a podcast dedicated to providing IT security leaders with practical advice, guidance, and lessons learned from peers.
- [Stop Destroying Evidence: Why Understanding the Entire Attack Chain Before Responding is Critical](https://www.exabeam.com/blog/infosec-trends/stop-destroying-evidence-why-understanding-the-entire-attack-chain-before-responding-is-critical/): Learn why understanding the entire attack chain, including techniques like lateral movement, before responding is critical to successful remediation.
- [CISOs on the Board and 5 Actions They Should Take](https://www.exabeam.com/blog/infosec-trends/cisos-on-the-board-and-5-actions-they-should-take/): When you’re the chief information security officer (CISO) for an organization, it’s concerning that too frequently most board members don’t understand what you do.
- [Crypto Mining: A Potential Insider Threat Hidden In Your Network](https://www.exabeam.com/blog/infosec-trends/crypto-mining-a-potential-insider-threat-hidden-in-your-network/): Read Exabeam’s latest research report about the hidden world of cryptocurrency mining, called "crypto mining" and how malicious insiders can abuse their IT rights.
- [Defending Against Ransomware: Prevention, Protection, Removal](https://www.exabeam.com/blog/infosec-trends/defending-against-ransomware-prevention-protection-removal/): An effective ransomware defense strategy is essential to prevent extensive damage and must include three pillars: prevention, protection, and quick removal.
- [What is Security Intelligence?](https://www.exabeam.com/blog/infosec-trends/what-is-security-intelligence/): The information relevant to protecting an organization from internal and external cyber threats as well as the processes, policies, and technology designed to gather and analyze that information.
- [How Asset Clustering Provides Improved Alert Quality – A Machine Learning Application](https://www.exabeam.com/blog/infosec-trends/how-asset-clustering-provides-improved-alert-quality-a-machine-learning-application/): Learn about a machine learning use case that clusters network assets (or devices) into groups to improve the alert quality from peer-based analysis.
- [Alan Woodward’s Top 10 Cybersecurity Predictions for 2019](https://www.exabeam.com/blog/infosec-trends/alan-woodwards-top-10-cybersecurity-predictions-for-2019/): 2019 promises to be as difficult to predict as every year, so Exabeam spoke to Professor Alan Woodward from the University of Surrey to get his thoughts on the cyber security landscape for the year ahead.
- [Operation Aurora – 2010’s Major Breach by Chinese Hackers](https://www.exabeam.com/blog/infosec-trends/operation-aurora-2010s-major-breach-by-chinese-hackers/): Exabeam’s Cybersecurity History Review: Read about Operation Aurora and the series of cyberattacks conducted by the Elderwood Group based in Beijing, China, with ties to the People's Liberation Army.
- [Exabeam’s Top Cybersecurity Blog Posts of 2018](https://www.exabeam.com/blog/infosec-trends/exabeams-top-cybersecurity-blog-posts-of-2018/): 2018 was a memorable year for cybersecurity. Millions of people were impacted as we saw more companies hit by megabreaches—from a major hotel chain to a social media platform used by billions. Here are our top 10 blog posts that had the biggest readership and were the most noteworthy.
- [How a Global Engineering Firm Protects its Private Cloud](https://www.exabeam.com/blog/infosec-trends/how-a-global-engineering-firm-protects-its-private-cloud/): Read about the cloud security strategies of a global engineering firm and how it’s essential that this firm protects their network of virtual machines (VMs) in their private cloud.
- [How a Global Apparel Company Prevents Source Code Theft in the Cloud](https://www.exabeam.com/blog/infosec-trends/how-a-global-apparel-company-prevents-source-code-theft-in-the-cloud/): Read how this retail manufacturer that embraces cloud technology is stopping their source code intellectual property (IP) from falling into the wrong hands and preventing those with malicious intent from injecting malware or ransomware.
- [Cybersecurity Social Influencers Share Their Predictions for 2019](https://www.exabeam.com/blog/infosec-trends/cybersecurity-social-influencers-share-their-predictions-for-2019/): With more individual records exposed in the first six months of 2018 than in all of 2017, one could call 2018 “The Year of the Megabreach.” Read how 2018 represents more than a surge in the breach statistics and what cybersecurity social influencers are predicting for 2019.
- [How Integrating Case Management with UEBA Streamlines Analyst Workflows](https://www.exabeam.com/blog/infosec-trends/how-integrating-case-management-with-ueba-streamlines-analyst-workflows/): Learn how Exabeam Case Manager allows analysts to consolidate security alerts and automatically enrich cases with context, investigative artifacts, and risk reasons so analysts can better understand their security posture and focus on high risk alerts.
- [Exabeam’s 2019 Cybersecurity Predictions](https://www.exabeam.com/blog/infosec-trends/exabeams-2019-cybersecurity-predictions/): Sharing their years of experience tracking and analyzing organizational and governmental weakness to the maneuverings of major breaches, Exabeam’s top cybersecurity sleuths share their Security Predictions for 2019.
- [How Ransomware’s New Breed of “Data Kidnappers” Are Taking Down Global Enterprises and Even Governments](https://www.exabeam.com/blog/infosec-trends/how-ransomwares-new-breed-of-data-kidnappers-are-taking-down-global-enterprises-and-even-governments/): In this post we look at a few recent attacks that have targeted the “bigger fish,” ranging from a major shipping port to national golf tournaments to nation states.
- [Improving Cloud Security Through Monitoring and Analytics](https://www.exabeam.com/blog/infosec-trends/improving-cloud-security-through-monitoring-and-analytics/): Now more than ever, organizations must utilize cloud-based security solutions to ensure their customer information and data are secure, as well as having expertise on the security and regulatory issues involved. Now let’s examine the specific steps you can take to ensure you’re keeping your cloud deployments secure.
- [The Challenges of Cloud Security](https://www.exabeam.com/blog/infosec-trends/the-challenges-of-cloud-security/): You might have a good handle on your on-premise network security, but what do you know about cloud security and threats to your cloud operations?
- [Trends in Ransomware Attacks on High-Value Critical Infrastructure Targets](https://www.exabeam.com/blog/infosec-trends/trends-in-ransomware-attacks-on-high-value-critical-infrastructure-targets/): Verizon’s 2018 Data Breach Investigations Report cites ransomware as the cause of 39 percent of malware-related data breaches. That’s more than double the previous year, which was double that of the year before.
- [Detecting Suspicious Lateral Movements During a Cybersecurity Breach](https://www.exabeam.com/blog/infosec-trends/detecting-suspicious-lateral-movements-during-a-cybersecurity-breach/): Lateral movement refers to techniques cyber attackers use to progressively move through a network, searching for targeted key data and assets.
- [5 Key Cybersecurity Trends – What I Learned at Exabeam Spotlight 2018](https://www.exabeam.com/blog/infosec-trends/5-key-cybersecurity-trends-what-i-learned-at-exabeam-spotlight-2018/): Exabeam Spotlight 2018 inaugural user conference. Whether speaking with a security leader, analyst, or insider threat program manager, the overarching theme is that change is a cybersecurity constant. And to be a cybersecurity expert in today’s environment requires leadership, agility, and knowledge.
- [How to Stop Cyberattacks on Your IoT Infrastructure](https://www.exabeam.com/blog/infosec-trends/how-to-stop-cyberattacks-on-your-iot-infrastructure/): Are IoT devices like security cameras, printers, and thermostats creating cybersecurity risks?
- [Cybersecurity Strategies for the Growing Risks of the Internet of Things (IoT)](https://www.exabeam.com/blog/infosec-trends/cybersecurity-strategies-for-the-growing-risks-of-the-internet-of-things-iot/): The cybersecurity challenge of securing IoT is a complex and extensive due to the fact that IoT devices are deployed over a wide attack surface and contain numerous threat vectors such as authentication and authorization, software, device threats, network threats, and OS level vulnerabilities.
- [Has the Notorious Carbanak Cybercrime Spree Reached its Finale? What You Need to Know About Stopping the Next APT Attack.](https://www.exabeam.com/blog/infosec-trends/has-the-notorious-carbanak-cybercrime-spree-reached-its-finale-what-you-need-to-know-about-stopping-the-next-apt-attack/): While the true extent of the Carbanak cybercrime spree is controversial—the FBI and U.S. Secret Service issued a joint statement saying that they have not received a single report that Carbanak malware affected the U.S. financial sector (countering the claims made by some cybersecurity companies)—understanding and preparing for all the possible permutations of an APT attack is critical.
- [The Web Browser: A Critical Source for Digital Forensic and Cybersecurity Investigations](https://www.exabeam.com/blog/infosec-trends/the-web-browser-a-critical-source-for-digital-forensic-and-cybersecurity-investigations/): Many questions are common across different types of investigations, and Synopsis helps analysts get the answers they need quickly.
- [Understanding the Role of Artificial Intelligence, Machine Learning, and Deep Learning in Cybersecurity](https://www.exabeam.com/blog/infosec-trends/understanding-the-role-of-artificial-intelligence-machine-learning-and-deep-learning-in-cybersecurity/): When it comes to artificial intelligence (AI) and machine learning (ML), there’s no shortage of buzz and hype. Often referred to interchangeably, artificial intelligence and machine learning are part of our daily reality and technology lexicon—whether it’s in a product marketing pitch or a Netflix recommendation for which movie to see.
- [On-the-Job Cryptocurrency Mining: Protecting your organization from energy theft](https://www.exabeam.com/blog/infosec-trends/on-the-job-cryptocurrency-mining-protecting-your-organization-from-energy-theft/): While cryptocurrencies are being traded around the world, what we don’t see are the hundreds of thousands of crypto-specialized computers and servers that are “mining” such currencies to release new cryptocurrency into circulation.
- [How Criminals Can Build a “Web Dossier” from Your Browser](https://www.exabeam.com/blog/infosec-trends/how-criminals-can-build-a-web-dossier-from-your-browser/): All kinds of personal information, from your location, work hours, habits, banks, applications, and even passwords are there for the taking.
- [Is this Chad’s Personal E-mail Address? A Data Exfiltration Context](https://www.exabeam.com/blog/infosec-trends/is-this-chads-personal-e-mail-address-a-data-exfiltration-context/): Data exfiltration is a common, multi-faceted security threat every enterprise faces. It’s defined as the unauthorized transfer of private data or intellectual property from a corporate computer to an external location.
- [Extracting Actionable Information from Windows Events](https://www.exabeam.com/blog/infosec-trends/extracting-actionable-information-from-windows-events/): Within your corporate network, Windows event logs are a primary source of information that is critical to understanding user behavior and emerging security threats. But examining events individually does not provide the comprehensive picture that lets you see unusual or suspicious behaviors.
- [DFIR 101: Triage Collection](https://www.exabeam.com/blog/infosec-trends/dfir-101-triage-collection/): During a typical day, your team might have to review dozens or hundreds of security alerts, hopefully only a fraction of which will turn out to be real incidents.
- [Webinar Recap: 2017 Cybersecurity Trends and Predictions](https://www.exabeam.com/blog/infosec-trends/webinar-recap-2017-cybersecurity-trends-predictions/): Exabeam Chief Security Strategist, Stephen Moore and Exabeam Director of Threat Research, Barry Shteiman expanded on the current state of play and the future of cybersecurity in a recent webinar.
- [The Future of Cybersecurity and Industry Predictions](https://www.exabeam.com/blog/infosec-trends/the-future-of-cybersecurity-industry-predictions/): The role of the CISO has been a divisive topic since it was created. The question of whether they are legitimate influencers, or solely an insurance policy in the event of a security breach, has plagued the role. However, this is starting to change.
- [Exabeam Highlighted in the Expanding Cisco Security Technology Ecosystem](https://www.exabeam.com/blog/infosec-trends/exabeam-highlighted-in-the-expanding-cisco-security-technology-ecosystem/): Here at Exabeam, we’re thrilled to have been prominently mentioned several times throughout the announcement for the value our integrations deliver to joint Cisco / Exabeam customers.
- [Machine Learning SDK for Security Analytics](https://www.exabeam.com/blog/infosec-trends/machine-learning-sdk-for-security-analytics/): In this blog, I describe an infrastructure with an open security data science platform with its SDK/API that effectively removes the barriers of entry to UEBA for data scientists.
- [Anomalous User Activity Detection in Enterprise Multi-Source Logs](https://www.exabeam.com/blog/infosec-trends/anomalous-user-activity-detection-in-enterprise-multi-source-logs/): In this blog I describe a user activity behavior anomaly detection method for practical purpose.
- [Account Resolution via Market Basket Analysis](https://www.exabeam.com/blog/infosec-trends/account-resolution-via-market-basket-analysis/): This post discusses using machine learning to indicate whether two or more accounts actually belong to one same person.
- [Why is Critical Infrastructure So Vulnerable to Insider Threats?](https://www.exabeam.com/blog/infosec-trends/why-is-critical-infrastructure-so-vulnerable-to-insider-threats/): It’s clear that traditional security management approaches cannot effectively address the insider threat to critical infrastructure, leaving companies unable to detect or respond to them immediately.
- [Too Many Alerts… Just Give Me the Interesting Ones!](https://www.exabeam.com/blog/infosec-trends/too-many-alerts-just-give-me-the-interesting-ones/): Not all of the indicators are born equal in their potential to raise an alert.
- [A Machine Learning Study on Phishing URL Detection](https://www.exabeam.com/blog/infosec-trends/a-machine-learning-study-on-phishing-url-detection/): Our goal is to flag a suspicious phishing URL previously unknown to blacklist data providers. Machine learning offers a solution used for such a prediction task.
- [On True Positives and Security Incidents](https://www.exabeam.com/blog/infosec-trends/on-true-positives-and-security-incidents/): How looking past true positives can provide valuable insight about the state of your organization's security posture.
- [First-time Access to an Asset – Is it Risky or Not? A Machine Learning Question](https://www.exabeam.com/blog/infosec-trends/first-time-access-to-an-asset-is-it-risky-or-not-a-machine-learning-question/): We have seen as much as 30%-50% reduction in alert suppression in various scenarios in real environments. This is a great example of machine learning at work for UEBA where machine learning is not only used to enhance detection but also to minimize false positives.
- [Exabeam Announces First Ever Scholarship Competition](https://www.exabeam.com/blog/infosec-trends/exabeam-announces-first-ever-scholarship-competition/): As part of our commitment to the future fight against cyber-crime, we are excited to announce details related to our first ever college scholarship essay contest.
- [Finding a Security Unicorn](https://www.exabeam.com/blog/infosec-trends/finding-a-security-unicorn/): According to a new report, the unemployment rate for cybersecurity jobs is currently zero. On average, there are two open jobs available for every candidate, with over 1 million open IT security positions.
- [Exabeam Cleans Up At Network Product Guide’s 2016 IT World Awards](https://www.exabeam.com/blog/infosec-trends/exabeam-cleans-up-at-network-product-guides-2016-it-world-awards/): Recently, Exabeam had the honor of being selected as the recipient of six awards at the 2016 Network Product Guide IT World Awards.
- [It’s Not Always the Hackers…](https://www.exabeam.com/blog/infosec-trends/its-not-always-the-hackers/): The insider’s theft may seem small and it might be harder to catch, but the impacts can be huge.
- [Ransomware: Why Steal When You Can Disrupt?](https://www.exabeam.com/blog/infosec-trends/ransomware-why-steal-when-you-can-disrupt/): According to some estimates, ransomware has quickly become a multi-million dollar industry, and, driven by its own success, is likely to continue to grow.
- [Data Science and Security Research: Two Parts of the Whole](https://www.exabeam.com/blog/infosec-trends/data-science-and-security-research-two-parts-of-the-whole/): In this post, I talk about the nature of the two disciplines, their complementary aspects, and how each is indispensable for meaningful security analytics.
- [Project Alignment, Hiring Shortfall As Top Big Data Challenges](https://www.exabeam.com/blog/infosec-trends/project-alignment-hiring-shortfall-as-top-big-data-challenges/): I was asked to pen an article on my perspective of big data challenges in general for 2016.
- [It’s Better to See in 3D: Announcing the 3D Technology Partner Program](https://www.exabeam.com/blog/infosec-trends/its-better-to-see-in-3d-announcing-the-3d-technology-partner-program/): We are happy to announce our 3D Technology Alliance Program, the first in the user behavior analytics industry.
- [My Top Security Data Science Predictions for 2016](https://www.exabeam.com/blog/infosec-trends/my-top-security-data-science-predictions-for-2016/): We see increased activities to address security in enterprises and the product marketplace in 2015. I offer my predictions on the top trends in security analytics for 2016.
- [Circumstantial, Your Honor!](https://www.exabeam.com/blog/infosec-trends/circumstantial-your-honor/): Working in the security log analysis business for over 10 years, I realize that much of our work is similar to that of a courtroom judge, who hears both sides of an argument, weighs which is more plausible and makes a ruling.
- [The Wrong (and Right) Way to Engage Data Science in Security Analytics](https://www.exabeam.com/blog/infosec-trends/the-wrong-and-right-way-to-engage-data-science-in-security-analytics/): Enterprises are waking up to the fact that data analytics is an inseparable part of cybersecurity defense posture. An immediate question is how to integrate the traditional security operation center (SOC) with the data science team.
- [Thorough Analysis For Using Data Science To Detect Malicious Domains](https://www.exabeam.com/blog/infosec-trends/thorough-analysis-for-using-data-science-to-detect-malicious-domains/): An outline of some machine learning approaches to detect malicious domains by learning from standard web proxy logs.
- [Security Issues: Agencies Are From Venus – Legislators Are From Mars](https://www.exabeam.com/blog/infosec-trends/security-issues-agencies-are-from-venus-legislators-are-from-mars/): Legislators want to act. They see these data breaches as a problem. They just need to be informed.
- [Challenges Of Building A Security Data Science Practice](https://www.exabeam.com/blog/infosec-trends/challenges-of-building-a-security-data-science-practice/): There are clear benefits to building data science models to target emerging use cases on common or enterprise-custom data sources. ButI also recognize the challenges an enterprise faces in building a data science practice for cybersecurity in house.
- [What’s Wrong With Today’s Security Technologies and Processes?](https://www.exabeam.com/blog/infosec-trends/whats-wrong-with-todays-security-technologies-and-processes/): User behavior analytics makes the stealthiest attacks are made visible and analysis is created as the attack happens.
- [The Cybersecurity Personnel Shortage, Identity Theft and Fraud at the IRS](https://www.exabeam.com/blog/infosec-trends/the-cybersecurity-personnel-shortage-identity-theft-fraud-at-the-irs/): What do a wave of baby boomer retirements and a trend toward outsourcing have in common?
- [Security Breaches and the “Crown Jewels” of Creativity and Research](https://www.exabeam.com/blog/infosec-trends/security-breaches-and-the-crown-jewels-of-creativity-and-research/): In the last 12 months Carnegie-Mellon, Stanford, University of Maryland, University of North Carolina at Chapel Hill, University of Delaware, and Virginia Tech University, and Marquette University have all been hit with data breaches.
- [Dyer Malware Updated to Defeat Malware Sandboxing Solutions](https://www.exabeam.com/blog/infosec-trends/dyer-malware-updated-to-defeat-malware-sandboxing-solutions/): Is this the beginning of the end of effectiveness for malware sandboxing solutions?
- [A Short History of Pass-the-Hash](https://www.exabeam.com/blog/infosec-trends/passing-the-hash-like-its-1999/): Pass-the-Hash (PTH) attacks remain very much relevant in today's corporate environment.
- [With the RSA 2015 Security Conference Behind Us, What do I do Now?](https://www.exabeam.com/blog/infosec-trends/with-the-rsa-2015-security-conference-behind-us-what-do-i-do-now/): It’s safe to say that security teams are open to new solutions they can build new processes around because what they have now won’t make them successful.
- [Meritalk’s Cybersecurity Survey: Too Much Data and No Complete Story](https://www.exabeam.com/blog/infosec-trends/meritalks-cybersecurity-survey-too-much-data-and-no-complete-story/): A recent survey of federal, state and local agencies by Meritalk tells a very interesting story.
- [Security Event Management Basics – What We’ve Seen Companies Are Not Doing](https://www.exabeam.com/blog/infosec-trends/security-event-management-basics-what-weve-seen-companies-are-not-doing/): Monitoring logs is an extremely valuable and cost effective way to identify security issues in the network. What is not so obvious, however, is that purchasing a SIEM/Log Management solution is the first, not last, step in extracting the value hidden in these logs.
- [My RSA Expectations – Blinding Spotlights](https://www.exabeam.com/blog/infosec-trends/my-rsa-expectations-blinding-spotlights/): A CISO walks into RSA and gets bombarded by new technologies that all can help protect his/her company using a budget that was set for last year’s projects at best.
- [Attack of the Cyber Vampires-phishing at the White House](https://www.exabeam.com/blog/infosec-trends/attack-of-the-cyber-vampires-phishing-at-the-white-house/): Your cyber defenses can't stop letting Dracula in, but user behavior intelligence becomes that next layer of defense that can detect compromised movements and expose him to the sunlight.
- [Cybersecurity Lessons can be Learned from Credit Fraud Paradigm](https://www.exabeam.com/blog/infosec-trends/cybersecurity-lessons-can-be-learned-from-credit-fraud-paradigm/): When a credit card provider sees an anomalous charge (based on learned behavioral clues) to an account, a representative will reach out to the cardholder, confirm the validity of the charge and then take next steps to keep out the attacker.
- [Why it is Taking the State Department So Long to Root Out Hackers](https://www.exabeam.com/blog/infosec-trends/why-it-is-taking-the-state-department-so-long-to-root-out-hackers/): Identity-based approach leverages data already in a SIEM or log management data repository, exposes attackers where their behavior is divergent from that of a normal user's, and provides a time-based visualization of the user’s anomalous activities.
- [Continuous Diagnostics and Mitigation (CDM): What Civilian Agencies Need to Know](https://www.exabeam.com/blog/infosec-trends/continuous-diagnostics-and-mitigation-cdm-what-civilian-agencies-need-to-know/): Better security inside government agencies hinges on the ability to perform user behavior intelligence.
- [Head in the Sands: One Year After the Sands Casino Data Breach](https://www.exabeam.com/blog/infosec-trends/head-in-the-sands-one-year-after-the-sands-casino-data-breach/): There is a need to look beyond point-of-intrusion solutions and focus on where the attack surface exists today – by applying user behavior intelligence to correlate suspicious actions across the entire attack chain.
- [Anthem’s 80 Million Record Data Breach: Interesting Insights](https://www.exabeam.com/blog/infosec-trends/anthems-80-million-record-data-breach-interesting-insights/): Just as with all of the largest data breaches that happened in 2014, this one involved some form of unauthorized access, whether it was through direct access or remotely controlled malware.
- [Welcome to Exabeam!](https://www.exabeam.com/blog/infosec-trends/welcome-to-exabeam/): We want to give readers the opportunity to open a channel of communication with a bunch of very smart people from the SIEM, log management, and cybersecurity professions.
## Cloud Security
- [64 Cloud Security Statistics You Must Know in 2026](https://www.exabeam.com/explainers/cloud-security/61-cloud-security-statistics-you-must-know-in-2025/): Cloud security refers to the technologies, policies, controls, and services that protect cloud computing environments, data, applications, and infrastructure.
- [Top 7 Cloud Security Frameworks and How to Choose](https://www.exabeam.com/explainers/cloud-security/top-7-cloud-security-frameworks-and-how-to-choose/): Cloud security frameworks are structured sets of guidelines aimed at ensuring the security of cloud environments.
- [Cloud Security Policy: 7 Key Components & How to Create Yours](https://www.exabeam.com/explainers/cloud-security/cloud-security-policy-7-key-components-how-to-create-yours/): A cloud computing security policy establishes rules and guidelines to protect data and resources in cloud environments.
- [Cloud Access Security Brokers (CASB): Complete Guide [2025]](https://www.exabeam.com/explainers/cloud-security/cloud-access-security-brokers-casb-complete-guide/): A cloud access security broker (CASB) acts as an intermediary between cloud service consumers and providers, enforcing security, compliance, and governance.
- [What Is a Cloud Workload Protection Platform (CWPP)?](https://www.exabeam.com/explainers/cloud-security/what-is-a-cloud-workload-protection-platform-cwpp/): A cloud workload protection platform (CWPP) secures workloads across virtual machines, containers, and serverless functions in diverse environments.
- [Understanding CNAPP: Evolution, Components & Evaluation Criteria](https://www.exabeam.com/explainers/cloud-security/understanding-cnapp-evolution-components-evaluation-criteria/): A cloud-native application protection platform (CNAPP) integrates multiple security tools like CSPM, CSNS, and CWPP to safeguard cloud-native applications.
- [Cloud Security Audits: Step By Step](https://www.exabeam.com/explainers/cloud-security/cloud-security-audits-step-by-step/): Understand the challenges of cloud security audits, how to overcome them, and learn a 6-step process to auditing a cloud environment.
- [Cloud Security Threats: Top Threats and 3 Mitigation Strategies](https://www.exabeam.com/explainers/cloud-security/cloud-security-threats-top-threats-and-3-mitigation-strategies/): Understand the most common threats facing cloud services, including misconfiguration and insider threats, and learn how to protect your organization.
- [What is Cloud Security Posture Management (CSPM)?](https://www.exabeam.com/explainers/cloud-security/what-is-cloud-security-posture-management-cspm/): Understand the need for Cloud Security Posture Management (CSPM), how it works, and how CSPM compares to related solutions like CWPP and CASB.
- [Cloud Security Controls: Key Elements and 4 Control Frameworks](https://www.exabeam.com/explainers/cloud-security/cloud-security-controls-key-elements-and-4-control-frameworks/): Learn how cloud security controls help you secure your cloud, and discover control frameworks that can help you build a foundation for security controls.
- [Cloud Security Tools: Cloud Provider or Third Party Tools?](https://www.exabeam.com/explainers/cloud-security/cloud-security-tools-cloud-provider-or-third-party-tools/): Understand the cloud security tools offered by major cloud providers, their pros and cons, and how to choose between first-party and third-party cloud security.
- [8 Cloud Security Solutions for 2025](https://www.exabeam.com/explainers/cloud-security/cloud-security-solutions-8-solution-categories-you-must-know/): Learn about key solution categories that can help you secure your cloud, including CASB, CSPM, CWPP, and XDR.
- [9 Cloud Security Best Practices You Must Know](https://www.exabeam.com/explainers/cloud-security/9-cloud-security-best-practices-you-must-know/): Every cloud is different, but there are common cloud security best practices any organization can benefit from - discover 9 simple yet effective best practices.
- [Cloud Security Standards: ISO, PCI, GDPR and Your Cloud](https://www.exabeam.com/explainers/cloud-security/cloud-security-standards-iso-pci-gdpr-and-your-cloud/): Learn how major compliance standards and regulations impact your cloud, and discover cloud-specific security standards, like CIS and CSA Control Matrix.
- [What Is Cloud Security Monitoring?](https://www.exabeam.com/explainers/cloud-security/what-is-cloud-security-monitoring/): Understand the benefits of cloud security monitoring, key capabilities of cloud security monitoring solutions, and how to use a SIEM to monitor your cloud.
- [Cloud Security: Challenges, Solutions, and 6 Critical Best Practices](https://www.exabeam.com/explainers/cloud-security/cloud-security-principles-solutions-and-architectures/): Cloud systems are shared resources and are often exposed to, or exist on, the public Internet, and so are a prime target for attackers. Securing cloud systems requires a different approach than security for on-premise systems.
## SIEM Trends
- [Securing the Agentic Enterprise with Behavioral Analytics and AI Visibility](https://www.exabeam.com/blog/siem-trends/securing-the-agentic-enterprise-with-behavioral-analytics-and-ai-visibility/): Detect risky AI agent behavior and insider threats with behavioral analytics and visibility into AI activity.
- [Five Reasons to Augment Microsoft Sentinel With New-Scale Analytics](https://www.exabeam.com/blog/siem-trends/five-reasons-security-operations-teams-augment-microsoft-sentinel-with-new-scale-analytics/): See why security operations teams extend Microsoft Sentinel with behavioral analytics, risk scoring, and guided investigations.
- [Exabeam Agent Behavior Analytics for AI Agents](https://www.exabeam.com/blog/siem-trends/exabeam-agent-behavior-analytics-first-of-its-kind-behavioral-detections-for-ai-agents/): Detect risky AI agent behavior with session-based analytics and first-time activity insights from Exabeam.
- [Legacy vs. Cloud-Native SIEM: A Pros and Cons Comparison](https://www.exabeam.com/blog/siem-trends/legacy-vs-cloud-native-siem-weighing-the-pros-and-cons/): Choosing a SIEM? We compare the pros and cons of legacy vs. cloud-native solutions across cost, scale, and security.
- [Six Advanced Cloud-Native SIEM Use Cases for Enhanced Security](https://www.exabeam.com/blog/siem-trends/six-advanced-cloud-native-siem-use-cases/): Go beyond basic detection. Explore advanced cloud-native SIEM use cases to proactively identify insider threats, prevent data exfiltration, and secure your IoT environment.
- [Cloud-Native SIEM: The Future of Modern Security Operations](https://www.exabeam.com/blog/siem-trends/embracing-the-future-of-security-with-cloud-native-siem/): Legacy SIEM can't keep up. Learn how cloud-native SIEM offers the scalability and advanced analytics to secure your future.
- [A Step-by-Step Guide to SIEM Migration](https://www.exabeam.com/blog/siem-trends/making-the-switch-a-step-by-step-guide-to-migrating-from-on-premises-to-cloud-native-siem/): Learn how to migrate your SIEM with our step-by-step guide, featuring a real-world cloud-to-cloud migration story.
- [Why Rule Count Is a Misleading SIEM Metric](https://www.exabeam.com/blog/siem-trends/why-rule-count-is-a-misleading-kpi-for-siem/): Learn why focusing on SIEM rule count is outdated and how behavioral analytics delivers more precise threat detection with less noise.
- [UEBA vs. XDR: The Smarter SIEM Augmentation Strategy](https://www.exabeam.com/blog/siem-trends/ueba-vs-xdr-rethinking-siem-augmentation-in-the-ai-era/): Compare UEBA and XDR for SIEM augmentation. Learn why machine-learned behavioral analytics delivers deeper, more flexible detection than vendor-tied XDR.
- [Why Exabeam New-Scale Fusion Beats Microsoft Sentinel for Modern SIEM](https://www.exabeam.com/blog/siem-trends/exabeam-vs-microsoft-sentinel-five-ways-to-compare-and-evaluate/): See why Exabeam New-Scale Fusion outperforms Microsoft Sentinel with faster TDIR, AI, and transparent pricing.
- [Exabeam New-Scale Fusion vs. Splunk: SIEM Comparison](https://www.exabeam.com/blog/siem-trends/exabeam-vs-splunk-six-ways-to-compare-and-evaluate/): See why Exabeam New-Scale Fusion outpaces Splunk in detection, AI, automation, and cost efficiency. Explore six reasons security teams are switching.
- [Understand and Improve Your SIEM Detection Coverage](https://www.exabeam.com/blog/siem-trends/understand-your-detection-gaps-and-how-to-close-them/): Map detections to log sources, find coverage gaps, and get guidance to improve outcomes
- [10 Questions to Ask Before You Buy a Cloud SIEM](https://www.exabeam.com/blog/siem-trends/10-questions-security-operations-managers-should-ask-about-cloud-siem-vendors/): Ask the right questions before buying a cloud SIEM. Learn what smart SOC leaders evaluate in modern solutions.
- [Hybrid SIEM: Strengthen On-Prem Security With Cloud-Powered Intelligence](https://www.exabeam.com/blog/siem-trends/the-hybrid-security-strategy-balancing-on-prem-siem-with-cloud-flexibility/): Maximize SIEM efficiency by combining on-prem control with cloud analytics and real-time threat intelligence.
- [Why CISOs Must Prioritize Vendor Selection for Stronger Security](https://www.exabeam.com/blog/siem-trends/choose-your-infrastructure-why-vendor-selection-should-matter-to-cisos/): Choosing the right vendors is critical for cybersecurity success. Learn why best-of-breed security beats single-vendor solutions.
- [Best-of-Breed vs. Single-Vendor SIEM: Why It Matters for Security](https://www.exabeam.com/blog/siem-trends/best-of-breed-security-is-always-important-but-for-siem-its-imperative/): Best-of-breed SIEM ensures strong security, while single-vendor solutions can leave gaps. Learn why the right SIEM matters.
- [How to Detect and Respond to SS7 Attacks with LogRhythm SIEM](https://www.exabeam.com/blog/siem-trends/how-to-detect-and-respond-to-ss7-attacks-with-logrhythm-siem/): Four practical use cases to help telecommunication organizations detect an SS7 attack using LogRhythm NextGen SIEM.
- [Exabeam: The Superior Choice Over IBM QRadar and XSIAM for SIEM](https://www.exabeam.com/blog/siem-trends/exabeam-leads-the-future-of-siem-over-qradar-and-xsiam/): Discover why Exabeam outperforms IBM QRadar and Palo Alto Networks’ XSIAM in SIEM and TDIR. Exabeam offers advanced UEBA capabilities, reduced alert fatigue, and scalable cloud-native architecture.
- [Exabeam IRAP Assessment Completion Creates New Opportunities for Partners in Australia ](https://www.exabeam.com/blog/siem-trends/exabeam-irap-assessment-completion-creates-new-opportunities-for-partners-in-australia/): The IRAP assessment, spearheaded by the ASD, is a vital component of Australia's cybersecurity strategy.
- [What’s New in Exabeam Product Development — July 2023](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-july-2023/)
- [SIEM License Management — Staying in Control of Ingestion Costs](https://www.exabeam.com/blog/siem-trends/siem-license-management-staying-in-control-of-ingestion-costs/): Cut SIEM costs and optimize data ingestion and license management with Exabeam Security Operations Platform features.
- [Overcoming Data Limitations With Observability Pipelines](https://www.exabeam.com/blog/siem-trends/overcoming-data-limitations-with-observability-pipelines/): Unlock the power of observability pipelines for enhanced data management, security, and cost savings. Maximize efficiency with Exabeam.
- [What’s New in Exabeam Product Development – June 2023](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-june-2023/): A summary of June’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [Preventing EV Charger Cyberattacks with LogRhythm SIEM](https://www.exabeam.com/blog/siem-trends/supercharged-protection-preventing-ev-chargers-cyberattacks-with-logrhythm/): As more governments and organizations adopt smart city technologies, the risks associated with cyberattacks on these systems have grown exponentially.
- [8 Critical Considerations For Defending Against Insider Threats](https://www.exabeam.com/blog/siem-trends/8-critical-considerations-for-defending-against-insider-threats/): Strengthen your defense against insider threats with 8 critical considerations and advanced best practices.
- [Insider Threat Use Cases: How Modern SIEM Solutions Detect Malicious Activity](https://www.exabeam.com/blog/siem-trends/insider-threat-use-cases-how-modern-siem-solutions-detect-malicious-activity/): Discover key threat indicators to effectively monitor and prevent damaging insider threats.
- [Real-world Examples of Insider Threats and Detection Points for Identifying Them](https://www.exabeam.com/blog/siem-trends/real-world-examples-of-insider-threats-and-detection-points-for-identifying-them/): Explore the role of modern SIEM solutions in detecting and combating insider threats for improved security.
- [What’s New in Exabeam Product Development – April 2023](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-april-2023/): A summary of April’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [8 Best Practices for Mitigating Insider Threats](https://www.exabeam.com/blog/siem-trends/8-best-practices-for-mitigating-insider-threats/): Learn the essentials of insider threats and how to secure your organization's data from potential breaches.
- [Unlocking the Power of SIEM: Simplify Security Investigations and Enhance Detection with Exabeam](https://www.exabeam.com/blog/siem-trends/unlocking-the-power-of-siem-simplify-security-investigations-and-enhance-detection-with-exabeam/): Discover Exabeam solutions for simplified security investigations, enhanced threat detection, and improved outcomes.
- [Exabeam vs. Sumo Logic: Four Ways to Compare and Evaluate](https://www.exabeam.com/blog/siem-trends/exabeam-vs-sumo-logic-four-ways-to-compare-and-evaluate/): Discover why Exabeam is the superior choice for your organization's SIEM needs. Compare and evaluate Exabeam and Sumo Logic in four ways.
- [Exabeam vs. Rapid7: Four Ways to Compare and Evaluate](https://www.exabeam.com/blog/siem-trends/exabeam-vs-rapid7-four-ways-to-compare-and-evaluate/): Discover why Exabeam is the superior choice for your organization's SIEM needs. Compare and evaluate Exabeam and Rapid7 in four ways.
- [What’s New in Exabeam Product Development – March 2023](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-march-2023/): A summary of March’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [Exabeam vs. QRadar: Four Ways to Compare and Evaluate](https://www.exabeam.com/blog/siem-trends/exabeam-vs-qradar-four-ways-to-compare-and-evaluate/): Exabeam Fusion offers advanced automation and superior user experience vs. IBM QRadar. Learn why Exabeam is the better SIEM choice.
- [What’s New in Exabeam Product Development – February 2023](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-february-2023/): A summary of Febraury’s new updates from the Exabeam Engineering, Education, and Product Management teams.
- [The Games SIEM Vendors Play: Statistics vs. Machine Learning and Malware vs. Compromised Credential Detection](https://www.exabeam.com/blog/siem-trends/the-games-siem-vendors-play-statistics-vs-machine-learning-and-malware-vs-compromised-credential-detection/): Combining statistics and machine learning can lead to improved threat detection capabilities.
- [The Games SIEM Vendors Play: Public Cloud and User Security](https://www.exabeam.com/blog/siem-trends/the-games-siem-vendors-play-public-cloud-and-user-security/): Some of the games SIEM vendors play when it comes to offering SIEM solutions, and how you can make informed decisions.
- [The Games SIEM Vendors Play: Pricing and Scalability](https://www.exabeam.com/blog/siem-trends/the-games-siem-vendors-play-pricing-and-scalability/): Two games SIEM vendors play when offering SIEM solutions are around pricing and performance without scalability.
- [Navigating the SIEM Landscape: How to Recognize and Counter Vendor Gimmicks](https://www.exabeam.com/blog/siem-trends/navigating-the-siem-landscape-how-to-recognize-and-counter-vendor-gimmicks/): SIEM vendor tactics exposed! Recognize and counter common SIEM vendor gimmicks and protect your organization.
- [Exabeam Survey: Prevention Prioritized Over Detection While Breaches Rise](https://www.exabeam.com/blog/siem-trends/exabeam-survey-prevention-prioritized-over-detection-while-breaches-rise/): Exabeam survey reveals SIEM market challenges like vendor overpromises and misalignment between perception and reality.
- [Fourth-gen SIEM is New-Scale SIEM™: Cloud-native SIEM at Hyperscale](https://www.exabeam.com/blog/siem-trends/fourth-gen-siem-is-new-scale-siem-cloud-native-siem-at-hyperscale/): The fourth generation of SIEM is about getting cloud-native, hyperscale performance from your solutions.
- [Introducing Exabeam SIEM: A Hyperscale Cloud-native SIEM](https://www.exabeam.com/blog/siem-trends/introducing-exabeam-siem-a-hyperscale-cloud-native-siem/): Exabeam SIEM: cloud-native hyperscale search and powerful detection, reporting, dashboarding, and case management.
- [New-Scale SIEM™: Where Big Data Meets Cybersecurity](https://www.exabeam.com/blog/siem-trends/new-scale-siem-where-big-data-meets-cybersecurity/): Exabeam New-Scale SIEM. Cloud-native hyperscale data & security analytics with better performance and cost efficiencies.
- [Looking Back at the Evolution of SIEM](https://www.exabeam.com/blog/siem-trends/looking-back-at-the-evolution-of-siem/): 20-year rise and growth of the SIEM market, and the Exabeam commitment to the next step in SIEM evolution.
- [What’s New in Exabeam Product Development – August 2022](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-august-2022/): A summary of new updates from the Exabeam Engineering, Education, and Product Management teams.
- [What’s New in Exabeam Product Development – July 2022](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-july-2022/): A summary of July product updates from the Exabeam Engineering, Education, and Product Management teams.
- [What’s New in Exabeam Product Development – June 2022](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-june-2022/): A summary of new updates from the Exabeam Engineering, Education, and Product Management teams.
- [The Next Wave of Innovation in SIEM, Security Analytics and TDIR](https://www.exabeam.com/blog/siem-trends/the-next-wave-of-innovation-in-siem-security-analytics-and-tdir/): Exabeam is building its next-generation SIEM platform on Google Cloud, offering significant benefits to security operations teams.
- [Are You Thinking About Shifting Your SIEM to the Cloud?](https://www.exabeam.com/blog/siem-trends/are-you-thinking-about-shifting-your-siem-to-the-cloud/): Learn about the benefits and advantages of cloud-delivered SIEMs, and get answers to your concerns.
- [What’s New in Exabeam Product Development – May 2022](https://www.exabeam.com/blog/siem-trends/whats-new-in-exabeam-product-development-may-2022/): A summary of six new updates from the Exabeam Engineering, UI, and Product Management teams.
- [The Results Are In…and The Return on Investment Is Clear](https://www.exabeam.com/blog/siem-trends/the-results-are-inand-the-return-on-investment-is-clear/): Forrester Consulting’s Total Economic ImpactTM study examines potential return on investment of Exabeam Fusion SIEM.
- [Auto Parser Generator Now Available for Customers](https://www.exabeam.com/blog/siem-trends/auto-parser-generator-now-available-for-customers-updated/): Exabeam recently released Auto Parser Generator, a new tool in the Exabeam Cloud Studio, for general availability. In this post, you will learn about parsers, common problems, and how Auto Parser Generator from Exabeam can help.
- [Planning Before the Breach](https://www.exabeam.com/blog/siem-trends/planning-before-the-breach/): Cybersecurity risk can come from anywhere — a lone wolf, organized cybercriminals, nation-states, or rogue insiders.
- [The Significance and Role of Firewall Logs](https://www.exabeam.com/blog/siem-trends/the-significance-and-role-of-firewall-logs/): To be most effective, a firewall ruleset must be augmented with a successful logging feature.
- [Change Your Risk Mindset to Level the Security Playing Field](https://www.exabeam.com/blog/siem-trends/change-your-risk-mindset-to-level-the-security-playing-field/): In this post, we’ll examine ways that organizations can better understand their risk, improve their threat detection and incident response (TDIR) capabilities, and level the playing field against sophisticated adversaries.
- [3 Questions to Ask SIEM Vendors — And 3 to Ask Yourself](https://www.exabeam.com/blog/siem-trends/3-questions-to-ask-siem-vendors-and-3-to-ask-yourself/): Learn the right questions to ask your prospective vendor throughout the process of buying a Security Information and Event Management (SIEM) solution.
- [You Can’t Defend What You Can’t See – Seize the Breach](https://www.exabeam.com/blog/siem-trends/you-cant-defend-what-you-cant-see-seize-the-breach/): You Can’t Defend What You Can’t See — Seize the Breach
- [Managed Detection and Response: Dispelling the Myth of Transparency](https://www.exabeam.com/blog/siem-trends/managed-detection-and-response-dispelling-the-myth-of-transparency/): When properly implemented, SIEM solutions bring significant improvements to enterprise cybersecurity. It falls on InfoSec decision-makers to insist on visibility into the inner workings of their security tools. These systems are too important to entrust to “mystery box” solutions with inadequate transparency.
- [Exabeam Adds Automated Incident Diagnosis to Speed Investigations](https://www.exabeam.com/blog/siem-trends/exabeam-adds-automated-incident-diagnosis-to-speed-investigations/): The latest release of Exabeam Advanced Analytics includes Automated Incident Diagnosis, the first new feature to enable prescriptive, end to end workflows aligned with Exabeam pre-packaged use cases. In this post, you will learn about incident investigations and how Exabeam Automated Incident Diagnosis can help.
- [Exabeam Fusion XDR and Exabeam Fusion SIEM now available in Google Cloud Marketplace](https://www.exabeam.com/blog/siem-trends/exabeam-fusion-xdr-and-exabeam-fusion-siem-now-available-in-google-cloud-marketplace/): We are excited to announce the availability of Exabeam Fusion SIEM and Exabeam Fusion XDR on Google Cloud Marketplace.
- [The Differences Between SIEM and Open XDR](https://www.exabeam.com/blog/siem-trends/the-differences-between-siem-and-open-xdr/): Appears in search results. If nothing is specified, Google will automatically grab the first few sentences of the post.
- [SIEM Gartner: Get the 2021 Magic Quadrant Report](https://www.exabeam.com/blog/siem-trends/siem-gartner-get-the-2021-magic-quadrant-report/): Exabeam named a Leader in the Gartner Magic Quadrant for SIEM for the third year in a row.
- [Detecting Zerologon CVE-2020-1472 Using Exabeam Data Lake](https://www.exabeam.com/blog/siem-trends/detecting-zerologon-cve-2020-1472-using-exabeam-data-lake/): Zerologon is a critical vulnerability that has some serious impacts on Windows Servers. Without the need for any user credentials, an attacker is able to obtain admin level privileges and control any asset in the entire network.
- [Exabeam Leverages the Power of SaaS to Proactively Improve Security Content and User Experience](https://www.exabeam.com/blog/siem-trends/exabeam-leverages-the-power-of-saas-to-proactively-improve-security-content-and-user-experience/): Exabeam SaaS Improves Security Content and User Experience. In this post, you will learn about updating and improving parsers with Exabeam and how Proactive Content Monitoring tackles that with a novel approach.
- [Recent Breaches Show Why Federal Agencies Need These 3 Requirements From Modern SIEMs](https://www.exabeam.com/blog/siem-trends/recent-breaches-show-why-federal-agencies-need-these-3-requirements-from-modern-siems/): Here are three requirements federal agencies should look for in modern SIEM platforms. Anomalous behavior is detected with machine learning Threat hunting via point-and-click + filters for easier, faster threat hunting Data, context, and user/asset risk score stitched into a user timeline.
- [New Features in Exabeam Content Library Now Available ](https://www.exabeam.com/blog/siem-trends/new-features-in-exabeam-content-library-now-available/): Learn about Exabeam out-of-the-box (OOTB) security content, why documentation is important, and how Content Library can help.
- [Escaping Dante’s SOC Inferno: Greed and the Gimme Mindset ](https://www.exabeam.com/blog/siem-trends/escaping-dantes-soc-inferno-greed-and-the-gimme-mindset/): Our adversaries continue to find new holes to exploit, change their tactics and pump out new malware and in turn we write our YARA rules, Python scripts and runbooks to respond.
- [Escaping Dante’s SOC Inferno: The Anger of Shattered Dreams ](https://www.exabeam.com/blog/siem-trends/escaping-dantes-soc-inferno-the-anger-of-shattered-dreams/): Cutting straight to the chase: I’m angry. And here’s the story about why I’m feeling this way. Is this your story too?
- [Escaping Dante’s SOC Inferno: The Heresy of Orthodox SecOps](https://www.exabeam.com/blog/siem-trends/escaping-dantes-soc-inferno-the-heresy-of-orthodox-secops/): By stepping into the light, we can achieve improved detection using behavior, not rules. We can investigate and respond in mere minutes, not days.
- [Escaping Dante’s SOC Inferno: Fraud and the Truth About Normal](https://www.exabeam.com/blog/siem-trends/escaping-dantes-soc-inferno-fraud-and-the-truth-about-normal/): Escaping Dante’s SOC Inferno: Fraud and the Truth About Normal in InfoSec. We posit a Framework-based Approach featuring the CIS Top 20 Controls.
- [Escaping Dante’s SOC Inferno: The Treachery of SIEM Lies ](https://www.exabeam.com/blog/siem-trends/escaping-dantes-soc-inferno-the-treachery-of-siem-lies/): Dear SOC analysts, you and your organization have been misled by the SIEM industry for years, here’s why... Read more about the treachery of SIEM Lies
- [Add Intelligence to Elastic’s SIEM with Exabeam](https://www.exabeam.com/blog/siem-trends/add-intelligence-to-elastics-siem-with-exabeam/): Improve Threat Detection, Enhance Ability to Investigate, Reduce Incident Response Times and Enhance Cloud Security on Elastic SIEM with Exabeam
- [How Castra Leverages the Power of Exabeam](https://www.exabeam.com/blog/siem-trends/how-castra-leverages-the-power-of-exabeam/): Protecting a network can be challenging work as organizations deal with more data than ever before. At Castra we learn every day about increasingly complex attack vectors and it is worth noting that traditional SIEM may no longer fit the purpose of the modern security program. That’s where Exabeam comes into play.
- [How Exabeam Helped Brunel University Meet the Demand for Advanced Cybersecurity](https://www.exabeam.com/blog/siem-trends/how-exabeam-helped-brunel-university-meet-the-demand-for-advanced-cybersecurity/): London’s Brunel University, like many educational institutions, found itself in need of a cybersecurity program without the resources to build one. That’s where Exabeam came in. Read the Brunel University case study.
- [Detecting SIGRed (CVE-2020-1350) with Exabeam ](https://www.exabeam.com/blog/siem-trends/detecting-sigred-cve-2020-1350-with-exabeam/): In this post we learn about the signals to look for in your SIEM to detect the SIGRed vulnerability and how Exabeam Advanced Analytics detects SIGRed.
- [FEMSA Improves Security and Supercharges Their SOC With Exabeam](https://www.exabeam.com/blog/siem-trends/femsa-improves-security-and-supercharges-their-soc-with-exabeam/): FEMSA Improves Security and Supercharges Their SOC With Exabeam. As a one of Latin America’s largest beverage services and retail businesses, FEMSA faces the daily challenge of supporting a portfolio of large brands that include Coca-Cola and Powerade; as well as 20,000 retail locations across the world.
- [Benefits of Using Exabeam to Augment Your SIEM ](https://www.exabeam.com/blog/siem-trends/benefits-of-using-exabeam-to-augment-your-siem/): Exabeam Security Management Platform can take your Splunk implementation to the next level by making it swifter and more effective than what you already have in place. Here are four benefits of using Exabeam to enhance your threat detection and response.
- [How to Use Exabeam for Contact Tracing to Keep Employees Safe When They Return to the Office](https://www.exabeam.com/blog/siem-trends/how-to-use-exabeam-for-contact-tracing-to-keep-employees-safe-when-they-return-to-the-office/): In this post, we take a look at how contact-tracing apps work, data access and privacy considerations and health safety obligations. We also share how Exabeam customers can implement a contact-tracing use case in their Exabeam deployment to keep their employees safe.
- [Advanced Analytics Use Case: Detecting Compromised Credentials ](https://www.exabeam.com/blog/siem-trends/advanced-analytics-use-case-detecting-compromised-credentials/): Exabeam Advanced Analytics detected a notable user during a SIEM augmentation deployment. From that point on, we were able to detect a Compromised Credentials exploit.
- [How UEBA and SOAR Can Improve Your Security Team’s Productivity Without Additional Staff](https://www.exabeam.com/blog/siem-trends/how-ueba-and-soar-can-improve-your-security-teams-productivity-without-additional-staff/): As lean security teams learn to do more with less we’ll explain how Exabeam technology such as UEBA and SOAR can help increase the productivity of existing staff through automated investigations and response.
- [Exabeam Advanced Analytics Tips: Targeted Search and Tuning Rules](https://www.exabeam.com/blog/siem-trends/exabeam-advanced-analytics-tips-targeted-search-and-tuning-rules/): Exabeam Advanced Analytics offers SOC analysts modern threat detection using behavioral modeling and machine learning. Here are two tips on how to get the most out of your Advanced Analytics instance.
- [Operational Technology: The Hidden Threat Lurking in Your Network](https://www.exabeam.com/blog/siem-trends/operational-technology-the-hidden-threat-lurking-in-your-network/): Read our white paper Securing Operational Technology for Rapid Threat Detection and Response to learn more about the promise and threat of operational technology and how to secure OT devices.
- [An Incident Investigator’s Cheat Code](https://www.exabeam.com/blog/siem-trends/an-incident-investigators-cheat-code/): An incident investigator’s cheat code: Exabeam provides insight into all security signals in a single, intelligible view for Expel's customers use.
- [Ransomware Targets Healthcare](https://www.exabeam.com/blog/siem-trends/ransomware-targets-healthcare/): Healthcare organizations are being targeted by ransomware. Attackers recognize that healthcare providers are attractive targets as they must protect patient information from being disclosed or face large regulatory penalties such as HIPAA fines.
- [Apache Nifi: Send From MySQL to Syslog](https://www.exabeam.com/blog/siem-trends/apache-nifi-send-from-mysql-to-syslog/): This post on Apache NiFi looks at querying a MySQL database with entity events from Home Assistant, the open source home automation toolset. It shows how several linked NiFi processors will reformat the output to JSON on its way to a syslog server.
- [Announcing Availability of the Exabeam Cloud Connector for Zoom](https://www.exabeam.com/blog/siem-trends/announcing-availability-of-the-exabeam-cloud-connector-for-zoom/): Announcing Availability of the Exabeam Cloud Connector for Zoom Usage of cloud services, in particular video conferencing apps, has exploded.
- [How to Ingest Files and NetFlow with Apache NiFi](https://www.exabeam.com/blog/siem-trends/how-to-ingest-files-and-netflow-with-apache-nifi/): Apache NiFi is specifically designed to process and distribute data. Best of all, it’s fairly simple to get up and running. You can even leverage NiFi as a basic syslog load balancer.
- [Plugging AWS Into Your SIEM: A Practical Guide](https://www.exabeam.com/blog/siem-trends/plugging-aws-into-your-siem-a-practical-guide/): This article gives you an introduction on how to integrate your AWS environment and your SIEM solution.
- [Securing Your Remote Workforce, Part 1: Detecting Phishing Scams Disguised as Updates](https://www.exabeam.com/blog/siem-trends/securing-your-remote-workforce-part-1-detecting-phishing-scams-disguised-as-updates/): Learn how cyber criminals are building out phishing and other targeted malware campaigns and successfully executing them for financial gain, notoriety or theft of IP for competitive advantage.
- [MSSP, MDR, or SaaS SIEM? ](https://www.exabeam.com/blog/siem-trends/mssp-mdr-or-saas-siem/): For a lot of organizations, including those in the multinational enterprise world, outsourcing some or all of their SIEM operations ensures they get the full value of the tool, without needing to hire and retain the full complement of people required for a truly in-house on-premises SIEM.
- [Exabeam Cloud Platform: A New Architecture for a Next Era in SIEM](https://www.exabeam.com/blog/siem-trends/exabeam-cloud-platform-a-new-architecture-for-a-next-era-in-siem/): Exabeam Cloud Platform, a security platform-as-a-service (PaaS), helps security leaders continuously improve their security posture by expediting the provisioning and consumption of new security management applications, tools and content.
- [Exabeam Named a Leader in the 2020 Gartner Magic Quadrant for SIEM for 2nd Consecutive Year](https://www.exabeam.com/blog/siem-trends/exabeam-named-a-leader-in-the-2020-gartner-magic-quadrant-for-siem-for-2nd-consecutive-year/): Exabeam is excited to announce it has been named by Gartner as a Leader in the 2020 Magic Quadrant for SIEM for the second consecutive year.
- [Keeping Tabs on Fast-moving Endpoints: How Exabeam Helps Baker Donelson Maintain Visibility Into User Behavior](https://www.exabeam.com/blog/siem-trends/keeping-tabs-on-fast-moving-endpoints-how-exabeam-helps-baker-donelson-maintain-visibility-into-user-behavior/): The Baker Donelson team needed a solution that could help them progress to a more mature security posture, by incorporating activities like threat hunting, to take a much closer look at security events when the need arises.
- [Ransomware: Tackling the New Wave of Targeted Attacks ](https://www.exabeam.com/blog/siem-trends/ransomware-tackling-the-new-wave-of-targeted-attacks/): Let's take a deeper look at some of the most recent ransomware attacks on Toll, TNT Express, Maersk and Pitney Bowes and the financial numbers around them.
- [Using AI to Prevent Sensitive Data Loss from Law Firms](https://www.exabeam.com/blog/siem-trends/using-ai-to-prevent-sensitive-data-loss-from-law-firms/): AI is finding exciting new applications and changing workflows in many industries. One example of change is for law firms, particularly larger organizations that process expansive quantities of sensitive data.
- [MITRE ATT&CK®: Using Exabeam for Threat Hunting and Investigations](https://www.exabeam.com/blog/siem-trends/mitre-attck-using-exabeam-for-threat-hunting-and-investigations/): Rocky Rashidi and Abel Morales from Exabeam speak about MITRE ATT&CK and how it can be combined with analytics for more effective threat hunting.
- [5 Steps to Ensure Your Cloud Migration is Secure](https://www.exabeam.com/blog/siem-trends/5-steps-to-ensure-your-cloud-migration-is-secure/): Before you can begin making a plan for a secure migration to the cloud, you should decide what kind of cloud platform you wish to migrate to. You should also decide how you will migrate to the cloud you choose.
- [Protecting Federal Agencies from Insider Threats](https://www.exabeam.com/blog/siem-trends/protecting-federal-agencies-from-insider-threats/): Learn the risks posed by insiders, federal guidance for managing these risks and looks at how a modern technology approach automates the detection and prevention of insider threats according to National Insider Threat Task Force (NITTF) guidelines.
- [How to Automate Threat Hunting](https://www.exabeam.com/blog/siem-trends/how-to-automate-threat-hunting/): Threat hunting involves proactively searching for threats that may be sitting undetected in the network. For organizations looking to gain the upper hand against cybersecurity threats threat hunting is an essential component of their security toolkit.
- [How to Use Exabeam for Threat Hunting](https://www.exabeam.com/blog/siem-trends/how-to-use-exabeam-for-threat-hunting/): Andy Skrei explains how Exabeam is making threat hunting easier for businesses across all industries.
- [Recreating an Incident Timeline–a Manual vs. Automated Process, Part 2](https://www.exabeam.com/blog/siem-trends/recreating-an-incident-timeline-a-manual-vs-automated-process-part-2/): In this post, I will walk you through how to build a timeline using a manual investigation and look at a better way of doing this.
- [Recreating an Incident Timeline–a Manual vs. Automated Process, Part 1](https://www.exabeam.com/blog/siem-trends/recreating-an-incident-timeline-a-manual-vs-automated-process-part-1/): Recreating an Incident Timeline the manual way for just one reasonably straightforward malware alert investigation timeline takes over 20 hours of a seasoned analyst’s time.
- [Cybersecurity Awareness Month – Insider Threats and How to Detect Them](https://www.exabeam.com/blog/siem-trends/cybersecurity-awareness-month-insider-threats-and-how-to-detect-them/): National Cybersecurity Awareness Month: Insider threats can come from employees or contractors having authorized access to your systems, network, applications, and its high target-value data.
- [Threat Intelligence Feeds: Keeping Ahead of the Attacker](https://www.exabeam.com/blog/siem-trends/threat-intelligence-feeds-keeping-ahead-of-the-attacker/): Understand why you need threat intelligence feeds, which types of feeds you can use, and how you can manage your security needs.
- [Ponemon Study Reports 95% of Exabeam SIEM Users Rank It as Highly Effective for Security](https://www.exabeam.com/blog/siem-trends/ponemon-study-reports-95-of-exabeam-siem-users-rank-it-as-highly-effective-for-security/): Ponemon Study reports 95% of Exabeam SIEM Users Rank It as Highly Effective for detecting, investigating and responding to incidents.
- [How a Threat Intelligence Platform Can Help You](https://www.exabeam.com/blog/siem-trends/how-a-threat-intelligence-platform-can-help-you/): See how a threat intelligence platform automates the analysis of data from multiple feeds. Understand how security teams can respond to threats using a TIP.
- [Gartner Peer Insights ‘Voice of the Customer’: Security Information and Event Management Rates Exabeam as a Top-Rated Company](https://www.exabeam.com/blog/siem-trends/gartner-peer-insights-voice-of-the-customer-security-information-and-event-management-rates-exabeam-as-a-top-rated-company/): We are delighted to be part of Gartner Peer Insights ‘Voice of the Customer’: Security Information and Event Management.
- [Ponemon Study Finds 90% of Users Get Lower Costs and More Value with Exabeam SIEM](https://www.exabeam.com/blog/siem-trends/ponemon-study-finds-90-of-users-get-lower-costs-and-more-value-with-exabeam-siem/): 92 percent of Exabeam respondents were able to see its value within a week after deployment versus 53 percent of users of other SIEM solutions.
- [Exabeam SaaS Cloud Solutions Available Globally](https://www.exabeam.com/blog/siem-trends/exabeam-saas-cloud-solutions-available-globally/): Announcing Exabeam SaaS Cloud solutions availability to global locations to support cloud-first organizations across the globe.
- [Modernizing Your SIEM: One Piece at a Time](https://www.exabeam.com/blog/siem-trends/modernizing-your-siem-one-piece-at-a-time/): Modern SIEMs promise new capabilities to provide unparalleled visibility and automation to security teams to improve threat detection, enhance analyst productivity, and decrease logging costs, many hesitate to replace their legacy SIEM.
- [Ponemon Study Reveals Analysts Tasks Take 50% Less Time When Using Exabeam](https://www.exabeam.com/blog/siem-trends/ponemon-study-reveals-analysts-tasks-take-50-less-time-when-using-exabeam/): Learn about how much more productivity is delivered by the Exabeam security incident and event management (SIEM) solution.
- [Psst! We’ve Got Some Exciting News to Share! ](https://www.exabeam.com/blog/siem-trends/psst-weve-got-some-exciting-news-to-share/): Our Exabeam SaaS Cloud product offering family has grown — please join us in welcoming SaaS Cloud Essential to the world!
- [NTT DATA Advances Global Enterprise Risk Detection With Exabeam](https://www.exabeam.com/blog/siem-trends/ntt-data-advances-global-enterprise-risk-detection-with-exabeam/): Having chosen Exabeam for its cost-effectiveness and multi-tenant compatibility; NTT DATA implemented our user and entity behavior analytics (UEBA) functionality to leverage machine learning and big data, available support locations, and multilingual support.
- [How Modern SIEMs Leverage TTPs and Automation for Advanced Threat Hunting](https://www.exabeam.com/blog/siem-trends/how-modern-siems-leverage-ttps-and-automation-for-advanced-threat-hunting/): Modern SIEMs use threat hunting techniques so security analysts can more easily and effectively pinpoint specific threats and expose all related activities that bad actors may be using to attack your infrastructure.
- [8 Steps to Migrate Your SIEM: Assessment](https://www.exabeam.com/blog/siem-trends/8-steps-to-migrate-your-siem-assessment/): The last post of a three-part series on migrating a security information and event management (SIEM) platform focuses on assessing the migration. We outline the steps to show you how to evaluate how well the migration is working according to your strategic plan.
- [8 Steps to Migrate Your SIEM: Execution](https://www.exabeam.com/blog/siem-trends/8-steps-to-migrate-your-siem-execution/): In the second post of the three-part series on SIEM migration, we look at how to execute the migration. The steps include configuring its log sources, preparing SIEM content and defining operational processes.
- [8 Steps to Migrate Your SIEM: Preparation](https://www.exabeam.com/blog/siem-trends/8-steps-to-migrate-your-siem-preparation/): A security information and event management (SIEM) platform is one of the most critical tools for securing a large enterprise. Find out how to migrate to your new SIEM.
- [Shadow Mining and Cryptojacking: Two Commonly Undetected Security Threats](https://www.exabeam.com/blog/siem-trends/shadow-mining-and-cryptojacking-two-commonly-undetected-security-threats-survey/): Survey results show shadow mining and cryptojacking are two commonly undetected security threats on corporate networks.
- [New Exabeam Integrations with Symantec, Avaya, InfoWatch, Onapsis and SentinelOne](https://www.exabeam.com/blog/siem-trends/new-exabeam-integrations-with-symantec-avaya-infowatch-onapsis-and-sentinelone/): Because cybersecurity is a dynamic market space, we are continually adding new integrations to allow our customers to work more productively.
- [Is Now the Right Time for Enterprise-scale SIEM-as-a-Service?](https://www.exabeam.com/blog/siem-trends/is-now-the-right-time-for-enterprise-scale-siem-as-a-service/): Exabeam SaaS Cloud reduces SIEM deployment, maintenance, and operational overhead. SaaS Cloud ingests and behaviorally analyzes data from any cloud or on-prem data source, empowering enterprises to detect, investigate, and respond to cyber attacks more efficiently.
- [Smart Timelines: Nine Benefits for Detecting and Investigating Security Incidents](https://www.exabeam.com/blog/siem-trends/smart-timelines-nine-benefits-for-detecting-and-investigating-security-incidents/): Learn about the benefits of Exabeam Smart Timelines for detecting and investigating security incidents—a vital tool for threat hunting, investigation, and remediation by security operations centers.
- [Enable Smarter Workflows Using Exabeam Threat Intelligence Service](https://www.exabeam.com/blog/siem-trends/enable-smarter-workflows-using-exabeam-threat-intelligence-service/): Exabeam Threat Intelligence Service directly integrates with your current SIEM for the most up-to-date threat intelligence so your analysts can identify and mitigate new and emerging attacks at no added cost or impact to the customer.
- [An Analysis of the 2018 Gartner Magic Quadrant for Security Information and Event Management (SIEM)](https://www.exabeam.com/blog/siem-trends/an-analysis-of-the-2018-gartner-magic-quadrant-for-security-information-and-event-management-siem/): With the 2018 Gartner Magic Quadrant for Security Information and Event Management, the SIEM landscape is as follows: - Threat management is paramount for growth - Analytics is key - SIEMs must be end-to-end.
- [Threat Intelligence: Threat Feeds, Tools, and Challenges](https://www.exabeam.com/blog/siem-trends/threat-intelligence-threat-feeds-tools-and-challenges/): Threat intelligence is critical to modern cyber security. Learn about threat intelligence sources, feeds, tools, and overcoming common challenges.
- [Our Assessment of the 2017 Gartner Magic Quadrant for Security Information and Event Management (SIEM)](https://www.exabeam.com/blog/siem-trends/our-assessment-of-the-2017-gartner-magic-quadrant-for-security-information-and-event-management-siem/): What is evident to me from the 2017 Gartner Magic Quadrant for Security Information and Event Management (SIEM) is after a four-year drought from 2013 through 2016, innovation has finally returned to the SIEM market.
- [SIEM Rules or Models for Threat Detection?](https://www.exabeam.com/blog/siem-trends/siem-rules-or-models-for-threat-detection/): Both SIEM rules and models have their place in SIEM operations. But when do you use correlation rules, and when do you use models?
- [Exabeam Wins Red Herring Global 100 and Computing Security Excellence Awards](https://www.exabeam.com/blog/siem-trends/exabeam-wins-red-herring-global-100-and-computing-security-excellence-awards/): We're thrilled to announce that Exabeam recently won two prestigious awards.
- [What is UBA, UEBA, & SIEM? Security Management Terms Defined](https://www.exabeam.com/blog/siem-trends/what-is-uba-ueba-siem-security-management-terms-defined/): This blog post seeks to define and explain some common acronyms involved in today’s security management landscape.
- [Ransomworm: Don’t Cry – Act](https://www.exabeam.com/blog/siem-trends/ransomworm-dont-cry-act/): WannaCry is the next generation of ransomware, still using all of the common and known techniques of ransomware but with a twist on the infection vector using vulnerabilities.
- [5 Aspects to Consider When Evaluating SIEM Solutions](https://www.exabeam.com/blog/siem-trends/5-aspects-to-consider-when-evaluating-siem-solutions/): There are many factors to consider when evaluating a SIEM; these are only a handful. However, they are critical to choosing a SIEM that isn’t overly expensive, or too difficult to use, or incapable of detecting modern threats.
- [Flipping the SIEM Value Equation](https://www.exabeam.com/blog/siem-trends/flipping-the-siem-value-equation/): All legacy SIEMs have at least one thing in common, some form of data volume based pricing. This pricing model leads to large, unpredictable bills and in some ways parallels another unpopular pricing model; that of razors.
- [The Challenge of Using a SIEM to Detect Ransomware](https://www.exabeam.com/blog/siem-trends/the-challenge-of-using-a-siem-to-detect-ransomware/): This post explores some of the challenges security teams may face when trying to use SIEM correlation rules to identify the behavior and activities associated with a ransomware infection.
- [Beyond Detection and Response: Hidden Benefits of Exabeam](https://www.exabeam.com/blog/siem-trends/beyond-detection-and-response-hidden-benefits-of-exabeam/): Organizations want increased visibility into the activities of users on their network to detect modern attacks and respond quickly.
- [Why Your SIEM Doesn’t Work](https://www.exabeam.com/blog/siem-trends/why-your-siem-doesnt-work/): We have to turn the SIEM cybersecurity funnel on its head and use the vast majority of benign events to learn what is normal, rather than treating this data as simply stuff that should be discarded.
## Ten18
- [Where Should Humans Sit in AI-Driven Cybersecurity?](https://www.exabeam.com/blog/ten18/where-should-humans-sit-in-ai-driven-cybersecurity/): Where should humans sit in AI cybersecurity? Discover why Human-on-the-Loop (HOTL) models balance automation with oversight, outperforming autonomous SOCs.
- [The Metric AI Security is Missing](https://www.exabeam.com/blog/ten18/the-metric-ai-security-is-missing/): Traditional MTTR is incomplete for AI security. Discover why security teams should use Mean Time to Durable Improvement (MTDI) to measure real recovery after AI incidents.
- [Quantum Threats to Machine Learning Security](https://www.exabeam.com/blog/ten18/quantum-threats-to-machine-learning-the-next-security-reckoning/): Quantum computing will amplify machine learning attacks. Learn what CISOs must do now to protect AI systems.
- [Can You Detect Intent Without Identity? Securing AI Agents in the Enterprise ](https://www.exabeam.com/blog/ten18/can-you-detect-intent-without-identity-securing-ai-agents-in-the-enterprise/): Autonomous AI agents are reshaping enterprise security. Learn how to address nondeterministic identities, agent insiders, and the risks of intent without identity in modern threat detection.
- [Ransomware Detection Strategies: Interlock and Black Basta Threat Analysis](https://www.exabeam.com/blog/ten18/unpacking-recent-ransomware-campaigns-analysis-detection-strategies/): Explore how to detect and prevent modern ransomware threats like Interlock and Black Basta using layered defenses and SIEM.
- [Lessons Learned from the Treasury Department Attack: A Closer Look at Cyber Mandates](https://www.exabeam.com/blog/ten18/lessons-learned-from-the-treasury-department-attack/): Last year’s cyberattack on the Treasury Department raises important questions about the U.S. cybersecurity landscape.
- [](https://www.exabeam.com/blog/ten18/the-rise-of-script-kiddies-in-an-ai-world/): Script kiddies used to be relatively predictable, but times are changing. New attack methods require AI-enabled tools.
- [Attack of the Clones - How Generative AI Tools Are Redefining Phishing](https://www.exabeam.com/blog/ten18/attack-of-the-clones-how-generative-ai-tools-are-redefining-phishing/): Phishing has evolved. Learn how generative AI is supercharging social engineering attacks — enabling threat actors to clone websites, bypass MFA, and scale campaigns faster than ever. Watch the demo and see the risks firsthand.
- [Logging Best Practices That Can Improve Your Cybersecurity Game](https://www.exabeam.com/blog/ten18/logging-best-practices-that-can-improve-your-cybersecurity-game/): TEN18 by Exabeam breaks down their “starter set” of logs and services to implement when building an effective log management strategy.
- [Redefining M&A: A Strategic Blueprint for Tech Debt Mitigation](https://www.exabeam.com/blog/ten18/redefining-ma-a-strategic-blueprint-for-tech-debt-mitigation/): TEN18 by Exabeam breaks down their blueprint for leaders facing the many cybersecurity challenges created by mergers and acquisitions.
- [Beyond the Horizon: Navigating the Evolving Cybersecurity Landscape of 2024](https://www.exabeam.com/blog/ten18/beyond-the-horizon-navigating-the-evolving-cybersecurity-landscape-of-2024/): TEN18 by Exabeam covers how applying a Secure by Design approach can assist organizations in tackling emerging threats.
- [AI – An Innovation or Exfiltration Tool?](https://www.exabeam.com/blog/ten18/ai-an-innovation-or-exfiltration-tool/): TEN18 discusses risks and trends around AI, and advises how to maximize its innovation potential and responsible use.
- [Introducing TEN18 by Exabeam – Where Technical Knowledge Meets Business Trust](https://www.exabeam.com/blog/ten18/introducing-ten18-by-exabeam-where-technical-knowledge-meets-business-trust/): Threat actors are already developing new AI tactics for evading SOCs, and more methods are likely to emerge.
- [The Rising Threat of Compromised Credentials in State and Local Governments: The Case for UEBA](https://www.exabeam.com/blog/ten18/the-rising-threat-of-compromised-credentials-in-state-and-local-governments-the-case-for-ueba/): Detect and prevent compromised credentials in government agencies with user and entity behavior analytics (UEBA).
## Insider Threats
- [46 Insider Threat Statistics You Must Know in 2026](https://www.exabeam.com/explainers/insider-threats/46-insider-threat-statistics-you-must-know/): An insider threat is a security risk from within an organization, often involving trusted individuals with or who had access to critical systems or data.
- [Best Insider Threat Detection Tools: Top 7 in 2026](https://www.exabeam.com/explainers/insider-threats/best-insider-threat-detection-tools-top-5-this-year/): Insider threat tools are security solutions to detect, prevent, and respond to risks posed by individuals within an organization who may compromise sensitive information, systems, or processes. These tools address threats from employees, contractors, and trusted partners.
- [Compromised Credentials: Causes, Examples & Defensive Measures](https://www.exabeam.com/explainers/insider-threats/compromised-credentials-causes-examples-and-defensive-measures/): Compromised credential attacks occur when a threat actor gains unauthorized access to a system by using valid login credentials.
- [Best Insider Threat Management Software: Top 9 Solutions in 2025](https://www.exabeam.com/explainers/insider-threats/best-insider-threat-management-software-top-9-solutions-in-2025/): Insider threat software detects and mitigates risks from internal users like employees or contractors with access to company data and systems.
- [How Credential Attacks Work and 5 Defensive Measures [2025 Guide]](https://www.exabeam.com/explainers/insider-threats/how-credential-attacks-work-and-5-defensive-measures/): A credential attack is a security breach where unauthorized parties attempt to gain access to a system using stolen, guessed, or brute-forced passwords.
- [How Privilege Escalation Works and 6 Ways to Prevent It](https://www.exabeam.com/explainers/insider-threats/how-privilege-escalation-works-and-6-ways-to-prevent-it/): Privilege escalation is a security exploit or technique used by attackers to gain unauthorized access to higher-level permissions or system privileges within a computer system, network, or application.
- [Compromised Passwords: Impact and 6 Ways to Prevent Compromise](https://www.exabeam.com/explainers/insider-threats/compromised-passwords-impact-and-6-ways-to-prevent-compromise/): The term compromised passwords refers to any password that has been obtained by unauthorized parties.
- [How MFA Fatigue Attacks Work & 6 Ways to Defend Against Them](https://www.exabeam.com/explainers/insider-threats/how-mfa-fatigue-attacks-work-6-ways-to-defend-against-them/): A multi-factor authentication (MFA) fatigue attack is a type of social engineering cyberattack where the attacker repeatedly sends MFA requests to the victim.
- [Credential Stuffing](https://www.exabeam.com/explainers/insider-threats/credential-stuffing/): The term compromised passwords refers to any password that has been obtained by unauthorized parties.
- [Insider Threat Programs: 8 Tips to Build a Winning Program](https://www.exabeam.com/explainers/insider-threats/insider-threat-programs-8-tips-to-build-a-winning-program/): Learn how to build your insider threat program, with tips like determining critical assets, performing background checks, and building insider threat use cases.
- [Insider Threat Indicators: Finding the Enemy Within](https://www.exabeam.com/explainers/insider-threats/insider-threat-indicators/): Any form of irregular behavior at the system or network level that indicates suspicious activity would constitute an insider threat. There are numerous insider threat indicators. Learn how to recognize the signals.
- [What is an Insider Threat? 4 Defensive Strategies](https://www.exabeam.com/explainers/insider-threats/insider-threats/): An insider threat is a security risk that originates within an organization, when current or former employees, contractors, or partners misuse legitimate access, whether maliciously, negligently, or through compromised credentials, to harm data, IP, or critical systems.
- [Insider Threat Examples: 3 Famous Cases and 4 Preventive Measures](https://www.exabeam.com/explainers/insider-threats/insider-threat-examples/): Learn about notorious insider threat cases, and how you might be able to prevent these attacks from occurring in your organization.
- [How to Find Malicious Insiders: Tackling Insider Threats Using Behavioral Indicators](https://www.exabeam.com/explainers/insider-threats/how-to-find-malicious-insiders/): An insider threat is a malicious activity against an organization that comes from users with legitimate access to an organization’s network, applications or databases.
- [Fighting Malicious Insider Threats with Data Science](https://www.exabeam.com/explainers/insider-threats/fighting-insider-threats-with-data-science/): High-level overview of how Exabeam Security Management Platform uses data science to address insider threat detection.
## Information Security
- [Security Data Lake: Capabilities, Use Cases, Pros & Cons](https://www.exabeam.com/explainers/information-security/security-data-lake-capabilities-use-cases-pros-and-cons/): A Security Data Lake (SDL) is a scalable repository that collects and stores diverse security data (logs, network traffic, alerts, threat intel) from across an organization. It enables analytics, AI-driven threat detection, rapid incident response, and long-term threat hunting.
- [Best Insider Threat Products: Top 5 This Year](https://www.exabeam.com/explainers/information-security/best-insider-threat-products-top-5-this-year/): Insider threat products are cybersecurity solutions to detect, prevent, and mitigate risks from users within an organization.
- [Top 8 Cyber Risk Management Frameworks in 2026](https://www.exabeam.com/explainers/information-security/top-8-cyber-risk-management-frameworks-this-year/): A cyber risk management framework is a structured guide with best practices to help organizations identify, assess, prioritize, treat, and monitor cyber risks, protecting data, systems, and reputation through a repeatable process like NIST's or NCSC's steps
- [Attack Surface Analysis: How It Works & 5 Critical Best Practices](https://www.exabeam.com/explainers/information-security/attack-surface-analysis-how-it-works-and-5-critical-best-practices/): Attack surface analysis is the process of identifying, mapping, and evaluating all potential entry points (attack surfaces) where an organization's systems, applications, and data are vulnerable to cyber threats, helping security teams find weaknesses, reduce risk, and prioritize defenses.
- [Attack Surface vs Attack Vector: 4 Key Differences & Mitigations](https://www.exabeam.com/explainers/information-security/attack-surface-vs-attack-vector-4-key-differences-and-mitigations/): An attack surface is the sum of all possible entry points into a system, like open ports, software vulnerabilities, or weak passwords, while an attack vector is the specific method or path an attacker uses to exploit one of those entry points, such as a phishing email or malware.
- [Threat Hunting Tools: 3 Categories & 9 Notable Solutions in 2026](https://www.exabeam.com/explainers/information-security/threat-hunting-tools-3-categories-and-9-notable-solutions/): Threat hunting tools include Security Information and Event Management (SIEM) systems, Extended Detection and Response (XDR) solutions. Other common tools involve threat intelligence feeds, and custom scripts for specific analyses, with a range of both commercial and open-source options available.
- [Ransomware as a Service: How It Works, Examples & Defenses](https://www.exabeam.com/explainers/information-security/ransomware-as-a-service-how-it-works-examples-and-defenses/): Ransomware as a Service (RaaS) is a subscription-based business model in which cybercriminals develop and sell or lease ransomware tools and infrastructure to other threat actors, called affiliates, for a share of the profits. This has "democratized" cybercrime.
- [Best SIEM Products: Top 5 Options in 2025](https://www.exabeam.com/explainers/information-security/best-siem-products-top-5-options/): A SIEM (Security Information and Event Management) product is a software solution that aggregates and analyzes security event data from various sources within an organization's IT infrastructure. It helps in identifying potential security incidents, correlating events, and providing insights.
- [Top Ransomware Statistics and Recent Ransomware Attacks [2025]](https://www.exabeam.com/explainers/information-security/top-ransomware-statistics-and-recent-ransomware-attacks-2025/): Ransomware is a type of malicious software that encrypts files or locks users out of their systems, demanding a ransom payment to restore access.
- [Advanced Threat Protection: 5 Defensive Layers + 5 Best Practices](https://www.exabeam.com/explainers/information-security/what-is-information-security-management-and-implementing-isms-in-your-organization/): Advanced threat protection refers to security measures that protect IT systems from cyber threats.
- [Cybersecurity and Compliance: Establishing a Management Framework](https://www.exabeam.com/explainers/information-security/cybersecurity-and-compliance-establishing-a-management-framework/): The security aspect of compliance involves adhering to policies, regulations, and standards to protect data and ensure information security for organizations.
- [Advanced Threat Protection: 5 Defensive Layers + 5 Best Practices](https://www.exabeam.com/explainers/information-security/advanced-threat-protection-5-defensive-layers-and-5-best-practices/): Advanced threat protection refers to security measures that protect IT systems from cyber threats.
- [Vulnerability Management: Components, Lifecycle & Best Practices](https://www.exabeam.com/explainers/information-security/vulnerability-management-components-lifecycle-and-best-practices/): Vulnerability management is the process of identifying, assessing, and mitigating vulnerabilities in IT systems and software
- [SOC vs. CSIRT: 6 Key Differences and Which Organizations Need Both](https://www.exabeam.com/explainers/information-security/soc-vs-csirt-6-key-differences-and-which-organizations-need-both/): A SOC is a unit handling organizational security issues. A CSIRT group manages the aftermath of security breaches and significant incidents.
- [SOC vs. NOC: 6 Key Differences and Choosing One or Both](https://www.exabeam.com/explainers/information-security/soc-vs-noc-5-key-differences-and-choosing-one-or-both/): A Security Operations Center (SOC) addresses security issues, while a Network Operations Center (NOC) monitors network health and performance.
- [CSIRT vs. CERT: Similarities, Differences, and 8 Examples of CERTs](https://www.exabeam.com/explainers/information-security/csirt-vs-cert-similarities-differences-and-8-examples-of-certs/): A CSIRT responds to cybersecurity incidents, while a CERT offers services for computer security incidents in a wider context.
- [Software Supply Chain Attacks: Attack Vectors, Examples, and 6 Defensive Measures](https://www.exabeam.com/explainers/information-security/software-supply-chain-attacks-attack-vectors-examples-and-6-defensive-measures/): Supply chain attacks exploit the trust between suppliers and customers, aiming to compromise software or hardware before it reaches the end user.
- [SecDevOps: Definition, Challenges, and Best Practices](https://www.exabeam.com/explainers/information-security/secdevops-definition-challenges-and-best-practices/): SecDevOps integrates security into the DevOps process, ensuring that security is a primary consideration throughout the software development lifecycle.
- [Incident Response Playbook: 6 Key Elements, Examples, and Tips for Success](https://www.exabeam.com/explainers/information-security/incident-response-playbook-6-key-elements-examples-and-tips-for-success/): An incident response playbook is a detailed guide for security teams and automated tools, outlining the procedures to follow during cybersecurity incidents.
- [Threat Hunting vs. Threat Intelligence: Differences and Synergies](https://www.exabeam.com/explainers/information-security/threat-hunting-vs-threat-intelligence-differences-and-synergies/): Cyber threat hunting is an active information security strategy used by security analysts. It consists of searching proactively through networks for signs of attack.
- [The 12 Elements of an Information Security Policy](https://www.exabeam.com/explainers/information-security/the-12-elements-of-an-information-security-policy/): Learn what are the key elements of an information security policies and discover best practices for making your policy a success.
- [What Is Cyber Threat Hunting? Complete Guide](https://www.exabeam.com/explainers/information-security/threat-hunting-tips-and-tools/): Cyber threat hunting is an active information security strategy used by security analysts. It consists of searching proactively through networks for signs of attack.
- [Cybersecurity Mesh (CSMA): Architecture, Benefits, and Implementation](https://www.exabeam.com/explainers/information-security/cybersecurity-mesh-csma-architecture-benefits-and-implementation/): Cybersecurity mesh is a network security approach that enables the definition of security perimeters around individual devices or users rather than the entire network.
- [Cyber Kill Chain: Understanding and Mitigating Advanced Threats](https://www.exabeam.com/explainers/information-security/cyber-kill-chain-understanding-and-mitigating-advanced-threats/): Use the kill chain model to understand how Advanced Persistent Threats (APTs) conduct attacks, and how to defend against every phase of the attack.
- [What Is Information Security ? Goals, Types and Applications](https://www.exabeam.com/explainers/information-security/information-security-goals-types-and-applications/): Information security (InfoSec) is the practice of protecting sensitive data and systems from unauthorized access, disruption, modification, or destruction. It covers both physical and digital assets, keeping critical information safe, private, and compliant across the organization.
- [Defense In Depth: Stopping Advanced Attacks in their Tracks](https://www.exabeam.com/explainers/information-security/defense-in-depth-stopping-advanced-attacks-in-their-tracks/): Learn how the defense in depth model can help you stop advanced attacks involving malicious insiders, compromised accounts and lateral movement.
- [Network Segmentation: Your Last Line of Defense?](https://www.exabeam.com/explainers/information-security/network-segmentation-your-last-line-of-defense/): Learn why network segmentation is critical to preventing insider threats and lateral movement, and avoid important segmentation pitfalls.
## AI Cyber Security
- [AI Native Applications: Key Characteristics & 7 Types of Apps](https://www.exabeam.com/explainers/ai-cyber-security/ai-native-applications-key-characteristics-and-7-types-of-apps/): AI-native applications are designed from the ground up with AI as a core component, not as an add-on or afterthought. They leverage AI to drive all functionalities, making the AI integral to the application's existence and user experience.
- [NIST Risk Management Framework: Process & Critical Best Practices](https://www.exabeam.com/explainers/ai-cyber-security/nist-risk-management-framework-process-critical-best-practices/): The NIST Risk Management Framework (RMF) is a structured, seven-step process from the National Institute of Standards and Technology (NIST) for managing cybersecurity and privacy risks in information systems, guiding organizations from preparation to continuous monitoring.
- [AI Native vs AI Enabled: 5 Differences & Security Considerations](https://www.exabeam.com/explainers/ai-cyber-security/ai-native-vs-ai-enabled-5-differences-and-security-considerations/): AI-native refers to systems and applications where AI is integrated into their core design and functionality, meaning AI is not an add-on but the very foundation of the system. AI-enabled refers to systems that have AI features or capabilities added to them, often as a later enhancement
- [AI-Native Networking: 5 Principles and 5 Amazing Use Cases](https://www.exabeam.com/explainers/ai-cyber-security/ai-native-networking-5-principles-and-5-amazing-use-cases/): AI-native networking refers to computer networking systems designed from the ground up with artificial intelligence (AI) and machine learning (ML) as core components. This means AI is integrated into every aspect of the network's architecture, including control and user planes.
- [AI-Driven Cyber Security: Technologies, Examples & Best Practices](https://www.exabeam.com/explainers/ai-cyber-security/ai-driven-cyber-security-technologies-examples-and-best-practices/): OSI Layer 1, the Physical Layer, deals with the physical connection between devices, specifying the electrical, mechanical, and procedural aspects of transmitting raw bit streams (1s and 0s) over a physical medium like cables or radio waves.
- [Understanding AI Native Architecture & 4 Amazing Use Cases](https://www.exabeam.com/explainers/ai-cyber-security/understanding-ai-native-architecture-4-amazing-use-cases/): "AI-native" refers to systems, organizations, or processes built from the ground up with AI as a core component, rather than retrofitting AI into existing structures. It signifies a deep integration of AI capabilities, data-driven decision making, and a mindset where AI is integral to operations.
- [The AI-Powered SOC: Capabilities, Benefits & Best Practices](https://www.exabeam.com/explainers/ai-cyber-security/the-ai-powered-soc-capabilities-benefits-and-best-practices/): An AI-powered SOC (Security Operations Center) utilizes artificial intelligence to enhance threat detection, accelerate incident response, and improve overall security posture. It moves beyond traditional, manual-heavy SOCs by automating tasks, providing insights, and optimizing resource allocation.
- [What is Agentic AI?](https://www.exabeam.com/explainers/ai-cyber-security/agentic-ai-how-it-works-and-7-real-world-use-cases/): Agentic AI refers to autonomous AI systems that set goals, plan tasks, and take action independently to achieve an outcome with minimal human intervention. Unlike traditional AI or chatbots that only respond to prompts, agentic systems reason through complex workflows and use tools to act.
- [What Is Machine Learning in Cybersecurity?](https://www.exabeam.com/explainers/ai-cyber-security/10-ways-machine-learning-is-transforming-cybersecurity/): Machine learning (ML) in cybersecurity involves using algorithms to improve threat detection, incident response, and vulnerability assessment.
- [AI Cyber Security: Securing AI Systems Against Cyber Threats | Exabeam](https://www.exabeam.com/explainers/ai-cyber-security/ai-cyber-security-securing-ai-systems-against-cyber-threats/): AI cybersecurity refers to the use of artificial intelligence (AI) and machine learning (ML) to improve cybersecurity defenses. AI algorithms can analyze vast amounts of data, identify patterns, and detect anomalies that might indicate malicious activity.
- [AI Regulations and LLM Regulations: Past, Present, and Future](https://www.exabeam.com/explainers/ai-cyber-security/ai-regulations-and-llm-regulations-past-present-and-future/): AI regulations are a set of guidelines and rules designed to govern the development, application, and impact of artificial intelligence (AI) technologies.
- [ChatGPT in the Organization: Top Security Risks and Mitigations](https://www.exabeam.com/explainers/ai-cyber-security/chatgpt-in-the-organization-top-security-risks-and-mitigations/): LLMs, such as the models powering ChatGPT, are revolutionizing the way organizations operate across industries.
- [What Are LLMs? Top 10 Risks](https://www.exabeam.com/explainers/ai-cyber-security/llm-security-top-10-risks-and-7-security-best-practices/): LLMs, such as the models powering ChatGPT, are revolutionizing the way organizations operate across industries.
- [Artificial Intelligence (AI) vs. Machine Learning (ML): Key Differences and Examples](https://www.exabeam.com/explainers/ai-cyber-security/artificial-intelligence-ai-vs-machine-learning-ml-key-differences-and-examples/): AI refers to machines or computers performing tasks that would typically require human intelligence while ML is a subset of AI.
## SIEM Tools
- [Best SIEM for Threat Detection: Top 5 Options in 2026](https://www.exabeam.com/explainers/siem-tools/best-siem-for-threat-detection-top-5-options-this-year/): A SIEM (Security Information and Event Management) system is crucial for threat detection by collecting, analyzing, and correlating vast amounts of security data from across an IT environment (networks, endpoints, clouds, apps) to identify suspicious activities, insider threats, and complex attacks.
- [Best SIEM Products for IT Security: Top 5 Options in 2026](https://www.exabeam.com/explainers/siem-tools/best-siem-products-for-it-security-top-5-options-this-year/): Popular SIEM (Security Information and Event Management) products for IT security include, IBM QRadar, Exabeam, Microsoft Sentinel, Logpoint, Securonix, and Splunk Enterprise Security, which collect and analyze security logs to detect threats, automate responses, and help meet compliance.
- [Best SIEM for Compliance Monitoring: Top 5 in 2026](https://www.exabeam.com/explainers/siem-tools/best-siem-for-compliance-monitoring-top-5-this-year/): SIEM (Security Information and Event Management) for compliance monitoring centralizes log data, detects security anomalies, and automates reporting to help organizations meet regulations like HIPAA, PCI DSS, GDPR, and SOX by providing audit trails, real-time threat detection, and oversight.
- [Best SIEM Providers: Top 5 Vendors in 2025](https://www.exabeam.com/explainers/siem-tools/best-siem-providers-top-5-vendors/): SIEM providers are companies or platforms that deliver security information and event management (SIEM) solutions.
- [Why You Need SaaS-based SIEM and 5 Things to Look Out For](https://www.exabeam.com/explainers/siem-tools/why-you-need-saas-based-siem-and-5-things-to-look-out-for/): SaaS SIEM solutions deliver security information and event management (SIEM) capabilities as Software as a Service (SaaS) products.
- [SIEM Tools: Top 5 SIEM Platforms, Features, Use Cases and TCO](https://www.exabeam.com/explainers/siem-tools/siem-buyers-guide/): Discover Gartner’s top 6 SIEM solutions, learn about key features of modern SIEM solutions, how SIEM can solve key security pain points, and how to evaluate the total cost of a SIEM system.
- [SIEM Software: Basics, Next-Gen Features, and How to Choose](https://www.exabeam.com/explainers/siem-tools/siem-software/): Understand what to expect from Security Information and Event Management (SIEM) software - core and Next-Gen features that take SIEM to the next level.
- [Best SIEM Solutions: Top 11 SIEM systems and How to Choose 2026](https://www.exabeam.com/explainers/siem-tools/siem-solutions/): Understand SIEM core features and learn about the top 11 SIEM solutions including Exabeam, Splunk, LogRhythm and IBM QRadar.
- [Top 5 Free Open Source SIEM Tools [Updated 2025]](https://www.exabeam.com/explainers/siem-tools/7-open-source-siems/): Open Source SIEMs are compelling for new adopters because of their low cost and significant value. Which are the top open source SIEMs and how do they compare?
## Data Sheet
- [Exabeam Success Services](https://www.exabeam.com/resources/data-sheets/exabeam-success-services/): Exabeam customers can choose from three Success Services packages—Standard, Enhanced, and Signature—to accelerate platform adoption and achieve their security goals faster. Each package provides the right blend of consulting, professional services, and training to match your team’s needs and maturity.
- [Using Collectors to Onboard Data](https://www.exabeam.com/resources/data-sheets/using-collectors-to-onboard-data/): Admins and engineers will gain practical experience with Site Collectors and Cloud Collectors for onboarding both on-premises and cloud-based log data into the Exabeam Security Operations Platform.
- [Exabeam Expert as a Service Offering](https://www.exabeam.com/resources/data-sheets/exabeam-expert-as-a-service-offering/): With Exabeam EaaS, you can leverage our deep cybersecurity expertise without adding permanent, hard-to-find resources to your team.
- [Global Services Partner Program](https://www.exabeam.com/resources/data-sheets/global-services-partner-program/): Our Global Services Partner (GSP) program helps identify, accredit, and enable a select set of authorized partners to provide services delivery to our customers.
- [Insider Threat Checklist](https://www.exabeam.com/resources/data-sheets/insider-threat-checklist/): Defending against insider threats can be a challenge because users with legitimate access to an organization’s network are difficult to detect using legacy security solutions.
## Guide
- [Five Benefits of Augmenting Microsoft Sentinel with New-Scale Analytics](https://www.exabeam.com/resources/guides/five-benefits-of-augmenting-microsoft-sentinel-with-new-scale-analytics/): Enhance Microsoft Sentinel with Exabeam New-Scale Analytics. Strengthen threat detection, speed up investigations, and reduce analyst workload. Download the free guide.
- [Five Tips for Modernizing Security Operations](https://www.exabeam.com/resources/guides/5-tips-for-modernizing-a-security-operations-center/): This guide outlines a pragmatic approach that a CISO can follow to take their security operations from inefficient to efficient as quickly as possible.
- [Six Ways Exabeam Helps You Detect Compromised Credentials](https://www.exabeam.com/resources/guides/six-ways-exabeam-helps-you-detect-compromised-credentials/): Discover how Exabeam helps detect compromised credentials with behavioral baselining, real-time alerts, and automated investigation. Get the guide.
- [Insider Threats: When the Attacker Has Valid Credentials](https://www.exabeam.com/resources/guides/insider-threats-when-the-attacker-has-valid-credentials/): Download this guide today and start taking the necessary steps to protect your organization from insider threats.
- [How Exabeam Solves Eight Compromised Insider Use Cases](https://www.exabeam.com/resources/guides/how-exabeam-solves-eight-compromised-insider-use-cases/): This guide describes how Exabeam can identify and mitigate the potential risk of seven common compromised insider use cases.
- [Eight Ways Agentic AI Will Reshape the SOC](https://www.exabeam.com/resources/guides/eight-ways-agentic-ai-will-reshape-the-soc/): This guide provides a forward-looking evaluation framework for CISOs ready to invest in the next generation of security automation. It cuts through the noise to define the eight critical capabilities you must demand from any agentic AI solution to ensure it delivers durable results safely and effectively.
- [Four Emerging Phishing Techniques and How to Detect Them](https://www.exabeam.com/resources/guides/four-emerging-phishing-techniques-and-how-to-detect-them/): This guide exposes the latest phishing tactics cybercriminals use to manipulate users into engaging with malicious emails. While security professionals can recognize phishing indicators, most employees can't. And it only takes one user to compromise your organization.
- [Security Operations Center Job Description Templates](https://www.exabeam.com/resources/guides/security-operations-center-job-description-templates/): Download our job description templates to create effective listings for cybersecurity roles. Attract and retain essential security operations talent for your team.
- [Five Key Ways to Navigate XDR, EDR, NDR, and SIEM for Effective Cybersecurity](https://www.exabeam.com/resources/guides/five-key-ways-to-navigate-xdr-edr-ndr-and-siem-for-effective-cybersecurity/): Make smarter cybersecurity decisions with our guide on XDR, EDR, NDR, and SIEM. Understand their strengths, align them with your priorities, and secure your organization effectively.
- [Security First Program Template](https://www.exabeam.com/resources/guides/security-first-program-template/): Create a compelling presentation to promote a security-first mindset with our Security First Program Template.
- [AI In The War Room](https://www.exabeam.com/resources/guides/ai-in-the-war-room-how-artificial-intelligence-drives-soc-efficiency/): Discover how AI can revolutionize your security operations center (SOC), turning challenges into opportunities for enhanced security and efficiency.
- [Exabeam and Mimecast](https://www.exabeam.com/resources/guides/exabeam-and-mimecast-from-detection-to-security-insights/): Fortify email security with Exabeam and Mimecast. Detect threats, stop attacks, and gain insights for proactive defense.
- [Six Ways to Combat Credential Attacks in State and Local Government Agencies](https://www.exabeam.com/resources/guides/six-ways-to-combat-credential-attacks-in-state-and-local-government-agencies/): Discover how to protect your government agency from compromised credentials with innovative security solutions. Download our free guide today!
- [Four Reasons Healthcare Attracts Cybercriminals — And What You Can Do](https://www.exabeam.com/resources/guides/4-reasons-why-the-healthcare-industry-has-the-most-cyberattacks/): This guide empowers you with the knowledge and tools to defend your healthcare organization against the relentless onslaught of cyberthreats.
- [Business Continuity as Part of Your Incident Response Plan](https://www.exabeam.com/resources/guides/business-continuity-as-part-of-your-incident-response-plan/): This checklist outlines how to incorporate business continuity steps within your incident response (IR) plan.
## OSI Layers
- [The 7 OSI Layers: Basics, Security Considerations & Best Practices](https://www.exabeam.com/explainers/osi-layers/the-seven-osi-layers-basics-security-considerations-and-best-practices/): The OSI (Open Systems Interconnection) model consists of seven layers, each with a specific function in network communication. The layers are, from bottom to top: Physical, Data Link, Network, Transport, Session, Presentation, and Application.
- [OSI Layer 6: Core Functions, Protocols & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-6-core-functions-protocols-and-security-best-practices/): The presentation layer (Layer 6) is part of the Open Systems Interconnection (OSI) model, which divides computer networking functions into seven logical layers.
- [OSI Layer 5: Core Functions, Protocols & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-5-core-functions-protocols-and-security-best-practices/): The OSI (Open Systems Interconnection) model is a conceptual framework that standardizes the functions of a communication system into seven distinct layers.
- [TCP/IP Model Explained: Layers, Protocols & Best Practices](https://www.exabeam.com/explainers/osi-layers/tcp-ip-model-explained-layers-protocols-and-best-practices/): The TCP/IP model is a four-layered networking framework that standardizes data communication by defining protocols for data transmission, addressing, and routing, serving as the foundation for the internet and global networks. Its layers handle different aspects of communication.
- [OSI Layer Security: Layer-By-Layer Threats and Mitigations](https://www.exabeam.com/explainers/osi-layers/osi-layer-security-layer-by-layer-threats-and-mitigations/): OSI layer security applies security measures and identifies vulnerabilities across the seven layers of the Open Systems Interconnection (OSI) model, which provides a framework for network communication. Implementing a defense-in-depth strategy across these layers is crucial for network security.
- [OSI Layer Attacks: 38 Network Attacks By Layer & How to Mitigate](https://www.exabeam.com/explainers/osi-layers/osi-layer-attacks-38-network-attacks-by-layer-and-how-to-mitigate/): Attacks on the OSI model can occur at any of its seven layers, with Physical Layer attacks involving hardware tampering, Data Link Layer attacks using MAC spoofing, Network Layer attacks such as IP spoofing, Transport Layer attacks like SYN floods, and Session Layer attacks involving hijacking.
- [OSI Layer 7: Core Functions, Protocols & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-7-core-functions-protocols-and-security-best-practices/): Layer 7 of the OSI model is the Application Layer, the top layer that serves as the interface between end-user applications and network services. It enables communication for activities like web browsing and email using protocols such as HTTP, SMTP, and FTP.
- [OSI Layer 3: Core Functions, Protocols & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-3-core-functions-protocols-and-security-best-practices/): Layer 3, the Network Layer in the OSI model, is responsible for logical addressing (like IP addresses) and routing packets across different networks to enable end-to-end communication.
- [OSI Layer 4: Core Functions, Protocols & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-4-core-functions-protocols-and-security-best-practices/): Layer 4 of the OSI model is the Transport Layer, which is responsible for managing end-to-end communication between applications, ensuring the complete and reliable delivery of data. It performs segmentation, flow control, and error checking to guarantee data reaches the correct application.
- [OSI Layer 2: Core Functions, Protocols, Security & Performance](https://www.exabeam.com/explainers/osi-layers/osi-layer-2-core-functions-protocols-security-and-performance/): OSI Layer 2, the Data Link Layer, provides node-to-node data transfer across a physical network link by framing data into frames, detecting and correcting errors, and controlling access to the network media. It uses MAC addresses for local network addressing and handles flow control.
- [OSI Layer 1: Components, Technologies & Security Best Practices](https://www.exabeam.com/explainers/osi-layers/osi-layer-1-components-technologies-and-security-best-practices/): OSI Layer 1, the Physical Layer, deals with the physical connection between devices, specifying the electrical, mechanical, and procedural aspects of transmitting raw bit streams (1s and 0s) over a physical medium like cables or radio waves.
## Zero Trust
- [SASE vs. Zero Trust: 5 Differences & SASE’s Role in Your Framework](https://www.exabeam.com/explainers/zero-trust/sase-vs-zero-trust-5-differences-and-sases-role-in-your-framework/): SASE (Secure Access Service Edge) is a broader, cloud-delivered security framework that integrates network services with cloud-based security, while zero trust is a strategic security framework and a guiding principle within SASE. SASE implements zero trust principles.
- [Zero Trust Solutions: Key Components & Top 9 Options in 2026](https://www.exabeam.com/explainers/zero-trust/zero-trust-solutions-key-components-and-top-9-options/): A zero trust solution is a modern security framework and suite of technologies that operates on the principle of "never trust, always verify," continuously authenticating and authorizing every user, device, and application before granting access to resources.
- [What Is Zero Trust Network Access (ZTNA)? Tech & Best Practices](https://www.exabeam.com/explainers/zero-trust/what-is-zero-trust-network-access-ztna-tech-and-best-practices/): Zero Trust Network Access (ZTNA) is a security framework that requires strict identity verification for every user and device attempting to access applications or resources, regardless of their location. Adopting a "never trust, always verify" approach, ZTNA provides segmented access to applications
- [Zero Trust Policy: 6 Key Elements, Challenges and Best Practices](https://www.exabeam.com/explainers/zero-trust/zero-trust-policy-6-key-elements-challenges-and-best-practices/): Explore the Zero Trust Policy, focusing on continuous verification for secure access to sensitive resources.
- [Zero Trust Strategy: 3 Steps to Success](https://www.exabeam.com/explainers/zero-trust/zero-trust-strategy-3-steps-to-success/): Zero Trust is a cybersecurity model that enforces “never trust, always verify.” Every access request is verified, treating all users and systems as potential threats.
- [Zero Trust Security in Your Organization: Technology and Best Practices](https://www.exabeam.com/explainers/zero-trust/zero-trust-security-in-your-organization-technology-and-best-practices/): Zero trust is a modern cybersecurity strategy based on "never trust, always verify," meaning no user, device, or application is inherently trusted, even if inside the network. It requires strict identity verification for every access request, and grants only the minimum necessary privileges.
- [AI-Driven Zero Trust and Securing AI with Zero Trust](https://www.exabeam.com/explainers/zero-trust/ai-driven-zero-trust-and-securing-ai-with-zero-trust/): Zero trust is a cybersecurity model that discards implicit trust, regardless of network location. Instead, it requires verification for every user or device seeking access to systems, data, or resources.
- [ZTNA Solutions: Key Capabilities and 9 Options to Know in 2026](https://www.exabeam.com/explainers/zero-trust/ztna-solutions-key-capabilities-and-9-options-to-know/): ZTNA solutions provide secure remote access to enterprise applications by enforcing the "never trust, always verify" principle of zero trust, allowing only authorized users and devices to connect to specific resources based on identity and context.
- [Zero Trust vs. Least Privilege: 5 Key Differences & Synergies](https://www.exabeam.com/explainers/zero-trust/zero-trust-vs-least-privileg-5-key-differences-and-synergies/): Zero trust is a comprehensive security framework built on "never trust, always verify," while the principle of least privilege is a policy focused on granting users only the minimum necessary access for their roles.
- [Zero Trust in 2026: Principles, Technologies & Best Practices](https://www.exabeam.com/explainers/zero-trust/zero-trust-in-2026-principles-technologies-and-best-practices/): Zero trust is a security framework and mindset that operates on the principle of "never trust, always verify," requiring strict identity verification for every user and device requesting access to resources, regardless of their location.
## Cyber Threat Intelligence
- [Threat Hunting vs Incident Response: 6 Differences and Synergies](https://www.exabeam.com/explainers/cyber-threat-intelligence/threat-hunting-vs-incident-response-6-differences-and-synergies/): Threat hunting is proactive, searching for hidden, undetected threats assuming attackers are already inside. Incident response is reactive, managing known breaches by containing, eradicating, and recovering from active attacks triggered by alerts.
- [Best Threat Intelligence Providers: 7 Solutions to Know in 2026](https://www.exabeam.com/explainers/cyber-threat-intelligence/best-threat-intelligence-providers-6-solutions-to-know/): Threat intelligence providers help organizations identify, understand, and mitigate potential threats.
- [Best Threat Intelligence Services: Top 6 Solutions in 2026](https://www.exabeam.com/explainers/cyber-threat-intelligence/best-threat-intelligence-services-top-6-solutions/): Threat intelligence services collect and analyze data on potential cyber threats. These services provide organizations with insights to protect against attacks.
- [Best Threat Intelligence Software: Top 9 Solutions in 2025](https://www.exabeam.com/explainers/cyber-threat-intelligence/best-threat-intelligence-software-top-9-solutions/): Threat intelligence software collects, analyzes, and implements actionable information about potential threats to an organization’s IT infrastructure.
- [Best Threat Intelligence Solutions: Top 8 Platforms in 2025](https://www.exabeam.com/explainers/cyber-threat-intelligence/best-threat-intelligence-solutions-top-8-platforms/): Threat intelligence solutions provide organizations with the knowledge and tools to proactively identify, assess, and mitigate cyber threats. These solutions involve collecting, analyzing, and interpreting data from various sources to understand potential risks and vulnerabilities.
- [Best Insider Threat Management Software: Top 11 Solutions in 2026](https://www.exabeam.com/explainers/cyber-threat-intelligence/best-threat-intelligence-platforms-top-10-solutions-in-2025/): Insider threat software detects and mitigates risks from internal users like employees or contractors with access to company data and systems.
- [4 Types of Cyber Threat Intelligence & Using Them Effectively](https://www.exabeam.com/explainers/cyber-threat-intelligence/4-types-of-cyber-threat-intelligence-and-using-them-effectively/): Cyber threat intelligence involves collecting, analyzing, and sharing data on possible or ongoing attacks threatening an organization's digital assets.
## SOAR
- [Best SOAR Platforms for Enterprises: Top 5 Options in 2026](https://www.exabeam.com/explainers/soar/best-soar-platforms-for-enterprises-top-5-options/): SOAR (Security Orchestration, Automation, and Response) platforms for enterprises unify security tools, automate threat response via playbooks, and centralize incident management, reducing manual work and speeding up resolution
- [Best SOAR Platforms Top 5 Option in 2026](https://www.exabeam.com/explainers/soar/best-soar-platforms-top-5-option-this-year/): A SOAR (security orchestration, automation, and response) platform centralizes, automates, and simplifies security operations tasks. These tools connect disparate security solutions, collect and correlate data from multiple sources, and automate response procedures according to predefined workflows.
- [Best SOAR Tools: Top 5 Options in 2026](https://www.exabeam.com/explainers/soar/best-soar-tools-top-5-options-this-year/): SOAR tools, short for Security Orchestration, Automation, and Response, are platforms that help cybersecurity teams manage and respond to security threats more efficiently. They work by integrating security tools, automating repetitive tasks, and orchestrating complex incident response workflows.
- [Best SOAR Solutions: Top 6 Options in 2026](https://www.exabeam.com/explainers/soar/best-soar-solutions-top-5-options/): SOAR refers to Security Orchestration, Automation, and Response (SOAR), which are software platforms and processes that help organizations automate and simplify cybersecurity operations. These platforms integrate security tools, automate repetitive tasks to speed up incident response.
- [Best SOAR Systems: Top 8 Solutions in 2026](https://www.exabeam.com/explainers/soar/best-soar-systems-top-8-solutions-in-2025/): Security orchestration, automation, and response (SOAR) systems integrate and simplify security operations.
- [SOAR Platforms: Key Features and 10 Solutions to Know in 2025](https://www.exabeam.com/explainers/soar/soar-platforms-key-features-and-10-solutions-to-know/): A SOAR platform streamlines security operations by automating tasks and enhancing incident response through integrated people, processes, and technology.
- [SOAR Security in 2025: 3 Components, Benefits & Top Use Cases](https://www.exabeam.com/explainers/soar/how-soar-works-pros-cons-and-choosing-the-right-platform/): SOAR, which stands for Security Orchestration, Automation, and Response, is a set of security tools and technologies that automate and simplify security operations. It enables organizations to better manage, respond to, and resolve security incidents.
- [SOAR vs XDR: 4 Key Differences and Using Them Together](https://www.exabeam.com/explainers/soar/soar-vs-xdr-4-key-differences-and-using-them-together/): SOAR automates security tasks and incident management, while XDR unifies security tools for detection and response across endpoints, networks, and servers.
- [SIEM vs. SOAR: 6 Key Differences & Integrating SIEM with SOAR](https://www.exabeam.com/explainers/soar/siem-vs-soar-4-key-differences-amp-integrating-siem-with-soar/): SIEM is a technology that provides real-time analysis of security alerts. SOAR, is a technology that combines data collection and other tools into a single solution.
## White Paper
- [The Responsibility of Risk](https://www.exabeam.com/resources/white-papers/the-responsibility-of-risk/): The cybersecurity crisis in the United States has become so severe that President Joe Biden has reached out to the private sector to help. Other governments are taking legislative actions as well.
- [Using MITRE ATT&CK® in Threat Hunting and Detection](https://www.exabeam.com/resources/white-papers/using-mitre-attack-in-threat-hunting-and-detection/)
- [A CISO’s Guide to the New Era of Agentic AI](https://www.exabeam.com/resources/white-papers/a-cisos-guide-to-the-new-era-of-agentic-ai/): Security operations are evolving fast. Agentic AI—AI that doesn't just summarize information but actively makes decisions, recommends actions, and supports real-time security operations—is reshaping what's possible for SOC teams.
- [Implementing Australia’s Six Shields of Cybersecurity](https://www.exabeam.com/resources/white-papers/implementing-australias-six-shields-of-cybersecurity/): Australia’s Cyber Security Strategy 2023–2030 introduces the six cyber shields model—a national framework to strengthen resilience across all sectors. This white paper explains what each shield means for your organisation and how to align with evolving expectations.
- [The False Promises of Single-Vendor Security Portfolios: A Primer](https://www.exabeam.com/resources/white-papers/the-false-promises-of-single-vendor-security-portfolios-a-primer/): This primer breaks down the pitfalls of single-vendor security portfolios and why CISOs should push back against “good enough” solutions.
- [Improving Security Posture Using the MITRE ATT&CK Framework](https://www.exabeam.com/resources/white-papers/using-the-mitre-attck-framework-to-boost-ransomware-defenses/): Learn about the NIS2 Directive and its requirements for cybersecurity. Download our whitepaper for practical steps and risk management strategies.
- [Separating the Myth of NIS2: A Guide For CISOs and IT Security Directors](https://www.exabeam.com/resources/white-papers/separating-the-myth-of-nis2-a-guide-for-cisos-and-it-security-directors/): Learn about the NIS2 Directive and its requirements for cybersecurity. Download our whitepaper for practical steps and risk management strategies.
- [Deep-Dive Analysis of Multifactor Authentication Fatigue Attacks](https://www.exabeam.com/resources/white-papers/deep-dive-analysis-of-multifactor-authentication-fatigue-attacks/): Learn about the growing threat of Multifactor Authentication Fatigue Attacks and how cybercriminals use this tactic to bypass security measures.
- [Modernizing Your SOC Strategy](https://www.exabeam.com/resources/white-papers/modernizing-your-soc-strategy/): Develop a winning SOC strategy to address modern cybersecurity challenges. Learn how to optimize people, processes, and technology for maximum efficiency.
- [Taking a Programmatic Approach to Threat Hunting: A Primer](https://www.exabeam.com/resources/white-papers/taking-a-programmatic-approach-to-threat-hunting-a-primer/): Take a proactive stance against cyber threats with threat hunting. Learn effective strategies to detect and respond to threats that evade traditional detection methods.
- [The Cost of Compromise: Why CISOs Should Reject “Good Enough” Security](https://www.exabeam.com/resources/white-papers/the-cost-of-compromise-why-cisos-should-reject-good-enough-security/): Discover the pitfalls of 'good enough' security and why a best-of-breed approach is crucial for protecting your organization against evolving threats.
- [Insider Risk Management](https://www.exabeam.com/resources/white-papers/insider-risk-management-adapting-to-the-evolving-security-landscape/): This eBook is ideal for anyone involved in managing their organization's security. With this expert guide, you can start tackling an insider risk management problem today.
- [A CISO’s Guide to Defender Alignment](https://www.exabeam.com/resources/white-papers/a-cisos-guide-to-defender-alignment/): Learn to align your security operations with defender behaviors & improve your cybersecurity program's efficacy. Download the paper for strategies and insights.
- [Preventing Insider Threats with UEBA](https://www.exabeam.com/resources/white-papers/exabeam-for-insider-threat/): Learn how a user and entity behavior analytics (UEBA) solution can detect insider threats early to prevent data loss.
- [Keys to the Kingdom: Guidance for Effective Zero Trust Architecture](https://www.exabeam.com/resources/white-papers/keys-to-the-kingdom-guidance-for-effective-zero-trust-architecture/): Protect your organization from costly security breaches with Zero Trust Architecture (ZTA). Download our comprehensive guide now.
- [Using a Layered Approach to Improve Ransomware Detection and Response](https://www.exabeam.com/resources/white-papers/using-a-layered-approach-to-improve-ransomware-detection-and-response/): The Exabeam Security Research Team reviewed the characteristics of four recent ransomware attacks. This white paper details what they learned from their analysis about the optimal way to protect your organization.
## Report
- [From Adoption to Accountability: The New Economics of AI in Cybersecurity](https://www.exabeam.com/resources/reports/from-adoption-to-accountability-the-new-economics-of-ai-in-cybersecurity/): Learn how to justify AI cybersecurity investments and prove business value to your board. Exabeam's new global research report reveals key metrics for security leaders to defend AI budgets, reduce risk, and connect security spending to measurable business outcomes.
- [From Human to Hybrid: How AI and the Analytics Gap Are Fueling Insider Risk](https://www.exabeam.com/resources/reports/from-human-to-hybrid-how-ai-and-the-analytics-gap-are-fueling-insider-risk/): Insider threats have surpassed external attacks, and AI is making them faster, stealthier, and harder to detect. Our global survey of 1,010 cybersecurity professionals reveals the scale of the risk, the attack vectors most impacted by AI, and why most organizations still can’t see it coming.
- [From Hype to Help: How AI Is (Really) Transforming Cybersecurity in 2025](https://www.exabeam.com/resources/reports/how-ai-is-transforming-cybersecurity-in-2025/): This new global report from Exabeam, based on a survey of 1,000 cybersecurity professionals across 17 countries, reveals a growing disconnect between leadership optimism and analyst reality when it comes to artificial intelligence in the SOC.
- [2024 State of the Security Team Research](https://www.exabeam.com/resources/reports/2024-state-of-the-security-team-research/): Discover the latest cybersecurity trends and research findings. Learn how security teams are adapting to digital challenges and the importance of strong communication.
- [Exabeam State of Threat Detection, Investigation, and Response Report](https://www.exabeam.com/resources/reports/2023-tdir-global-report/): Get your copy today to read more about the latest TDIR challenges and trends.
- [Exabeam State of Threat Detection, Investigation, and Response Report](https://www.exabeam.com/resources/reports/2023-tdir-global-report-na-summary/): This report highlights high confidence and good progress on TDIR, the growing importance of AI and automation, and the challenges faced in detecting and preventing security incidents.
- [Exabeam State of Threat Detection, Investigation, and Response Report](https://www.exabeam.com/resources/reports/2023-tdir-global-report-we-summary/): This report highlights high confidence and good progress on TDIR, the growing importance of AI and automation, and the challenges faced in detecting and preventing security incidents.
- [Exabeam State of Threat Detection, Investigation, and Response Report](https://www.exabeam.com/resources/reports/exabeam-state-of-threat-detection-investigation-and-response-report/): This report highlights high confidence and good progress on TDIR, the growing importance of AI and automation, and the challenges faced in detecting and preventing security incidents.
## Exabeam Security Investigation
- [Three Essentials for Modern Detection and Response](https://www.exabeam.com/resources/white-papers/three-essentials-for-modern-threat-detection-and-response/): This white paper will help your SOC team implement an effective and robust detection and response program that can deliver immediate and successful outcomes.
- [The Ultimate Guide to Threat Detection, Investigation, and Response (TDIR)](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-threat-detection-investigation-and-response-tdir/): Elevate your cybersecurity strategy and improve your security team’s efficiency and effectiveness. Get your copy now.
- [Evasion](https://www.exabeam.com/resources/briefs/evasion/): Exabeam helps security teams outsmart adversaries taking evasive actions with the support of automation and use case content across the full analyst workflow, from collection to response.
- [Spotlight21: Exabeam Risk-based Investigations Unleashed for the Exabeam Power User](https://www.exabeam.com/resources/videos/spotlight21-exabeam-risk-based-investigations-unleashed-for-the-exabeam-power-user/): In this session, Exabeam experts provide tips, tricks, and best practices to supercharge your risk-based investigations.
- [Data Exfiltration](https://www.exabeam.com/resources/briefs/data-exfiltration/): Exabeam helps security teams outsmart adversaries using data exfiltration with the support of automation and use case content across the full analyst workflow, from detection to response.
## UEBA
- [Zero Trust vs VPN: 7 Key Differences & How to Choose](https://www.exabeam.com/explainers/ueba/zero-trust-vs-vpn-7-key-differences-how-to-choose/): Zero trust focuses on verifying every access attempt to specific resources, assuming no inherent trust, whereas VPNs grant broad network access after a single initial authentication, creating a "trusted tunnel" that can be less secure if compromised.
- [UEBA Tools for Enterprises](https://www.exabeam.com/explainers/ueba/ueba-tools-for-enterprises/): For enterprises, UEBA (User and Entity Behavior Analytics) tools use machine learning and advanced analytics to detect anomalous user and entity activity that traditional security tools might miss. By establishing a baseline of "normal" behavior, UEBA solutions can identify potential threats.
- [The Missing Memory in Your Security Stack: How Attackers Exploit Stateless Systems](https://www.exabeam.com/blog/ueba/the-missing-memory-in-your-security-stack-how-attackers-exploit-stateless-systems/): Stateless detection is failing. Learn why a stateful approach is essential for catching today's advanced cyberattacks.threatdetection, UEBA, XDR, exabeam,
- [Best UEBA Software: Top 5 Options in 2026](https://www.exabeam.com/explainers/ueba/best-ueba-software-top-5-options/): UEBA (User and Entity Behavior Analytics) software is a cybersecurity solution that uses machine learning and behavioral analytics to detect threats, including insider threats and account takeovers, by establishing a baseline of normal user and entity behavior and then flagging deviations.
- [Seeing the Invisible: Visualizing and Protecting AI-Agent Activity with Exabeam & Google ](https://www.exabeam.com/blog/ueba/seeing-the-invisible-visualizing-and-protecting-ai-agent-activity-with-exabeam-google/): AI agents must be visible and protected from doing harm in the same way as more traditional entities.
- [From Rules to Models: The Future of Modern Threat Detection](https://www.exabeam.com/blog/ueba/your-siem-rules-cant-keep-up-its-time-for-a-behavior-based-defense/): SIEM rules can’t keep up with advanced threats. Learn how behavioral analytics and machine learning build a smarter, adaptive defense.
- [Catching the Quiet Threats: When Normal Isn’t Safe | Exabeam New-Scale Analytics](https://www.exabeam.com/blog/ueba/catching-the-quiet-threats-when-normal-isnt-safe/): New-Scale Analytics detects hidden risks with behavioral baselines and dynamic risk scoring.
- [Bring Your Own SIEM: Upgrade Detection and Response With New-Scale Analytics](https://www.exabeam.com/blog/ueba/bring-your-own-siem-upgrade-detection-and-response-with-new-scale-analytics/): Boost threat detection and analyst productivity by adding behavioral analytics and AI to your existing SIEM.
- [Faster Threat Investigations With AI and Machine-Learned Detection](https://www.exabeam.com/blog/ueba/accelerate-threat-investigations-with-machine-learned-detection-and-ai-powered-assistance/): Discover how Exabeam combines machine-learned threat detection and built-in AI agents to reduce noise, speed triage, and simplify threat investigations.
- [](https://www.exabeam.com/blog/ueba/ueba-vs-itdr-itdr-will-catch-the-login-ueba-will-catch-the-attack/): Understand the key differences between UEBA and ITDR and why full-spectrum detection matters.
- [](https://www.exabeam.com/blog/ueba/scattered-spider-and-the-new-blueprint-for-cloud-native-endpoint-evasive-cyber-attacks/): Learn how UEBA detects threats like Scattered Spider that evade traditional tools in cloud-native environments.
- [Behavior Anomaly Detection: Techniques & Best Practices](https://www.exabeam.com/explainers/ueba/behavior-anomaly-detection-techniques-and-best-practices/): Behavior anomaly detection involves identifying patterns in data that do not conform to established norms.
- [Your SIEM is Lying to You: Why You Need UEBA to Uncover the Truth ](https://www.exabeam.com/blog/ueba/your-siem-is-lying-to-you-why-you-need-ueba-to-uncover-the-truth/): Correlation rules alone can no keep up. UEBA powered by machine learning is no longer “nice to have”—it is essential.
- [NIS2 Expands Its Scope for EU Entities](https://www.exabeam.com/blog/ueba/nis2-expands-its-scope-for-eu-entities/): Understand the changes with the NIS2 directive. Discover how Exabeam supports the EU initiative to help drive NIS2 adherence and increase cybersecurity resilience.
- [Aligning With DORA for Financial Entities in the EU](https://www.exabeam.com/blog/ueba/aligning-with-dora-for-financial-entities-in-the-eu/): Discover how Exabeam supports EU financial entities in achieving DORA compliance, fortifying cybersecurity resilience.
- [UEBA Tools: Key Capabilities and 7 Tools You Should Know](https://www.exabeam.com/explainers/ueba/ueba-tools-key-capabilities-and-7-tools-you-should-know/): UEBA tools are software systems that use machine learning and statistical methodologies to identify anomalous behavior or instances within a network.
- [What Is UEBA and Why It Should Be an Essential Part of Your Incident Response](https://www.exabeam.com/explainers/ueba/what-is-ueba-and-why-it-should-be-an-essential-part-of-your-incident-response/): Quickly get up to speed on the emerging field of User and Entity Behavior Analytics (UEBA) and how information security organizations are utilizing it. Security teams are increasingly shifting towards tying technologies like UEBA to their conventional SIEMs and other legacy prevention systems.
- [UEBA (User and Entity Behavior Analytics): Complete 2025 Guide](https://www.exabeam.com/explainers/ueba/what-ueba-stands-for-and-a-5-minute-ueba-primer/): UEBA, which stands for User and Entity Behavior Analytics, is a cybersecurity technology that analyzes user and entity behavior to detect anomalous and potentially malicious activities. It goes beyond traditional security measures by focusing on patterns of behavior, not just known threats.
- [Introducing Threat Detection, Investigation, and Response (TDIR) for Public Cloud](https://www.exabeam.com/blog/ueba/introducing-threat-detection-investigation-and-response-tdir-for-public-cloud/): Exabeam gives security analysts visibility into IaaS activity for easy threat detection, investigation, and response.
- [Demystifying Insider Threats: An Insightful Discussion](https://www.exabeam.com/blog/ueba/demystifying-insider-threats-an-insightful-discussion/): Explore insider threats, Exabeam UEBA for detection, and proactive cybersecurity strategies.
- [I Don’t Like to MOVEit MOVEit!](https://www.exabeam.com/blog/ueba/i-dont-like-to-moveit-moveit/): Guide to MOVEit vulnerabilities: how they're exploited, affected products, indicators of attacks, and Exabeam's detection solutions.
- [Maximizing Your Cybersecurity Investment: Evaluating and Implementing Effective UEBA Solutions](https://www.exabeam.com/blog/ueba/maximizing-your-cybersecurity-investment-evaluating-and-implementing-effective-ueba-solutions/): Learn key factors to evaluate and select the right UEBA solution for your organization.
- [Uncovering the Mechanisms of UEBA: Machine Learning and Its Applications in Cybersecurity](https://www.exabeam.com/blog/ueba/uncovering-the-mechanisms-of-ueba-machine-learning-and-its-applications-in-cybersecurity/): Uncover the powerful connection between UEBA and machine learning for security.
- [Understanding UEBA: The Key to Strengthening Your Cybersecurity Strategy](https://www.exabeam.com/blog/ueba/understanding-ueba-the-key-to-strengthening-your-cybersecurity-strategy/): Explore UEBA fundamentals and its role in enhancing your cybersecurity posture.
- [Holidays and Insider Threats — Exabeam Answers Questions From the Field](https://www.exabeam.com/blog/ueba/holidays-and-insider-threats-exabeam-answers-questions-from-the-field/): The holidays can increase insider threat risks. Security operations teams need the tools to detect suspicious behavior.
- [How Does Exabeam Improve Your Security Environment?](https://www.exabeam.com/blog/ueba/how-does-exabeam-improve-your-security-environment/): Exabeam UEBA and its use-case methodology help to improve your security environment.
- [Understanding UEBA: From Scored Events to Stories](https://www.exabeam.com/blog/ueba/understanding-ueba-from-scored-events-to-stories/): Security knowledge, machine learning, and algorithms supported by a cloud-native infrastructure enable end-to-end UEBA.
- [Understanding UEBA: From Raw Events to Scored Events](https://www.exabeam.com/blog/ueba/understanding-ueba-from-raw-events-to-scored-events/): How Exabeam turns volumes of security and network events into alerts with risk scores for prioritization.
- [Exabeam Alert Triage with Dynamic Alert Prioritization Now Available in Exabeam Fusion and Exabeam Security Investigation](https://www.exabeam.com/blog/ueba/exabeam-alert-triage-with-dynamic-alert-prioritization-now-available-in-exabeam-fusion-and-exabeam-security-investigation/): Exabeam Alert Triage with Dynamic Prioritization helps support the SOC alert triage process.
- [Building a UEBA Risk Engine](https://www.exabeam.com/blog/ueba/building-a-ueba-risk-engine/): Technical and knowledge components that make UEBA possible, from a data scientist’s perspective.
- [Organizational Downsizing and Insider Threats: Detecting the Undetectable to Reduce Risk](https://www.exabeam.com/blog/ueba/organizational-downsizing-and-insider-threats-detecting-the-undetectable-to-reduce-risk/): Exabeam helps insider threat teams monitor, detect, investigate, respond, and report on malicious insider behavior.
- [The What and How of Evaluating UEBA Under the Hood](https://www.exabeam.com/blog/ueba/the-what-and-how-of-evaluating-ueba-under-the-hood/): Considerations for assessing user and entity behavior analytics (UEBA) technologies from a data scientist’s perspective.
- [Guide to Evaluating UEBA: Top 10 Criteria](https://www.exabeam.com/blog/ueba/guide-to-evaluating-ueba-top-10-criteria/): Guide to the top 10 criteria for comparing different vendor implementations of user and entity behavior analytics (UEBA).
- [A Crash Course on Security Analytics — And How to Spot Fake UEBA From a Mile Away](https://www.exabeam.com/blog/ueba/a-crash-course-on-security-analytics-and-how-to-spot-fake-ueba-from-a-mile-away/): How security analytics can help detect, investigate, and respond to threats and incidents, and how to spot fake UEBA.
- [Exabeam in Action: Stopping Lapsus$ in Their Tracks](https://www.exabeam.com/blog/ueba/exabeam-in-action-stopping-lapsus-in-their-tracks/): Exabeam helped a customer identify, investigate, and remove the Lapsus$ criminal hacking group from their environment.
- [Ransomware: Bigger, Better, and Still Going Strong](https://www.exabeam.com/blog/ueba/ransomware-bigger-better-and-still-going-strong/): Precautionary measures organizations must take to detect ransomware attacks as they emerge so they can respond quickly.
- [The Benefits of UEBA Technology with Industry Experts at the Helm](https://www.exabeam.com/blog/ueba/the-benefits-of-ueba-technology-with-industry-experts-at-the-helm/): UEBA and managed detection and response (MDR) vendors can work together to detect and investigate cyberthreats.
- [An Outcome-based Approach to Use Cases: Solving Lateral Movement](https://www.exabeam.com/blog/ueba/an-outcome-based-approach-to-use-cases-solving-for-lateral-movement/): Exabeam solves for the lateral movement use case, supporting the full analyst workflow, from detection through response.
- [The Battle Against Insider Threats and Why You Need Behavior-based Cybersecurity Strategies](https://www.exabeam.com/blog/ueba/the-battle-against-insider-threats-and-why-you-need-behavior-based-cybersecurity-strategies/): When you miss insider threats, the impact can be severe. Insider threats require a comprehensive cybersecurity strategy.
- [You Can’t Defend What You Can’t See: The Top Three Questions for Every CISO](https://www.exabeam.com/blog/ueba/you-cant-defend-what-you-cant-see-the-top-three-questions-for-every-ciso/): The three most important questions every CISO needs to answer regarding security operations.
- [Exposing Malicious Insider Threats: The Advantages of Using a Behavior-based Approach](https://www.exabeam.com/blog/ueba/exposing-malicious-insider-threats-the-advantages-of-using-a-behavior-based-approach/): It’s likely your organization faces exposure to insider threats — and it’s probably larger than you’ve anticipated.
- [Fantastic Attack Types and How to Find Them](https://www.exabeam.com/blog/ueba/fantastic-attack-types-and-how-to-find-them/): Having a full timeline of any attack, clear tracks and paths to know the scope of damage, and advice on how to proceed will win all the accolades and appreciation any beast hunter could desire.
- [Next-Gen UEBA for Reduced Complexity and Better Accuracy](https://www.exabeam.com/blog/ueba/next-gen-ueba-for-reduced-complexity-and-better-accuracy/): UEBA is using more machine learning that makes it simpler to use and maintain, while achieving better accuracy.
- [Security Big Data Analytics: Past, Present and Future](https://www.exabeam.com/blog/ueba/security-big-data-analytics-past-present-and-future/): Security big data analytics is a rising force that helps security analysts and vendors do more with log and event data.
- [Attack Beasts and How to Find Them](https://www.exabeam.com/blog/ueba/attack-beasts-and-how-to-find-them/): Having a full timeline of any attack, clear tracks and paths to know the scope of damage, and advice on how to proceed will win all the accolades and appreciation any beast hunter could desire.
- [What’s the Big Deal with Big Data Analytics?](https://www.exabeam.com/blog/ueba/whats-the-big-deal-with-big-data-analytics/): An introduction to big data analytics, who’s using it, what its benefits are, and which technologies enable it.
- [What is Security Analytics?](https://www.exabeam.com/blog/ueba/what-is-security-analytics/): Security analytics benefits and capabilities, and how it works.
- [Using Advanced Analytics to Detect and Stop Threats](https://www.exabeam.com/blog/ueba/using-advanced-analytics-to-detect-and-stop-threats/): Keeping track of cyberthreats isn’t easy but the MITRE ATT&CK knowledge base can help. MITRE works to keep the public safe across industries and disciplines including technology and cybersecurity.
- [Understanding Insider Threat Detection Tools](https://www.exabeam.com/blog/ueba/understanding-insider-threat-detection-tools/): Insider threat detection tools are discussed In this article. You will learn about three different tools and methods that can help you detect insider threat: Employee monitoring Data lLoss prevention User and entity behavior analytics.
- [What the Twitter Attack Teaches Us About Manipulated Insiders](https://www.exabeam.com/blog/ueba/what-the-twitter-attack-teaches-us-about-manipulated-insiders/): The most disturbing aspect of the recent Twitter attack is what the breach exposed about the site’s security weaknesses: in addition to the hundreds of employees with the authority to change account settings, outside contractors also had access to change settings.
- [“This meeting is being recorded”](https://www.exabeam.com/blog/ueba/this-meeting-is-being-recorded/): Zoom risks and how organizations can address the specific example of an insider threat or malicious actor snooping on Zoom meetings.
- [Detecting Credential Stuffing Attacks and Lateral Movement](https://www.exabeam.com/blog/ueba/detecting-credential-stuffing-attacks-and-lateral-movement/): Credential stuffing is a brute force attack where cybercriminals use the stolen information for illicit activities, including account takeovers, phishing, and spam. Here's how you can protect yourself against lateral movement.
- [Securing Your Remote Workforce, Part 4: How to Detect Fraudulent Logins and Policy Violations Using UEBA](https://www.exabeam.com/blog/ueba/securing-your-remote-workforce-part-4-how-to-detect-fraudulent-logins-and-policy-violations-using-ueba/): In part four of our five-post series we discuss briefly how fraudulent logins affect enterprises and how enterprises can utilize modern analytics technology to detect these fraudulent logins and any policy violations.
- [Political Campaigns and Phishing: Five Things Campaign Staff Can Do to Stay Safe](https://www.exabeam.com/blog/ueba/political-campaigns-and-phishing-five-things-campaign-staff-can-do-to-stay-safe/): Political campaigns and phishing: campaign staff are easy targets for social engineering attacks. Her are five things campaign staff can do to stay safe.
- [Behavioral Profiling: The Foundation of Modern Security Analytics](https://www.exabeam.com/blog/ueba/behavioral-profiling-the-foundation-of-modern-security-analytics/): Learn how behavioral profiling helps security systems go beyond what they know, identify anomalous behavior and help organizations respond.
- [Strategies for Protecting IoT Devices: Behavior Analytics, Vulnerability Scanning and EDR](https://www.exabeam.com/blog/ueba/strategies-for-protecting-iot-devices-behavior-analytics-vulnerability-scanning-and-edr/): Using the tools covered here, you can ensure that your security team is alerted as soon as an issue arises.
- [Privilege Escalation Detection: The Key to Preventing Advanced Attacks](https://www.exabeam.com/blog/ueba/privilege-escalation-detection-the-key-to-preventing-advanced-attacks/): Learn how privilege escalation works, how to prevent it, and how you can better defend against lateral movement and advanced persistent threats (APT).
- [Detecting Lateral Movement and Credential Switching: Human vs. Machine](https://www.exabeam.com/blog/ueba/detecting-lateral-movement-and-credential-switching-human-vs-machine/): Teams need smart, data-enriched timelines with contextual insights to surface attacks that involve lateral movement. This is where machine learning shines within the Exabeam Advanced Analytics platform.
- [How Financial Institutions Can Leverage UEBA: FDIC Vacation Policy Use Case ](https://www.exabeam.com/blog/ueba/how-financial-institutions-can-leverage-ueba-fdic-vacation-policy-use-case/): UEBA can enhance threat detection by using machine learning to provide insights into anomalous behavior and resulting potential threats.
- [5 Top Benefits of UEBA and Machine Learning ](https://www.exabeam.com/blog/ueba/5-top-benefits-of-ueba-and-machine-learning/): Organizations need to approach cybersecurity threats using an in-depth security methodology. UEBA enhanced with machine learning can deliver stronger security.
- [Insider Threat Awareness Month: Top 4 Concerns](https://www.exabeam.com/blog/ueba/insider-threat-awareness-month-top-4-concerns/): National Insider Threat Awareness Month will promote awareness of the top threats facing your business today. Here are a few of the biggest concerns security experts have when it comes to insider threats.
- [How UEBA Enhances Threat Detection in Financial Institutions](https://www.exabeam.com/blog/ueba/how-ueba-enhances-threat-detection-in-financial-institutions/): This post is a quick refresher on threat detection and user and entity behavior and how they are linked.
- [A Look at the Capital One Data Breach Through the Lens of MITRE ATT&CK](https://www.exabeam.com/blog/ueba/a-look-at-the-capital-one-data-breach-through-the-lens-of-mitre-attck/): Capital One’s well-documented attack shows the many tactics and techniques that are used by an attacker.
- [Detecting Anomalous Activity in Financial SWIFT Transactions With Machine Learning and Behavioral Analytics](https://www.exabeam.com/blog/ueba/detecting-anomalous-activity-in-financial-swift-transactions-with-machine-learning-and-behavioral-analytics/): In this post, we’ll look at how the SWIFT network works, review documented fraud use cases, and show what financial institutions can do to prevent SWIFT fraud.
- [Threat Detection and Response: How to Stay Ahead of Advanced Threats](https://www.exabeam.com/blog/ueba/threat-detection-and-response-how-to-stay-ahead-of-advanced-threats/): Threat detection is the number one priority for cybersecurity teams. If you don’t even see the bad guys in your network, you will not be able to respond appropriately.
- [Lessons from the Baltimore and Cleveland Airport Ransomware Attacks](https://www.exabeam.com/blog/ueba/lessons-from-the-baltimore-and-cleveland-airport-ransomware-attacks/): Ransomware attacks are increasing and are expected to cause more than $20 billion in damages by the end of 2021.
- [User Behavior Analytics (UBA/UEBA): The Key to Uncovering Insider and Unknown Security Threats](https://www.exabeam.com/blog/ueba/user-behavior-analytics-uba-ueba-the-key-to-uncovering-insider-and-unknown-security-threats/): Adding UEBA to SIEM gives security benefits by combining the breadth of data accessed by a SIEM with advanced analytics.
- [The New Breed of “Fileless Malware” and How It Can Be Stopped with Behavioral Analytics and Machine Learning](https://www.exabeam.com/blog/ueba/the-new-breed-of-fileless-malware-and-how-it-can-be-stopped-with-behavioral-analytics-and-machine-learning/): Read about the new genus of malware that has emerged that breaks the rules of traditional detection and defense methods. Called fileless malware, it's unlike other breeds of malware that require the installation of software on a victim’s machine.
- [What UEBA Stands For (And a 5-Minute UEBA Primer)](https://www.exabeam.com/blog/ueba/what-ueba-stands-for-and-a-5-minute-ueba-primer/): UEBA stands for User and Entity Behavior Analytics. We explain every word of the acronym and provide a 5-minute primer with everything you need to know about UEBA.
- [How UEBA Overcomes 5 Hurdles to Achieving Effective Security and Incident Response](https://www.exabeam.com/blog/ueba/how-ueba-overcomes-5-hurdles-to-achieving-effective-security-and-incident-response/): How will organizations spend their increased cybersecurity budgets? Most need to invest in new technology to achieve effective network security and incident response (IR).
- [Using Modern Threat Hunting for a More Effective Investigation of Cyber Threats](https://www.exabeam.com/blog/ueba/using-modern-threat-hunting-for-a-more-effective-investigation-of-cyber-threats/): Using modern threat hunting techniques, security analysts can more easily and effectively pinpoint specific threats and expose all the related activities that bad actors might be using to attack your infrastructure.
- [What We Can Learn from the PGA Ransomware Attack](https://www.exabeam.com/blog/ueba/what-we-can-learn-from-the-pga-ransomware-attack/): Ransomware attacks often target victims with high-value, unstructured data. In this case it was the PGA Championship and Ryder Cup files consisting of marketing materials such as PGA banners, logos, and signage, which are the type of files that organizations frequently don’t back up properly.
- [Using Deep Learning to Reduce the Security Risks of Unmanaged Devices](https://www.exabeam.com/blog/ueba/using-deep-learning-to-reduce-the-security-risks-of-unmanaged-devices/): Device outliers—particularly those having arbitrary names without official or unofficial naming peers—are most likely unmanaged and unauthorized. They require analyst attention, but can your security teams immediately identify these outlier devices? Deep learning can provide some solutions.
- [Introducing Behavioral Analysis for Devices – Exabeam Entity Analytics](https://www.exabeam.com/blog/ueba/introducing-behavioral-analysis-for-devices-exabeam-entity-analytics/): This week we announced Exabeam Entity Analytics, a product that analyzes the behavior of machines and devices instead of users. Why would you need this? Well, to start with, IoT.
- [Announcing Exabeam Advanced Analytics Version 3.3](https://www.exabeam.com/blog/ueba/announcing-exabeam-advanced-analytics-version-3-3/): We are thrilled to announce the general availability of the latest version of Exabeam Advanced Analytics (AA), our User and Entity Behavior Analytics solution.
- [User Behavior Anomaly Detection Meets Distributed Computing](https://www.exabeam.com/blog/ueba/user-behavior-anomaly-detection-meets-distributed-computing/): User Entity Behavior Analytics (UEBA) analyzes log data from different sources in order to find anomalies in users’ or entities’ behaviors.
- [Breaking Down Barriers To Effective Cyber Defense with UEBA](https://www.exabeam.com/blog/ueba/breaking-down-barriers-to-effective-cyber-defense-with-ueba/): In addition to threat detection, User and Entity Behavior Analytics (UEBA) also helps IT security practitioners streamline security programs.
- [A User and Entity Behavior Analytics Scoring System Explained](https://www.exabeam.com/blog/ueba/a-user-and-entity-behavior-analytics-scoring-system-explained/): How risk assessment for UEBA (user entity behavior analytics) works is not unlike how humans assess risk in our surrounding environment.
- [Who Do I Belong To? Dynamic Peer Analysis for UEBA Explained](https://www.exabeam.com/blog/ueba/who-do-i-belong-to-dynamic-peer-analysis-for-ueba-explained/): What constitutes a user’s peer group and how do we design a peer-based scoring framework? In this blog, I address these practical questions from a data science perspective.
- [How to Leverage Behavioral Analytics to Reduce Insider Threat](https://www.exabeam.com/blog/ueba/how-to-leverage-behavioral-analytics-to-reduce-insider-threat-your-questions-answered/): A few of the topics discussed in our recent webinar How UEBA Technology Can Improve Insider Threat detection.
- [A User and Entity Behavior Analytics System Explained – Part 3](https://www.exabeam.com/blog/ueba/a-user-and-entity-behavior-analytics-system-explained-part-3/): In this blog, let’s explore more use cases and examples where machine learning applies.
- [A User and Entity Behavior Analytics System Explained – Part 2](https://www.exabeam.com/blog/ueba/a-user-and-entity-behavior-analytics-system-explained-part-2/): Expert-driven statistical modeling is a key and core component of an anomaly detection system. It is intuitive and easy to use and understand for analysts of all levels.
- [A User and Entity Behavior Analytics System Explained – Part 1](https://www.exabeam.com/blog/ueba/a-user-and-entity-behavior-analytics-system-explained-part-1/): A UEBA system such as Exabeam’s monitors network entities’ behaviors in an enterprise and flags behaviors that deviate from the norm. While the benefits are understandable, there are many challenges.
- [Exabeam User and Entity Behavior Analytics Solution Certified with HP ArcSight](https://www.exabeam.com/blog/ueba/exabeam-user-and-entity-behavior-analytics-solution-certified-with-hp-arcsight/): Today we are excited to add HP ArcSight Enterprise Security Management to our list of supported SIEM solutions.
- [Data Science And Stateful User Tracking: The Two Key UBA Enablers](https://www.exabeam.com/blog/ueba/data-science-and-stateful-user-tracking-the-two-key-uba-enablers/): A big topic at recent security conferences has been the use of user behavior analytics (UBA) to assess cybersecurity risk.
- [Data Science, Engineering and Security: 3 Legs of User Behavior Analytics](https://www.exabeam.com/blog/ueba/data-science-engineering-and-security-3-legs-of-user-behavior-analytics/): While the goals and benefits of UBA are becoming understood, here let me offer my perspectives on the components of UBA.
- [User Behavior Analytics: Automated Storytelling for Incident Response](https://www.exabeam.com/blog/ueba/user-behavior-analytics-automated-storytelling-for-incident-response/): When the CEO has to write a letter to the public, it is the worst thing that can happen to a company. Why? Because it is about delivering bad news in the apologetic tone and the damage has already been done.
- [Cyber Insurance, User Behavior Intelligence and Lower Costs](https://www.exabeam.com/blog/ueba/cyber-insurance-user-behavior-intelligence-and-lower-costs/): Having a strategy for detecting attackers that get past initial defenses using account take-over and user impersonation must be a consideration when calculating the cost of a policy covering data breaches.
- [The Five Stages of User Behavior Intelligence Acceptance](https://www.exabeam.com/blog/ueba/the-five-stages-of-user-behavior-intelligence-acceptance/): Exabeam, a user behavior intelligence solution, applies dynamic behavior modeling to find credentials that are exhibiting anomalous behaviors.
- [Exabeam: Get User Behavior Intelligence in 2015](https://www.exabeam.com/blog/ueba/exabeam-get-user-behavior-intelligence-in-2015/): For every company, the first general availability (GA) release - Exabeam version 1.6 in our case - is a major milestone.
- [User Behavior Intelligence Drives New Security Processes](https://www.exabeam.com/blog/ueba/user-behavior-intelligence-drives-new-security-processes/): There are six key technologies that have defined our security process for the last 25 years. Some of these technologies aren't as effective as they once were.
## SIEM
- [Cyber Risk Management: Components, Frameworks & Best Practices](https://www.exabeam.com/explainers/siem/cyber-risk-management-components-frameworks-and-best-practices/): Cyber Risk Management is the ongoing process of identifying, assessing, prioritizing, and mitigating threats and vulnerabilities to an organization's digital assets, systems, and data, aiming to protect against financial loss, operational disruption, and reputational damage.
- [Best SIEM Systems: Top 5 in 2026](https://www.exabeam.com/explainers/siem/best-siem-systems-top-5-systems/): SIEM systems (Security Information and Event Management) are cybersecurity tools that centralize and analyze log and event data from various IT and operational technology (OT) sources to detect, investigate, and respond to security threats in real time.
- [SIEM vs. EDR: Key Features, Differences, and How to Choose](https://www.exabeam.com/explainers/siem/siem-vs-edr-key-features-differences-and-how-to-choose/): Security Information and Event Management (SIEM) is a software solution that provides a holistic view of an organization’s information security.
- [SIEM vs. IDS: Key Differences and Using Them Together](https://www.exabeam.com/explainers/siem/siem-vs-ids-key-differences-and-using-them-together/): SIEM is a cybersecurity tool aggregating log data from IT infrastructure. IDS monitors network activity for any malicious actions & policy breaches.
- [SIEM vs. MDR: 5 Key Differences and How to Choose](https://www.exabeam.com/explainers/siem/siem-vs-mdr-5-key-differences-and-how-to-choose/): SIEM provides a comprehensive view of cybersecurity, while MDR combines tech, processes, and expertise for threat detection and response.
- [Deploying SIEM on Azure: Pros and Cons of Microsoft Sentinel](https://www.exabeam.com/explainers/siem/deploying-siem-on-azure-pros-and-cons-of-microsoft-sentinel/): Consider various models for deploying a Security Information and Event Management (SIEM) system in the Azure cloud to meet your security needs.
- [AI SIEM: How SIEM with AI/ML is Revolutionizing the SOC](https://www.exabeam.com/explainers/siem/ai-siem-how-siem-with-ai-ml-is-revolutionizing-the-soc/): SIEM alerts are notifications to identify and respond to potential incidents for effective threat detection and incident management.
- [Five SIEM Benefits Unveiled: Strengthening Security and Streamlining Operations](https://www.exabeam.com/explainers/siem/five-siem-benefits-unveiled-strengthening-security-and-streamlining-operations/): What are SIEM benefits? Explore enhanced security incident detection, efficient response, streamlined operations, and cost reduction with SIEM solutions.
- [SIEM Examples: Capabilities & Top Solutions for Cybersecurity](https://www.exabeam.com/explainers/siem/exploring-siem-examples-modern-capabilities-and-top-solutions-for-cybersecurity/): Explore the latest SIEM examples in the market today and discover how top SIEM solutions are revolutionizing cybersecurity practices for better protection.
- [SIEM Alerts: Understanding Security Information and Event Alerts](https://www.exabeam.com/explainers/siem/siem-alerts-understanding-security-information-and-event-alerts/): SIEM alerts are notifications to identify and respond to potential incidents for effective threat detection and incident management.
- [SIEM Implementation in 4 Steps](https://www.exabeam.com/explainers/siem/siem-implementation-in-4-steps/): Security Information and Event Management (SIEM) implementation refers to the process of deploying and configuring a SIEM system within an organization's IT infrastructure.
- [SIEM Log Management: Log Management in the Future SOC](https://www.exabeam.com/explainers/siem/siem-log-management-log-management-in-the-future-soc/): SIEM and log management both work with logs from multiple systems, and use them to provide visibility into what is happening in the IT environment.
- [Security Big Data Analytics: Past, Present and Future](https://www.exabeam.com/explainers/siem/siem-analytics/): Security analytics was once limited to correlation rules and attack signatures—now moving towards automated detection of unknown threats via machine learning.
- [Managed SIEM: Key Features, Benefits, and How to Choose a Provider](https://www.exabeam.com/explainers/siem/managed-siem-key-features-benefits-and-how-to-choose-a-provider/): Managed SIEM is a service provided by external cybersecurity experts that involve the centralized monitoring and management of security events and incidents within an organization's IT infrastructure.
- [What Is SIEM? 7 Pillars and 14 Core Features [2025 Guide]](https://www.exabeam.com/explainers/siem/what-is-siem/): SIEM stands for Security Information and Event Management. It's a cybersecurity solution that aggregates and analyzes security data from various sources within an IT environment to detect, analyze, and respond to security threats in real time.
- [SIEM Architecture: Technology, Process and Data](https://www.exabeam.com/explainers/siem/siem-architecture/): Learn how SIEMs are built, and how they generate security insights from huge data volumes—in traditional SIEM and in new architectures based on data lakes.
## IBM Qradar
- [IBM QRadar: Key Features, Pricing, Limitations & Alternatives](https://www.exabeam.com/explainers/ibm-qradar/ibm-qradar-key-features-pricing-limitations-and-alternatives/): IBM QRadar is a security information and event management (SIEM) solution that provides insights into network activities.
- [QRadar vs. Splunk: 7 Key Differences and How to Choose](https://www.exabeam.com/explainers/ibm-qradar/qradar-vs-splunk-7-key-differences-and-how-to-choose/): IBM QRadar is a SIEM platform for real-time threat detection and response, while Splunk ES offers security operations for threat detection and monitoring.
## Featured
- [Cloud-Native SIEM Hosting: Public, Private, & Hybrid Models](https://www.exabeam.com/blog/siem-trends/finding-the-perfect-fit-hosting-models-for-cloud-native-siem-solutions/): Explore public, private, and hybrid cloud hosting models for your SIEM. Weigh the pros and cons to find the perfect fit for your security needs.
- [The Rise of AI Agents: A New Insider Threat You Can’t Ignore](https://www.exabeam.com/blog/ten18/the-rise-of-ai-agents-a-new-insider-threat-you-cant-ignore/): AI agents are reshaping insider threats. Learn how to detect, govern, and defend against this emerging risk.
- [The Benefits of Cloud-Native SIEM and Outcomes Navigator](https://www.exabeam.com/blog/infosec-trends/the-game-changing-benefits-of-cloud-native-siem/): Discover how cloud-native SIEM and Outcomes Navigator improve detection, response, and coverage.
- [Can Your SIEM Do This? See Why Security Teams Choose Exabeam](https://www.exabeam.com/blog/siem-trends/can-your-siem-do-this-most-cant-heres-why/): Learn how Exabeam SIEM and UEBA help security teams detect threats faster, reduce noise, and empower analysts at every level.
- [Beyond the Hype: Seven AI Trends Every Security Pro Needs to Know for 2025](https://www.exabeam.com/blog/infosec-trends/beyond-the-hype-seven-ai-trends-every-security-pro-needs-to-know-for-2025/): 7 AI trends transforming cybersecurity in 2025. Insights for security pros to combat threats and leverage AI advantages.
- [The Value of a False Positive. Part Two: A New Definition](https://www.exabeam.com/blog/ten18/the-value-of-a-false-positive-part-two-a-new-definition/): Recommended actions for security teams based on revised false positive and true positive definitions and observations.
- [The Value of a False Positive. Part One: Measurement](https://www.exabeam.com/blog/ten18/the-value-of-a-false-positive-part-one-measurement/): Use false positive insights to improve cybersecurity programs and evaluate the effectiveness of your tool stack.
- [Best Practices for Effective Threat Hunting: Empower Your Security Team](https://www.exabeam.com/blog/security-operations-center/empowering-security-teams-with-best-practices-for-threat-hunting/): Learn how SIEM, UEBA, and cross-team collaboration empower SOCs for efficient threat hunting.
- [Effective Threat Hunting for SOCs: Moving Beyond IoAs and IoCs](https://www.exabeam.com/blog/security-operations-center/the-challenge-of-threat-hunting-for-the-security-operations-center/): Discover how SOCs can use advanced SIEM and UEBA to detect insider threats and complex attacks.
- [Best Practices for Effective Threat Hunting: Empower Your Security Team](https://www.exabeam.com/blog/ten18/seamless-security-automating-sigma-rule-conversion-with-generative-ai/): Streamline Sigma Rule Translation for SIEMs with GenAI Automation: Save Time and Reduce Errors
- [Government Cybersecurity Collaboration: Lessons in Logging and Detection](https://www.exabeam.com/blog/ten18/what-the-most-significant-government-collaboration-on-threat-detection-and-logging-got-right-and-wrong-and-what-you-should-know-about-it/): Learn about new standards for event logging and threat detection from the Australian Cyber Security Centre and others.
- [A CISO’s Analysis: The 2024 State of Security Report](https://www.exabeam.com/blog/infosec-trends/a-cisos-analysis-the-2024-state-of-security-report/): With the recent announcement of support of Open API Standard, Exabeam is transforming the way security tools can integrate and work together for better security outcomes.
- [Exabeam Named a Leader for the 5th Straight Time in Gartner®️ Magic Quadrant™ for Security Information and Event Management (SIEM) ](https://www.exabeam.com/blog/infosec-trends/exabeam-named-a-leader-for-the-5th-straight-time-in-gartner-magic-quadrant-for-security-information-and-event-management-siem/): Streamline threat detection, investigation, and response processes with integrated solutions for SOC excellence.
- [A (Candid) TEN18 Analysis: The State of Threat Detection, Investigation, and Response Report 2023](https://www.exabeam.com/blog/ten18/a-candid-ten18-analysis-the-state-of-threat-detection-investigation-and-response-report-2023/): The TDIR research includes insights from 1,155 security and IT professionals spanning three regions including North America, Western Europe, Asia Pacific and Japan.
- [How SIEM Helps With Cyber Insurance](https://www.exabeam.com/blog/siem-trends/how-siem-helps-with-cyber-insurance/): To gain proper coverage, organizations have to evaluate their needs, and demonstrate appropriate levels of security monitoring to obtain a policy. For many companies, that means investing in security information and event management (SIEM).
- [Cybersecurity Threats: Everything you Need to Know](https://www.exabeam.com/blog/infosec-trends/cybersecurity-threats-everything-you-need-to-know/): Learn about the key types of information security threats including malware, social engineering, and supply chain attacks, and cutting edge defensive technology.
- [Creeper: The World’s First Computer Virus](https://www.exabeam.com/blog/infosec-trends/creeper-the-worlds-first-computer-virus/): Read about the first computer virus that preceded computer networks, called the Creeper. German mathematician John von Neumann first theorized the concept in the late 1940s. He envisioned a computer virus as an automatically self-replicating entity. But it was another 30 years before someone created one.
- [2020 Red and Blue Team Survey Reveals Positive Trends ](https://www.exabeam.com/blog/security-operations-center/2020-red-and-blue-team-survey-reveals-positive-trends/): Testing by red teams and defended by blue teams is a popular method for companies to find and address their most significant vulnerabilities and security gaps. Exabeam's 2020 survey of red and blue teams in 2020 reveals positive trends.
- [The Clipper Chip: How Once Upon a Time the Government Wanted to Put a Backdoor in Your Phone](https://www.exabeam.com/blog/infosec-trends/the-clipper-chip-how-once-upon-a-time-the-government-wanted-to-put-a-backdoor-in-your-phone/): On April 16, 1993, the White House announced the Clipper chip to secure communication devices like crypto phones, which protect calls from interception by using algorithms and cryptographic keys to encrypt and decrypt the signals.
- [The Origins of Web Security and the Birth of Security Socket Layer (SSL) Protocol](https://www.exabeam.com/blog/infosec-trends/the-origins-of-web-security-and-the-birth-of-security-socket-layer-ssl-protocol/): Cybersecurity History: Read about how Netscape began development of the SSL protocol. In 1994, Netscape had SSL version 1.0 ready, but it never made a public debut as it had several significant security flaws, which eventually led to the evolution of HTTPS based on SSL 2.0 and its successor TLS.
- [Take a Deep Dive into PlugX Malware](https://www.exabeam.com/blog/infosec-trends/take-a-deep-dive-into-plugx-malware/): From the history of PlugX malware to the ins-and-outs of how it functions, here's everything you need to know.
## Agentic AI
- [Agentic AI Frameworks: Key Components & Top 8 Options in 2026](https://www.exabeam.com/explainers/agentic-ai/agentic-ai-frameworks-key-components-top-8-options/): Agentic AI frameworks are software toolkits that simplify the creation, deployment, and management of AI agents by providing pre-built components, architectures, and workflows to enable autonomous goal-directed behavior.
- [Agentic AI Architecture: Types, Components & Best Practices](https://www.exabeam.com/explainers/agentic-ai/agentic-ai-architecture-types-components-best-practices/): Because employees are often considered the weakest link in security, information security programs rely heavily on security awareness training and phishing simulations.
- [Best SIEM Tools: Top 5 Solutions in 2025](https://www.exabeam.com/explainers/agentic-ai/best-siem-tools-top-5-solutions/): SIEM (Security Information and Event Management) tools are software solutions that help organizations monitor, analyze, and manage security data from various sources to detect and respond to threats. They aggregate data, correlate events, and provide insights for security teams.
- [Agentic AI Tools: Key Capabilities & 10 Tools to Know in 2026](https://www.exabeam.com/explainers/agentic-ai/agentic-ai-tools-key-capabilities-and-7-tools-to-know/): Agentic AI tools are systems that empower AI to autonomously perform complex tasks by coordinating multiple AI agents, leveraging large language models (LLMs) and complex reasoning. These tools go beyond individual AI agents, creating integrated systems that can handle workflows and make decisions.
- [Security-Focused AI Agents: Benefits, Capabilities & Use Cases](https://www.exabeam.com/explainers/agentic-ai/security-focused-ai-agents-benefits-capabilities-use-cases/): Security AI agents are autonomous systems designed to detect, analyze, and respond to cybersecurity threats. These agents leverage AI and machine learning to identify and mitigate risks, often operating without direct human oversight.
- [Agentic AI vs. Generative AI: 5 Key Differences](https://www.exabeam.com/explainers/agentic-ai/agentic-ai-vs-generative-ai-5-key-differences/): Generative AI excels at creating new content (text, images, code, etc.) based on patterns learned from data. It's like a creative assistant that responds to prompts. Agentic AI focuses on autonomous action and goal achievement. It perceives, reasons, acts, and learns to complete tasks.
## Compliance
- [Using Behavioural Analytics for PSPF Compliance](https://www.exabeam.com/blog/compliance/how-behavioural-analytics-strengthens-compliance-with-australias-protective-security-policy-framework-pspf/): Meet Australia's PSPF mandates. Learn how behavioural analytics helps government agencies detect insider threats and manage complex security risks.
- [Adapting to Australia’s Privacy Act Reforms 2024 With Exabeam](https://www.exabeam.com/blog/compliance/how-exabeam-helps-organizations-adapt-to-australias-privacy-reforms/): Adapt to Australia’s new privacy laws. Exabeam helps you meet compliance and reduce your risk.
- [OJK Compliance and Cyber Resilience for Indonesia’s Banking and Financial Sector](https://www.exabeam.com/blog/compliance/enabling-ojk-regulatory-compliance-and-cyber-resilience-for-indonesias-banking-and-financial-sector-with-exabeam/): Learn how Indonesian banks can meet OJK POJK and SEOJK requirements with advanced threat detection, automated timelines, and compliance reporting.
- [](https://www.exabeam.com/blog/compliance/siem-best-practices-to-help-you-comply-with-indonesias-personal-data-protection-law/): Learn how SIEM helps meet Indonesia’s PDP Law requirements for breach response and compliance
- [Meet OMB 21-31 Memorandum Requirements with LogRhythm SIEM](https://www.exabeam.com/blog/compliance/meet-omb-21-31-memorandum-requirements-with-logrhythm-siem/): President Biden's Executive Order 14028 focuses on logging requirements for U.S. government agencies handling sensitive data. As a result, the Office of Management and Budget released Memorandum 21-31 to meet the requirements outlined in Executive Order 14028.
- [Comply with National Cybersecurity Authority OTCC-1:2022 Using LogRhythm SIEM](https://www.exabeam.com/blog/compliance/nca-otcc-12022-logrhythm-siem/): Learn what Saudi Arabia's NCA OTCC-1: 2022 entail, and how LogRhythm SIEM helps you achieve OT cybersecurity compliance.
- [British Library: Exabeam Insights into Lessons Learned](https://www.exabeam.com/blog/compliance/british-library-exabeam-insights-into-lessons-learned/): This article contrasts some of the key lessons learned from the British Library breach with insights from the report to shed light on the evolving threat landscape.
- [Your Guide to Education Cybersecurity Compliance in Malaysia](https://www.exabeam.com/blog/compliance/education-cybersecurity-compliance-malaysia/): While Malaysia does not have specific cybersecurity laws for educational institutions, it does provide a number of sporadic laws to counter cybercrime. In this blog, we will be covering the frameworks and legislation that educational institutions need to be aware of.
- [How to Leverage LogRhythm SIEM Playbooks for Compliance](https://www.exabeam.com/blog/compliance/logrhythm-siem-playbooks-for-compliance/): Cybersecurity playbooks are a documented set of procedures and they also lend themselves well to performing activities related to compliance requirements. Here are playbook examples for compliance.
- [Why Airlines are Prone to Cyberattacks](https://www.exabeam.com/blog/compliance/why-airlines-are-prone-to-cyberattacks/): Unveiling the vulnerabilities that make airlines susceptible to cyberattacks and strategies for robust defense.
- [Exabeam Commences IRAP Assessment Process for New-Scale SIEM™](https://www.exabeam.com/blog/compliance/exabeam-commences-irap-assessment-process-for-new-scale-siem/): Exabeam has initiated an IRAP assessment of New-Scale SIEM against the ISM’s requirements for Protected Systems.
- [Exabeam Adds New Global Log Retention Capabilities to New-Scale SIEM™](https://www.exabeam.com/blog/compliance/exabeam-adds-new-global-log-retention-capabilities-to-new-scale-siem/): Discover the power of Exabeam Global Log Retention for efficient log storage management and enhanced cybersecurity.
- [Virtual CISOs: Balancing Security, Compliance, and Collaboration](https://www.exabeam.com/blog/compliance/virtual-cisos-balancing-security-compliance-and-collaboration/): Rupa Parameswaran shares insights on security mindfulness, CISO leadership, and engaging with the board.
- [Safeguarding Banks With Security Updates, Patching, and Pen Testing](https://www.exabeam.com/blog/compliance/safeguarding-banks-with-security-updates-patching-and-pen-testing/): Secure your bank with timely updates, patches, and penetration testing to protect against cyberthreats.
- [Bolstering Bank Cybersecurity — Combating External and Insider Threats with MFA](https://www.exabeam.com/blog/compliance/bolstering-bank-cybersecurity-combating-external-and-insider-threats-with-mfa/): Boost bank security with MFA to combat cyberthreats, including insider attacks.
- [Guide to Cybersecurity Compliance in Singapore](https://www.exabeam.com/blog/compliance/guide-to-cybersecurity-compliance-in-singapore/): As Singapore continues to brand itself as a digital-first country, businesses will also have to adhere to a high cybersecurity standard to inspire confidence in all stakeholders.
- [The Responsibility of Risk: Regulations, Certifications – What do Privacy and Data Security Mean?](https://www.exabeam.com/blog/compliance/the-responsibility-of-risk-regulations-certifications-what-do-privacy-and-data-security-mean/): Organizations must be prepared to stay compliant, document risks, and figure out acceptance or mitigation strategies.
- [Protect Personal Data With GDPR Compliance](https://www.exabeam.com/blog/compliance/protect-personal-data-with-gdpr-compliance/): Any organization dealing with personal data of European Union subjects can face stiff fines for non-compliance with GDPR.
- [Prudential Standard CPS 234: How Exabeam Aligns With the Australian Financial Standard](https://www.exabeam.com/blog/compliance/prudential-standard-cps-234-how-exabeam-aligns-with-the-australian-financial-standard/): The Australian Prudential Standard CPS 234 helps APRA-regulated entities to combat cybersecurity incidents and attacks.
- [Exabeam Achieves ISO 27001 Certification](https://www.exabeam.com/blog/compliance/exabeam-achieves-iso-27001-certification/): The Exabeam SOC Platform’s information security management system has been independently assessed and aligns with ISO 27001:2013 information security best practices for the integrity, security, and confidentiality of employee, customer, and partner data.
- [How to Conduct an Information Security Risk Assessment](https://www.exabeam.com/blog/compliance/how-to-conduct-an-information-security-risk-assessment/): Learn best practices for performing an Information Security Risk Assessment. Get started with these tips and resources.
- [New Logging Standard for Federal Cyber Detection and Response](https://www.exabeam.com/blog/compliance/new-logging-standard-for-federal-cyber-detection-and-response/): Executive Order E014028 presents a new standard for log management. How will it affect your agency? Steve Salinas takes a deep dive into what it means for security teams in federal agencies.
- [Hitting “Refresh” on Federal Cybersecurity in 2021](https://www.exabeam.com/blog/compliance/hitting-refresh-on-federal-cybersecurity-in-2021/): The new policy, “Improving the Nation’s Cybersecurity,” was set in #Executive Order E014028. What does this mean for #federal agencies immediately and in the long term? We'll take you through it.
- [Exabeam Successfully Completes the Annual System and Organization Controls SOC 2 Type II Audit](https://www.exabeam.com/blog/compliance/exabeam-successfully-completes-the-annual-system-and-organization-controls-soc-2-type-ii-audit/): We are pleased to announce that we have completed the AICPA SOC 2 Type II Audit and Exabeam is compliant without exception.
- [Data Loss Prevention Solutions: Making Your Choice](https://www.exabeam.com/blog/compliance/data-loss-prevention-solutions-making-your-choice/): Once DLP software identifies a breach in policy, protective measures are taken, such as alerts and data encryption. DLP software also monitors endpoint movement, and safeguards data at rest, in motion and in use.
- [Protecting Utilities using LogRhythm SIEM](https://www.exabeam.com/blog/compliance/protecting-utilities-using-logrhythm-siem/): Electricity utility organizations-specific use cases to manage today’s risks while speeding up time to detect ransomware and more.
- [Tackling Cybersecurity Challenges in Healthcare](https://www.exabeam.com/blog/compliance/tackling-cybersecurity-challenges-in-healthcare/): Exabeam is working with healthcare facilities to address these challenges head-on. Using the latest technology, Exabeam comes up with solutions that ensure healthcare professionals can do their jobs while also protecting the privacy of patients.
- [Exabeam Signs NetFlow Logic as a Preferred Partner](https://www.exabeam.com/blog/compliance/exabeam-signs-netflow-logic-as-a-preferred-partner/): Exabeam signs NetFlow Logic as a preferred partner who will, on behalf of the client manage the end-to-end capture, conversion, and ingestion of packet flows into Exabeam Data Lake and Exabeam Advanced Analytics
- [Exabeam Achieves Federal Common Criteria Certification](https://www.exabeam.com/blog/compliance/exabeam-achieves-federal-common-criteria-certification/): We are pleased to announce that the Exabeam Security Management Platform has achieved Common Criteria Certification. What does this mean for you?
- [Exabeam Successfully Completes SOC 2 Type II Audit Examination](https://www.exabeam.com/blog/compliance/exabeam-successfully-completes-soc-2-type-ii-audit-examination/): Exabeam has successfully completed a System and Organization Controls (SOC) 2 Type II Audit examination for our service offering and SaaS cloud platform.
- [A GDPR Update](https://www.exabeam.com/blog/compliance/a-gdpr-update/): It’s been nine months since May 25, 2018 when GDPR went into effect in the EU. During this short period of time much has happened, including megabreaches that continue to occur throughout the world. Read about the latest InfoSec strategies and developments.
- [IPS Security: How Active Security Saves Time and Stops Attacks in their Tracks](https://www.exabeam.com/blog/compliance/ips-security-how-active-security-saves-time-and-stops-attacks-in-their-tracks/): Learn the difference between IPS vs. IDS, how IPS security can save you time, which attacks it prevents, and get a brief review of top IPS appliances.
- [Cyber Espionage and the US Elections: What are Russian Hackers Possibly Doing and How Can They be Stopped?](https://www.exabeam.com/blog/compliance/cyber-espionage-and-the-us-elections-what-are-russian-hackers-possibly-doing-and-how-can-they-be-stopped/): Russian meddling in the 2016 US elections and the Hillary Clinton campaign email breach came as a surprise to many (with investigations underway as to who knew what and who was involved). Two years later, alarms are again sounding about new threats from Russian bad actors targeting US elections.
- [Security Data Lakes: Comparing the “Do It Yourself” Deployments Versus Commercial Solutions](https://www.exabeam.com/blog/compliance/security-data-lakes-comparing-the-do-it-yourself-deployments-versus-commercial-solutions/): Security data lake built on top of an ELK lowers the total cost and provides greater visibility and search capabilities to better detect cyber threats.
- [GDPR and the Security Monitoring Challenge](https://www.exabeam.com/blog/compliance/gdpr-and-the-security-monitoring-challenge/): Security monitoring is an essential part of protecting data. You are monitoring access to the data and the IT systems that process and store it, which is how to prevent data breaches; identify when a breach has occurred and what data was lost; identify who is responsible and avoid impact to you your organization.
- [Complying with NYDFS Cybersecurity Regulations with Exabeam](https://www.exabeam.com/blog/compliance/complying-with-nydfs-cybersecurity-regulations-with-exabeam/): Effective March 2017, a set of cybersecurity requirements (collectively called “23 NYCRR 500”) became a first-in-the-nation milestone achievement by New York.
- [5 Things to Know About Exabeam Data Lake](https://www.exabeam.com/blog/compliance/5-things-to-know-about-exabeam-data-lake/): Earlier this week we launched Exabeam Data Lake, a security data lake that helps you collect and store unlimited amounts of security data to meet threat detection and compliance use cases. Here are 5 things you should know about Data Lake:
## FortiSIEM
- [FortiSIEM: Key Features, Pricing, Limitations & Alternatives](https://www.exabeam.com/explainers/fortisiem/fortisiem-key-features-pricing-limitations-alternatives/): FortiSIEM is a security information and event management (SIEM) solution providing oversight across IT environments.
## Securonix
- [Securonix: Solution Overview, Limitations & Top 5 Alternatives](https://www.exabeam.com/explainers/securonix/securonix-solution-overview-limitations-top-5-alternatives/): Securonix is a cybersecurity platform specializing in identifying, analyzing, and responding to security threats.
## Webinar
- [Modern SOC Essentials Series 2](https://www.exabeam.com/resources/webinars/modern-soc-essentials-series-2/)
- [From Hype to Help: What 1,000 Cybersecurity Pros Really Think About AI in the SOC](https://www.exabeam.com/resources/webinars/from-hype-to-help-what-1000-cybersecurity-pros-really-think-about-ai-in-the-soc/): Join us for a panel discussion where TEN18 by Exabeam experts break down the findings from our global cybersecurity report: From Hype to Help: How AI Is (Really) Transforming Cybersecurity in 2025. Based on responses from 1,000 cybersecurity professionals worldwide, this report reveals a sharp divide between leadership optimism and frontline reality.
- [Trust No One: How to Spot Insider Threats Hiding in Plain Sight](https://www.exabeam.com/resources/webinars/trust-no-one-how-to-spot-insider-threats-hiding-in-plain-sight/): oin Exabeam’s expert-led webinar to explore how our advanced UEBA technology and AI-driven workflows can surface hidden risks by understanding "normal" user behavior and identifying deviations.
- [Elevate Your Cybersecurity Response: Transform Threat Detection, Investigation, and Response (TDIR) with AI](https://www.exabeam.com/resources/webinars/elevate-your-cybersecurity-response-transform-threat-detection-investigation-and-response-tdir-with-ai/): Enhance your cybersecurity response with these expert tips. Stay one step ahead of hackers and protect your digital assets.
- [The Intersection of Gen AI and Cybersecurity: Building the Case for an AI-Copilot ](https://www.exabeam.com/resources/webinars/the-intersection-of-gen-ai-and-cybersecurity-building-the-case-for-an-ai-copilot/): With the November presidential election approaching, there’s no better time to discuss how you can help ensure the integrity and cyber resilience of the electoral process.
- [How Security Teams Can Confront Compliance and Resource Constraints](https://www.exabeam.com/resources/webinars/how-security-teams-can-confront-compliance-and-resource-constraints/): Learn strategies for developing a more proactive security posture despite limited resources, and ways to integrate compliance into your broader business strategy.
- [Bridging the Communication Gap in Cybersecurity](https://www.exabeam.com/resources/webinars/bridging-the-communication-gap-in-cybersecurity/): Learn how you can tailor your security communication to reach an organization-wide understanding of how to protect sensitive data and infrastructure.
- [How Modern Security Teams are Finding Success in 2024](https://www.exabeam.com/resources/webinars/how-modern-security-teams-are-finding-success-in-2024/): Learn more about the success metrics of modern security teams and how you can create a proactive and resilient security culture within your organization.
- [The Evolving Security Landscape & Its Impact on Security Strategies](https://www.exabeam.com/resources/webinars/the-evolving-security-landscape-its-impact-on-security-strategies/): Learnthe impact of customer demands on security strategies, and where professionals believe breach responsibilities lie within their organization.
- [Eight Cybersecurity Predictions for 2024](https://www.exabeam.com/resources/webinars/eight-cybersecurity-predictions-for-2024/): Learn the must-know cybersecurity predictions for this year — spanning from top vulnerabilities to be aware of, to what’s to come with generative AI, and more.
- [Business Rewards vs. Security Risks of Generative AI](https://www.exabeam.com/resources/webinars/business-rewards-vs-security-risks-of-generative-ai-executive-panel/): Hear from Exabeam Director of Security Research, Steve Polvony, and other industry leaders for a thought-provoking conversation.
- [A CISO’s Guide to the AI Opportunity in Security Operations](https://www.exabeam.com/resources/webinars/a-cisos-guide-to-the-ai-opportunity-in-security-operations-webinar/): Discover how you can prepare for the benefits and assess the risks when it comes to using AI in security operations.
- [Cybersecurity Brew: Episode 7](https://www.exabeam.com/resources/webinars/cybersecurity-brew-episode-7/): Stay informed about the latest cybersecurity news and cutting-edge technologies with Jake Haldeman and Gabrielle Hempel on The Cybersecurity Brew.
- [In the News: Part 6](https://www.exabeam.com/resources/webinars/in-the-news-part-6/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [In the News: Part 5](https://www.exabeam.com/resources/webinars/in-the-news-part-5/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [Cybersecurity Predictions for 2023](https://www.exabeam.com/resources/webinars/cybersecurity-predictions-for-2023/): In this webinar, join a panel of LogRhythm executives and leaders as they discuss their cybersecurity predictions for 2023.
- [Why Zero Trust Security Matters Now](https://www.exabeam.com/resources/webinars/why-zero-trust-security-matters-now/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [In the News: Part 4](https://www.exabeam.com/resources/webinars/in-the-news-part-4/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [In the News: Part 3](https://www.exabeam.com/resources/webinars/in-the-news-part-3/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [In the News: Part 2](https://www.exabeam.com/resources/webinars/in-the-news-part-2/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [A CISO’s Guide to Communicating Risk](https://www.exabeam.com/resources/webinars/a-cisos-guide-to-communicating-risk-2/): Learn how to effectively communicate with other executives by setting expectations and demonstrating transparency before a major breach occurs.
- [In the News: Part 1](https://www.exabeam.com/resources/webinars/in-the-news-part-1/): Andrew Hollister discusses the importance of Zero Trust and reveals best practices to adopt this security architecture to ensure success.
- [Maturing the CISO Role](https://www.exabeam.com/resources/webinars/maturing-the-ciso-role/): Watch this teissTalk to answer some of the biggest questions facing the Information Security industry.
- [The Responsibility of Risk](https://www.exabeam.com/resources/webinars/the-responsibility-of-risk-2/): Learn how to meet the responsibilities of risk management and committing engineering and program support for compliance.
- [How Do You Know if Your SOC is Relevant?](https://www.exabeam.com/resources/webinars/how-do-you-know-if-your-soc-is-relevant/): In this webinar we discuss accelerating investigation and response times in your SOC, recruitment of SOC analysts, and more.
- [Moving Past Feeds and Speeds: Creating an Outcome Based SOC](https://www.exabeam.com/resources/webinars/moving-past-feeds-and-speeds-creating-an-outcome-based-soc/): Gorka Sadowski explains how moving past paradigms to an outcome-based approach fosters a more efficient means of reaching security goals.
- [How Security Leaders Can Increase Coverage of Insider Threats](https://www.exabeam.com/resources/webinars/how-security-leaders-can-increase-coverage-of-insider-threats/): Learn why insider threats often go undetected, the key behavioral indicators that may identify an internal threat actor, and tools that can be used to automatically detect insider threats.
## Splunk
- [Best Threat Intelligence Tools: Top 8 Providers in 2025](https://www.exabeam.com/explainers/splunk/best-threat-intelligence-tools-top-8-providers/): Threat intelligence tools are software applications and platforms that help organizations collect, analyze, and act on information about cybersecurity threats. These tools improve security by providing insights into potential vulnerabilities, attack methods, and threat actors.
- [Top 10 Splunk Competitors in 2026](https://www.exabeam.com/explainers/splunk/top-10-splunk-competitors/): Splunk is a software platform for searching, monitoring, and analyzing machine-generated data via a web interface.
- [Splunk Attack Analyzer: Use Cases, Features, and Limitations [2026]](https://www.exabeam.com/explainers/splunk/splunk-attack-analyzer-use-cases-features-and-limitations-2025/): Splunk Attack Analyzer is a threat analysis solution that automatically examines complex cyber threats, including credential phishing and malware
- [Splunk SOAR: Pros/Cons, Architecture & Quick Tutorial](https://www.exabeam.com/explainers/splunk/splunk-soar-pros-cons-architecture-and-quick-tutorial/): Splunk SOAR (security orchestration, automation, and response) is a platform to improve an organization's security management and operations.
- [Understanding Splunk Enterprise Security: Solution Overview](https://www.exabeam.com/explainers/splunk/understanding-splunk-enterprise-security-solution-overview/): Splunk Enterprise Security (ES) is a security information and event management (SIEM) solution.
- [Splunk SIEM: Key Features, Limitations and Alternatives](https://www.exabeam.com/explainers/splunk/splunk-siem-key-features-limitations-and-alternatives/): Splunk SIEM, also known as Splunk Enterprise Security (ES), is a security information and event management system offering security monitoring and analysis.
## eBook
- [The Ultimate Guide to Insider Threats](https://www.exabeam.com/resources/ebooks/the-ultimate-guide-to-insider-threats/): Protect your organization from insider threats with our ultimate guide. Learn about the risks they pose and effective defense strategies.
- [7 Metrics of Security Operations Effectiveness](https://www.exabeam.com/resources/ebooks/7-metrics-security-operations-effectiveness/): Measure the effectiveness of your security operations program with these key metrics. Learn how to track incident response times and prove the value of your program.
- [The Security First Guidebook](https://www.exabeam.com/resources/ebooks/the-security-first-guidebook/): Learn how to build a security-first culture across your enterprise with Exabeam's guidebook. Get practical tips and training strategies for cybersecurity awareness.
- [The Security Operations Maturity Model](https://www.exabeam.com/resources/ebooks/the-security-operations-maturity-model/): Learn how to assess your security operations maturity and benchmark critical KPIs to improve your organization's response to cyberthreats.
- [Security Operations Center Hiring Handbook](https://www.exabeam.com/resources/ebooks/security-operations-center-hiring-handbook/): Learn how to build and expand your security operations center team with The SOC Hiring Handbook. Overcome hiring challenges and find top talent.
- [How to Build a SOC With Limited Resources](https://www.exabeam.com/resources/ebooks/how-to-build-a-soc-with-limited-resources/): Learn the essential steps for building a SOC with limited resources. Find out how to maximize the effectiveness of your security operations center.
- [User and Entity Behavior Analytics (UEBA) for Advanced Threat Detection](https://www.exabeam.com/resources/ebooks/a-guide-to-user-and-entity-behavioranalytics-ueba-security/): Learn how user and entity behavior analytics (UEBA) can help reduce cyber risk and respond more quickly to user-based attacks.
## Google Security Operations
- [Google Cloud Security: 8 Key Components & Critical Best Practices](https://www.exabeam.com/explainers/google-security-operations/google-cloud-security-8-key-components-and-critical-best-practices/): Ensuring security in Google Cloud involves a set of practices, measures, and products to protect data, applications, and infrastructure.
- [What Is Google Security Operations (Formerly Google Chronicle)?](https://www.exabeam.com/explainers/google-security-operations/what-is-google-security-operations-formerly-known-as-google-chronicle/): Google Security Operations is a cloud-based platform that aims to help enterprises manage and analyze large volumes of security and network telemetry.
## Incident Response
- [What Is Security Automation? Benefits, Technologies & Use Cases](https://www.exabeam.com/explainers/incident-response/what-is-security-automation-benefits-technologies-and-use-cases/): Security automation refers to the use of technology to perform security tasks with minimal human intervention.
- [Incident Response Services: Key Features and 7 Top Notch Solutions](https://www.exabeam.com/explainers/incident-response/incident-response-services-key-features-and-7-top-notch-solutions/): Incident response services provide organizations with access to outsourced teams that help address cybersecurity threats and breaches.
- [SANS Incident Response: 6-Step Process & Critical Best Practices](https://www.exabeam.com/explainers/incident-response/sans-incident-response-6-step-process-critical-best-practices/): The SANS incident response framework is a structured approach used by organizations to manage and mitigate cyber security incidents effectively.
- [Incident Response Retainer: Options, What’s Included, and 8 Key Considerations](https://www.exabeam.com/explainers/incident-response/incident-response-retainer-options-whats-included-and-8-key-considerations/): An incident response retainer is a service deal between an organization and a cybersecurity provider for instant support during security incidents.
- [Incident Response for Ransomware: 6 Key Elements and Critical Best Practices](https://www.exabeam.com/explainers/incident-response/incident-response-for-ransomware-6-key-elements-and-critical-best-practices/): A predefined process allows organizations to lessen the overall impact and maintain continuity in critical business functions.
- [18-Step Incident Response Checklist: From Preparation to Recovery](https://www.exabeam.com/explainers/incident-response/18-step-incident-response-checklist-from-preparation-to-recovery/): An incident response checklist is a structured document that outlines the steps organizations should take following a security breach or cyber attack.
- [NIST Incident Response: 4-Step Process and Critical Best Practices](https://www.exabeam.com/explainers/incident-response/nist-incident-response-4-step-process-and-critical-best-practices/): NIST's incident response framework, outlined in their Computer Security Incident Handling Guide, aids organizations in managing effective incident responses.
- [Spooky Season Brings a Toe-Curling Vulnerability](https://www.exabeam.com/blog/incident-response/spooky-season-brings-a-toe-curling-vulnerability/): Learn about CVE-2023-38545: a spooky libcurl vulnerability, its impact, detection methods, and protection steps.
- [Defending Against Ransomware: How Exabeam Strengthens Cybersecurity](https://www.exabeam.com/blog/incident-response/defending-against-ransomware-how-exabeam-strengthens-cybersecurity/): Learn how Exabeam Advanced cybersecurity solutions can defend your organization against ransomware.
- [Incident Response: Plan, Process, and Best Practices [2025]](https://www.exabeam.com/blog/incident-response/incident-response-6-steps-technologies-and-tips/): Incident response is an approach to handling security breaches. The aim of incident response is to identify an attack, contain the damage, and eradicate the root cause of the incident.
- [Unmasking Insider Threats Isn’t Just a U.S. Intelligence Agency Problem](https://www.exabeam.com/blog/incident-response/unmasking-insider-threats-isnt-just-a-u-s-intelligence-agency-problem/): Learn how behavior-based modeling can help government agencies combat insider threats in light of the Discord leak.
- [Security Incidents: Types, Tools, Examples, and Prevention](https://www.exabeam.com/blog/incident-response/security-incidents-what-you-should-look-out-for/): Identifying security incidents and responding to them quickly is a critical cybersecurity process.
- [Insider Threats: What Banks Don’t Know Can Definitely Hurt Them](https://www.exabeam.com/blog/incident-response/insider-threats-what-banks-dont-know-can-definitely-hurt-them/): Discover why insider threats pose the biggest challenge for banks and learn how to manage them effectively.
- [The 4 Steps to a Phishing Investigation](https://www.exabeam.com/blog/incident-response/the-4-steps-to-a-phishing-investigation/): What is phishing, how can you identify phishing rapidly, and how do you investigate phishing emails?
- [Log4j by Another Name. It’s Coming; How Can You Keep Pace?](https://www.exabeam.com/blog/incident-response/log4j-by-another-name-its-coming-how-can-you-keep-pace/): Log4j still puts hundreds of millions of devices at risk of remote attack. It will reappear with a different name.
- [What Can We Learn From the Lapsus$ Attacks?](https://www.exabeam.com/blog/incident-response/what-can-we-learn-from-the-lapsus-attacks/): The attacks attributed to Lapsus$ have shone a light on the importance of monitoring user credential activity and creation.
- [Incident Response Automation and Security Orchestration with SOAR](https://www.exabeam.com/blog/incident-response/incident-response-automation-and-security-orchestration-with-soar/): Security Orchestration, Automation & Response (SOAR) makes incident response more efficient, effective, and scalable.
- [A Four-Layered Approach to Malware](https://www.exabeam.com/blog/incident-response/a-four-layered-approach-to-malware/): The best way to detect and respond to malware is to create a layered approach in your network and among your workforce.
- [The Complete Guide to CSIRT Organization: How to Build an Incident Response Team](https://www.exabeam.com/blog/incident-response/the-complete-guide-to-csirt-organization-how-to-build-an-incident-response-team/): Learn the latest best practices for organizing and managing a Computer Security Incident Response Team (CSIRT) as part of your Incident Response Plan.
- [Incident Response Plan 101: The 6 Phases, Templates, and Examples](https://www.exabeam.com/blog/incident-response/incident-response-plan-101-the-6-phases-templates-and-examples/): An incident response plan (IRP) is a set of instructions that helps IT staff respond to, detect, and recover from network security incidents. The goal of an IRP is to minimize the impact of a security incident on an organization.
- [EDR vs. EPP: What is the Difference?](https://www.exabeam.com/blog/incident-response/edr-vs-epp-what-is-the-difference/): EDR vs EPP In this article, you will learn what is EDR, what is EPP, how they differ, and how to choose the security type that suits your systems and network.
- [7 Detection Tips for the Log4j2 Vulnerability](https://www.exabeam.com/blog/incident-response/7-detection-tips-for-the-log4j2-vulnerability/): The Apache Log4j2 vulnerability CVE-2021-44228, disclosed on December 9, 2021, allows for remote code execution against users. This vulnerability is actively being exploited. Whether you are an Exabeam customer or not, read our Detection Guide: Seven tips to help detect any impact from CVE-2021-44228.
- [You’ve Suffered a Breach … Now What?](https://www.exabeam.com/blog/incident-response/youve-suffered-a-breach-now-what/): Successful CISOs can see opportunity amidst the chaos. Post-breach remediation and recovery are where the strongest leaders rise — demonstrating by example the unity and cooperation necessary to accomplish in months what usually takes years.
- [Turnkey Playbooks Now Available for Exabeam Customers](https://www.exabeam.com/blog/incident-response/turnkey-playbooks-now-available-for-exabeam-customers/): Turnkey Playbooks, a new feature for Exabeam Incident Responder helps security teams get faster time to value from their SOAR product. In this post we share how this will help customers as part of their journey to adopt automation.
- [Securing Your Remote Workforce, Part 3: How to Detect Malware in the Guise of Productivity Tools](https://www.exabeam.com/blog/incident-response/securing-your-remote-workforce-part-3-how-to-detect-malware-in-the-guise-of-productivity-tools/): In part 3 of our securing your remote workforce series we take a deep dive into how to detect malware in the guise of productivity tools.
- [Beat Cyber Threats with Security Automation](https://www.exabeam.com/blog/incident-response/beat-cyber-threats-with-security-automation/): Understand how companies are adopting security orchestration strategies and tools, such as Security Orchestration Automation and Response.
- [National Cybersecurity Awareness Month: Incident Response](https://www.exabeam.com/blog/incident-response/national-cybersecurity-awareness-month-incident-response/): The theme for this year’s National Cybersecurity Awareness Month (NCSAM) is “Own IT. Secure IT. Protect IT”. With that in mind, we look at an important aspect of cybersecurity: how to be one step ahead by preparing your incident response plan before it’s needed.
- [Incident Investigation: How Understanding Context Aids Informed Decision-making](https://www.exabeam.com/blog/incident-response/incident-investigation-how-understanding-context-aids-informed-decision-making/): In an incident investigation security analysts don't look at a single alert or log and expect to understand the entire event. Instead, we assess different indicators of compromise (IoCs) or the tactics, techniques, and procedures (TTPs) of an attack to determine the context in which that alert is firing.
- [Executive Briefings 101 From the Frontlines](https://www.exabeam.com/blog/incident-response/executive-briefings-101-from-the-frontlines/): Incident handlers are responsible for several workstreams during an incident and for coordinating the action and response.
- [What’s In a Good Story? Context, Plot and Discovery](https://www.exabeam.com/blog/incident-response/whats-in-a-good-story-context-plot-and-discovery/): How context, plot and discovery create the full story of security events.
- [Improving Cybersecurity Incident Response with Orchestration and Automation](https://www.exabeam.com/blog/incident-response/improving-cybersecurity-incident-response-with-orchestration-and-automation/): Despite all of the investment and interest focused on cybersecurity, security operations center (SOC) analysts and incident responders haven’t realized much improvement in their effectiveness or job satisfaction. SOCs are often understaffed, spread across multiple time zones, and lacking the needed skills.
- [6 Incident Response Steps: What to Do When Under Attack](https://www.exabeam.com/blog/incident-response/6-incident-response-steps-what-to-do-when-under-attack/): Discover the critical steps your organization should take when experiencing a cyber attack, according to the NIST Incident Response framework.
- [How to Quickly Deploy an Effective Incident Response Policy](https://www.exabeam.com/blog/incident-response/how-to-quickly-deploy-an-effective-incident-response-policy/): If you haven’t already, most likely you’ll want to deploy an effective incident response policy soon, before an attack results in a breach or other serious consequences. Creating an effective incident response policy helps ensure a timely, effective, and orderly response to a security event.
- [Preempt a Cybersecurity Disaster by Writing a Mock Breach Notification Letter](https://www.exabeam.com/blog/incident-response/preempt-a-cybersecurity-disaster-by-writing-a-mock-breach-notification-letter/): Writing a Mock Breach Notification Letter Before a Security Disaster: Working backward from a breach that hasn’t occurred yet will illuminate the weaknesses in your disaster plan, so you can take action now—rather than when you’re in a breach recovery.
- [10 Best Practices for Creating an Effective Computer Security Incident Response Team (CSIRT)](https://www.exabeam.com/blog/incident-response/10-best-practices-for-creating-an-effective-computer-security-incident-response-team-csirt/): Unlike a SOC, the comprehensive response provided by an Incident Response Team reaches beyond the technical actions taken to remediate an incident. It includes recommending changes to systems or organizational practices to protect against future incidents, and important nontechnical responsibilities as well.
- [Preparing a Cybersecurity Incident Response Plan: Your Essential Checklist](https://www.exabeam.com/blog/incident-response/preparing-a-cybersecurity-incident-response-plan-your-essential-checklist/): How to build an incident response plan around the SANS incident response process, examples to get you started, and a sneak peek at incident response automation.
- [Cyber Attribution: Essential Component of Incident Response](https://www.exabeam.com/blog/incident-response/cyber-attribution-essential-component-of-incident-response-or-optional-extra/): Let’s examine the role that attribution plays in modern-day incident response and assess the amount of effort organizations should place on it.
- [5 Best Practices for Your Incident Response Plan](https://www.exabeam.com/blog/incident-response/5-best-practices-for-your-incident-response-plan/): Quickly learn what Incident Response is, how to create an Incident Response Plan and organize an Incident Response Team leveraging the latest best practices.
- [Check Out Exabeam Incident Responder](https://www.exabeam.com/blog/incident-response/check-out-exabeam-incident-responder/): A major goal with Incident Responder was to take the best practices currently performed by your “ninjas” and make those available to anyone, even your interns.
## Rapid7
- [Rapid7 InsightVM Solution Overview: Pros/Cons, Pricing & Tutorial](https://www.exabeam.com/explainers/rapid7/rapid7-insightvm-solution-overview-pros-cons-pricing-and-tutorial/): Rapid7 InsightVM is a vulnerability management solution that identifies, prioritizes, and remediates vulnerabilities.
- [Rapid7 Nexpose Solution Overview: Pros, Cons & Quick Tutorial](https://www.exabeam.com/explainers/rapid7/rapid7-nexpose-solution-overview-pros-cons-and-quick-tutorial/): Rapid7 Nexpose is a vulnerability management tool that helps organizations identify and remediate security vulnerabilities within their IT environments.
- [Rapid7: Solution Overview, Pricing, Limitations & Alternatives](https://www.exabeam.com/explainers/rapid7/rapid7-solution-overview-pricing-limitations-and-alternatives/): Rapid7 is a cybersecurity company that provides both commercial solutions and open source tools, most notably the Metasploit penetration testing platform.
## Sumo Logic
- [Sumo Logic vs Splunk: 6 Differences, Pros/Cons & How to Choose](https://www.exabeam.com/explainers/sumo-logic/sumo-logic-vs-splunk-6-differences-pros-cons-and-how-to-choose/): Sumo Logic offers cloud-native, real-time insights on app operations and security, while Splunk collects, indexes, and analyzes IT system data.
- [Understanding Sumo Logic SIEM: Pros/Cons and Quick Tutorial](https://www.exabeam.com/explainers/sumo-logic/understanding-sumo-logic-siem-pros-cons-and-quick-tutorial/): Sumo Logic SIEM is a cloud-native security information and event management system for modern enterprises.
- [Sumo Logic: Solution Overview, Limitations & Alternatives](https://www.exabeam.com/explainers/sumo-logic/sumo-logic-solution-overview-limitations-and-alternatives/): Sumo Logic is a cloud-native platform providing continuous intelligence to help organizations monitor, manage, and secure their applications and infrastructure.
## Crowdstrike
- [CrowdStrike Charlotte AI: Solution Overview, Pros and Cons](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-charlotte-ai-solution-overview-pros-and-cons/): CrowdStrike Charlotte AI is a generative AI assistant for cybersecurity teams using the CrowdStrike Falcon platform.
- [Crowdstrike vs Sentinelone: 3 Key Differences, Pros & Cons](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-vs-sentinelone-3-key-differences-pros-and-cons/): CrowdStrike Falcon offers cloud-based endpoint protection, while SentinelOne Singularity uses AI for autonomous threat detection and response.
- [CrowdStrike Threat Intelligence: 3 Core Solutions Explained](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-threat-intelligence-3-core-solutions-explained/): CrowdStrike is a cybersecurity company that provides cloud-based endpoint security solutions.
- [CrowdStrike XDR: Solution Overview, Pricing, Pros & Cons](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-xdr-solution-overview-pricing-pros-and-cons/): CrowdStrike Falcon Insight XDR is a platform that combines EDR with detection and response capabilities for other security layers.
- [Crowdstrike SIEM: Solution Overview, Pricing, Pros and Cons](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-siem-solution-overview-pricing-pros-and-cons/): CrowdStrike Falcon provides a cloud native approach to security monitoring, helping organizations overcome limitations of legacy tools with scalable log management and faster threat response.
- [CrowdStrike Falcon: Components, Pros/Cons & Top 7 Alternatives](https://www.exabeam.com/explainers/crowdstrike/crowdstrike-falcon-components-pros-cons-and-top-5-alternatives/): CrowdStrike Falcon is a cloud-based cybersecurity platform for endpoint security, offering malware protection, threat intelligence, and incident response.
## Fortinet
- [Fortinet XDR (FortiXDR): Solution Overview, Features & Limitations](https://www.exabeam.com/explainers/fortinet/fortinet-xdr-fortixdr-solution-overview-features-and-limitations/): Fortinet XDR is an XDR solution that aims to unify and automate security incident detection, and response across an organization’s security ecosystem.
- [Understanding Fortinet MDR: Solution Overview, Pros & Cons](https://www.exabeam.com/explainers/fortinet/understanding-fortinet-mdr-solution-overview-pros-and-cons/): FortiGuard MDR is a 24/7 service improving endpoint security through continuous monitoring, alert triage, threat hunting, and incident response.
- [Fortinet SOAR: Solution Overview, Features & Limitations](https://www.exabeam.com/explainers/fortinet/fortinet-soar-solution-overview-features-and-limitations/): Fortinet SOAR (FortiSOAR) is a security orchestration, automation, and response (SOAR) solution that aims to simplify security operations for organizations.
- [10 Fortinet Competitors to Know in 2025](https://www.exabeam.com/explainers/fortinet/10-fortinet-competitors-to-know-in-2025/): Fortinet integrates security with networking functions, helping organizations protect data and mitigate threats.
## Microsoft Sentinel
- [Microsoft Sentinel vs Splunk: 6 Key Differences and How to Choose](https://www.exabeam.com/explainers/microsoft-sentinel/microsoft-sentinel-vs-splunk-6-key-differences-and-how-to-choose/): Microsoft Sentinel offers cloud-native SIEM with intelligent security analytics, while Splunk delivers powerful analytics and security intelligence.
- [Microsoft Sentinel: 5 Key Features, Limitations & Alternatives](https://www.exabeam.com/explainers/microsoft-sentinel/microsoft-sentinel-5-key-features-limitations-and-alternatives/): Microsoft Sentinel (formerly Azure Sentinel) is a cloud-native security information and event management (SIEM) and security orchestration automated response (SOAR) solution
## Network Security
- [10 Network Monitoring Tools to Know in 2026](https://www.exabeam.com/explainers/network-security/8-network-monitoring-tools-to-know-in-2025/): Network monitoring tools are software solutions to oversee, analyze, and manage the performance and health of a network
- [Network Security Policy: 9 Key Components & How to Make Them Work](https://www.exabeam.com/explainers/network-security/network-security-policy-9-key-components-and-how-to-make-them-work/): A network security policy is a formal set of guidelines that dictates how an organization will protect its network infrastructure and data assets.
- [Network Monitoring with SNMP: Complete 2025 Guide](https://www.exabeam.com/explainers/network-security/network-monitoring-with-snmp-complete-guide/): SNMP is a protocol used for monitoring and managing devices on IP networks. It aids in ensuring network performance and availability.
- [Firewalls for Network Security: Importance, Types & Best Practices](https://www.exabeam.com/explainers/network-security/firewalls-for-network-security-importance-types-and-best-practices/): A firewall is a component used to protect networks from unauthorized access and cyber threats.
- [10 Things You Need to Do Network Security Properly](https://www.exabeam.com/explainers/network-security/10-things-you-need-to-do-network-security-properly/): Network security involves measures to protect the integrity, confidentiality, and availability of data and networks.
- [How Network Monitoring Works, What to Monitor & Tips for Success](https://www.exabeam.com/explainers/network-security/how-network-monitoring-works-what-to-monitor-and-tips-for-success/): Network monitoring involves observing and analyzing network performance and health through various devices and software tools
- [Monitoring Network Devices: Components, Metrics & Best Practices](https://www.exabeam.com/explainers/network-security/monitoring-network-devices-components-metrics-and-best-practices/): Network device monitoring is the process of managing and analyzing hardware devices within a network.
## Network Detection and Response
- [What Is Threat Detection, Investigation, and Response](https://www.exabeam.com/explainers/network-detection-and-response/what-is-threat-detection-investigation-and-response/): Network detection and response (NDR) solutions are cybersecurity technologies that focus on identifying and mitigating threats within a network
- [NDR Solutions: Key Features and 7 Tools to Know in 2025](https://www.exabeam.com/explainers/network-detection-and-response/ndr-solutions-key-features-and-7-tools-to-know-in-2025/): Network detection and response (NDR) solutions are cybersecurity technologies that focus on identifying and mitigating threats within a network
- [Network Detection and Response: Capabilities & Alternatives](https://www.exabeam.com/explainers/network-detection-and-response/network-detection-and-response-capabilities-alternatives/): Network detection and response (NDR) refers to cybersecurity solutions focused on detecting and responding to threats within network infrastructure.
- [NDR vs EDR: Key Differences, Pros/Cons & Using Them Together](https://www.exabeam.com/explainers/network-detection-and-response/ndr-vs-edr-key-differences-pros-cons-using-them-together/): Network detection and response (NDR) and endpoint detection and response (EDR) are cybersecurity solutions aimed at identifying and responding to threats.
- [NDR vs XDR: 5 Key Differences and How to Choose](https://www.exabeam.com/explainers/network-detection-and-response/ndr-vs-xdr-5-key-differences-and-how-to-choose/): Network detection and response (NDR) monitors real-time traffic for threats, while extended detection and response (XDR) covers multiple security layers.
## Compliance Management
- [Compliance Management: Process, Regulations, and Tools [2025 Guide]](https://www.exabeam.com/explainers/compliance-management/compliance-management-process-regulations-and-tools/): Discover Governance, Risk, and Compliance (GRC) and learn about data privacy regulations and workforce compliance.
## GDPR Compliance
- [GDPR vs. DPA: 6 Key Differences & Compliance Best Practices](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-vs-dpa-6-key-differences-compliance-best-practices/): The GDPR is an EU law giving individuals more control over personal data. The UK's Data Protection Act (DPA) ensures data is processed lawfully and transparently.
- [8 Types of GDPR Tools and How to Choose](https://www.exabeam.com/explainers/gdpr-compliance/8-types-of-gdpr-tools-and-how-to-choose/): GDPR tools are software solutions that help organizations comply with the GDPR, a legal framework established by the European Union to protect personal data.
- [GDPR Article 4: 12 Essential Definitions and Tips for Compliance](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-article-4-12-essential-definitions-and-tips-for-compliance/): GDPR Article 4, part of the EU's data regulation, defines key terms essential for understanding personal data processing activities.
- [GDPR Article 5: Key Principles and 6 Compliance Best Practices](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-article-5-key-principles-and-6-compliance-best-practices/): GDPR Article 5 lays down the key principles of the General Data Protection Regulation (GDPR), the primary data protection framework in the European Union.
- [GDPR vs. CCPA: 3 Similarities and 6 Differences](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-vs-ccpa-3-similarities-and-6-differences/): GDPR safeguards personal data in the EU with strict guidelines, while CCPA protects California residents' data.
- [What Is GDPR Article 17 (Right to Erasure) and 4 Ways to Achieve Compliance](https://www.exabeam.com/explainers/gdpr-compliance/what-is-gdpr-article-17-right-to-erasure-and-4-ways-to-achieve-compliance/): GDPR Article 17, "Right to Erasure," allows individuals to request the deletion of their personal data from an organization’s database.
- [GDPR Article 6: What are the 7 Legal Bases for Data Processing?](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-article-6-what-are-the-7-legal-bases-for-data-processing/): The GDPR is the EU’s primary data protection framework. Article 6 details lawful bases for processing personal data.
- [GDPR Cookie Consent: 8 Requirements and Critical Compliance Tips](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-cookie-consent-8-requirements-and-critical-compliance-tips/): Under GDPR, users must be informed about the use of cookies and give explicit consent before any non-essential cookies are activated.
- [GDPR vs. HIPAA: Similarities, Differences, and Tips for Achieving Compliance](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-vs-hipaa-similarities-differences-and-tips-for-achieving-compliance/): GDPR mandates data protection and data subject rights. HIPAA ensures confidentiality, integrity, and security of Protected Health Information (PHI).
- [GDPR Article 9: Special Personal Data Categories and How to Protect Them](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-article-9-special-personal-data-categories-and-how-to-protect-them/): GDPR Article 9, a section within the European Union General Data Protection Regulation, addresses the processing of special categories of personal data.
- [How Does GDPR Impact Log Management?](https://www.exabeam.com/explainers/gdpr-compliance/how-does-gdpr-impact-log-management/): The General Data Protection Regulation (GDPR) is a regulation that applies to all entities operating within the European Union (EU) or doing business in the EU.
- [GDPR Fines Structure and the Biggest GDPR Fines to Date](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-fines-structure-and-the-biggest-gdpr-fines-to-date/): The General Data Protection Regulation (GDPR) is a law enacted by the European Union in 2018 to handle data protection and privacy.
- [9-Step GDPR Compliance Checklist](https://www.exabeam.com/explainers/gdpr-compliance/9-step-gdpr-compliance-checklist/): A GDPR compliance checklist is a list of actions that can help an organization achieve compliance with the General Data Protection Regulation (GDPR).
- [The Main GDPR Requirements in Plain English](https://www.exabeam.com/explainers/gdpr-compliance/the-main-gdpr-requirements-in-plain-english/): The GDPR, a comprehensive data protection law, applies to every organization that processes the personal data of individuals within the European Union (EU).
- [The Intersection of GDPR and AI and 6 Compliance Best Practices](https://www.exabeam.com/explainers/gdpr-compliance/the-intersection-of-gdpr-and-ai-and-6-compliance-best-practices/): GDPR is transforming data privacy and has significant implications across sectors, impacting how AI systems use and process personal data.
- [GDPR Compliance: Definitions, Requirements & Compliance Checklist](https://www.exabeam.com/explainers/gdpr-compliance/gdpr-compliance-a-practical-guide/): GDPR compliance refers to adhering to the European Union's General Data Protection Regulation, which sets rules for how personal data of individuals within the EU is handled. It involves implementing measures to protect data privacy, ensuring transparency, and respecting individual rights related to their data.
## NetMon
- [NetMon](https://www.exabeam.com/resources/data-sheets/netmon/): Enhance network security with detailed network visibility. Learn how NetMon provides rich data and deep insights to detect and respond to advanced threats.
## Customer Success
- [Enhancing Log Collection with LogRhythm SIEM’s OC Admin](https://www.exabeam.com/blog/customer-success/enhancing-log-collection-with-logrhythm-siems-oc-admin/): LogRhythm recognizes these limitations and has made strides to ease the challenges with log collection. As part of the April release of LogRhythm SIEM version 7.12, we made it easier for customers to onboard log sources and we’ve enhanced the workflow to drive efficiency.
- [LogRhythm SIEM 7.15: Leverage New Beats and Platform Improvements](https://www.exabeam.com/blog/customer-success/logrhythm-siem-7-15-leverage-new-beats-and-platform-improvements/): LogRhythm SIEM version 7.15 simplifies Windows Event log onboarding, improves the analyst workflow when reviewing alarm notifications, features new tutorials, and supports additional log sources.
- [Expand Log Source Collection and Flexibility with LogRhythm SIEM 7.17](https://www.exabeam.com/blog/customer-success/expand-log-source-collection-and-flexibility-with-logrhythm-siem-7-17/): In our latest quarterly release, LogRhythm 7.17 expands log source collection capabilities to ingest third-party log sources in the SIEM.
- [Benefits of JSON Log Source Collection for LogRhythm SIEM Users](https://www.exabeam.com/blog/customer-success/benefits-of-json-log-source-collection-for-logrhythm-siem-users/): LogRhythm SIEM has introduced new Open Collection Architecture methods that let customers instantly send JSON data to the SIEM through third-party sources that use the Lumberjack protocol on the System Monitor.
- [Cut Dashboard Noise and Easily Retire Log Sources with LogRhythm SIEM 7.16](https://www.exabeam.com/blog/customer-success/cut-dashboard-noise-and-easily-retire-log-sources-with-logrhythm-siem-7-16/): LogRhythm SIEM version 7.16 helps analysts tune out unnecessary diagnostic events to save disc space and processing time, as well as help analysts separate Cases based on entities and RBAC controls.
- [Cut Log Source Onboarding Time by 50% with LogRhythm SIEM](https://www.exabeam.com/blog/customer-success/cut-log-source-onboarding-time-by-50-with-logrhythm-siem/): With LogRhythm 7.14, we’ve removed the technical difficulties to onboard log sources by bringing the process into a simple wizard-driven experience, cutting your time to onboard log sources in half.
- [Making Your Job Easier with LogRhythm SIEM 7.14](https://www.exabeam.com/blog/customer-success/making-your-job-easier-with-logrhythm-siem-7-14/): As part of LogRhythm SIEM version 7.14, we’ve made it easier than ever to onboard Beat log sources, incorporating the workflow in the Web Console for a streamlined experience.
- [Improve Log Source Administration, Management with LogRhythm SIEM 7.13](https://www.exabeam.com/blog/customer-success/improve-log-source-administration-management-with-logrhythm-siem-7-13/): LogRhythm 7.13 features a new engine in the SIEM that can ingest JSON data significantly faster than before, a data processor pooling system that automatically distributes logs across data processors, and new and updated supported log sources, enabling you to focus on threat detection, investigation, and response.
- [Product Update: What's New in LogRhythm SIEM 7.12](https://www.exabeam.com/blog/customer-success/enhancing-the-user-experience-with-logrhythm-siem-7-12/): LogRhythm 7.12 streamlines the process for collecting and monitoring new security data sources and automates log source onboarding, giving analysts a simplified experience and shifting more of their focus from administration to detecting, investigating, and responding to threats.
## HIPAA Compliance
- [HIPAA Compliant Texting: Features, Examples & Violation Penalties](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-compliant-texting-features-examples-violation-penalties/): HIPAA-compliant texting refers to text messaging practices that adhere to the Health Insurance Portability and Accountability Act (HIPAA) standards.
- [HIPAA vs. FERPA: Similarities, Differences, and Where They Intersect](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-vs-ferpa-similarities-differences-and-where-they-intersect/): HIPAA, enacted in 1996, secures patient health information. FERPA, enacted in 1974, protects the privacy of student education records in the U.S.
- [HIPAA vs. HITRUST: Key Differences and How HITRUST Helps with HIPAA](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-vs-hitrust-key-differences-and-how-hitrust-helps-with-hipaa/): HIPAA (1996) is a U.S. law for data privacy and security in healthcare. HITRUST creates and manages a certifiable framework for healthcare data protection.
- [HIPAA on AWS: Requirements and Best Practices](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-on-aws-requirements-and-best-practices/): Amazon Web Services (AWS) offers a secure infrastructure for healthcare providers and business associates that require HIPAA compliance.
- [HIPAA vs. PIPEDA: Similarities, Differences and Compliance Practices](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-vs-pipeda-similarities-differences-and-compliance-practices/): HIPAA protects patient health information in the U.S. PIPEDA governs how Canadian organizations handle personal information in commercial activities.
- [4 Key HIPAA Requirements and Compliance Best Practices](https://www.exabeam.com/explainers/hipaa-compliance/4-key-hipaa-requirements-and-compliance-best-practices/): The Health Insurance Portability and Accountability Act (HIPAA) of 1996 protects health information (PHI) from being disclosed without patient consent.
- [What Is the HIPAA Compliance Standard and How to Adhere to It?](https://www.exabeam.com/explainers/hipaa-compliance/what-is-the-hipaa-compliance-standard-and-how-to-adhere-to-it/): Learn the basic aspects of HIPAA compliance standards and the seven elements of an effective HIPAA compliance program.
- [HIPAA Violations: Types, Examples, and Biggest Violations in History](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-violations-types-examples-and-biggest-violations-in-history/): A HIPAA violation occurs when there is an unpermitted use or disclosure of Protected Health Information (PHI) that compromises the security or privacy of the PHI.
- [HIPAA Security: 7 Steps for Compliance with the Security Rule](https://www.exabeam.com/explainers/hipaa-compliance/hipaa-security-7-steps-for-compliance-with-the-security-rule/): The HIPAA Security and Privacy Rules are essential components of the Health Insurance Portability and Accountability Act (HIPAA).
- [9-Step HIPAA Compliance Checklist](https://www.exabeam.com/explainers/hipaa-compliance/9-step-hipaa-compliance-checklist/): The HIPAA Security and Privacy Rules are essential components of the Health Insurance Portability and Accountability Act (HIPAA).
## SOX Compliance
- [SOX 404: Requirements, Exemptions, and Compliance Checklist](https://www.exabeam.com/explainers/sox-compliance/sox-404-requirements-exemptions-and-compliance-checklist/): SOX Section 404 is a component of the U.S. Sarbanes-Oxley Act of 2002, aimed at ensuring the accuracy and reliability of corporate financial statements.
- [SOX Testing: 4-Step Process and Critical Best Practices](https://www.exabeam.com/explainers/sox-compliance/sox-testing-4-step-process-and-critical-best-practices/): SOX compliance testing refers to the process businesses use to ensure their financial operations comply with the Sarbanes-Oxley Act of 2002.
- [SOX vs. SOC: 6 Key Differences & Which Is Relevant for Your Company](https://www.exabeam.com/explainers/sox-compliance/sox-vs-soc-6-key-differences-which-is-relevant-for-your-company/): SOX compliance ensures transparency in financial reporting per the Sarbanes-Oxley Act, while SOC compliance is governed by the AICPA for service organizations.
- [SOX Controls: Common Types, Examples & Implementation Practices](https://www.exabeam.com/explainers/sox-compliance/sox-controls-common-types-examples-implementation-practices/): SOX controls are mechanisms mandated by the U.S. Sarbanes-Oxley Act of 2002 to safeguard against corporate fraud and financial misstatements.
- [SOX Compliance Software: 10 Tools to Know in 2025](https://www.exabeam.com/explainers/sox-compliance/sox-compliance-software-10-tools-to-know/): SOX software helps organizations comply with the U.S. Sarbanes-Oxley Act , which aims to enhance financial transparency and prevent corporate fraud.
- [SOX Violations: 5 Examples of Multi-Million Dollar Penalties](https://www.exabeam.com/explainers/sox-compliance/sox-violations-4-examples-of-multi-million-dollar-penalties/): SOX violations refer to breaches of SOX, a U.S. federal law enacted in 2002 to protect investors from fraudulent financial reporting by corporations.
- [SOX Cybersecurity Requirements and Best Practices for 2025](https://www.exabeam.com/explainers/sox-compliance/sox-cybersecurity-requirements-and-best-practices/): SOX compliance refers to the adherence to a law enacted in 2002, aiming to protect shareholders and the general public from accounting errors and fraudulent practices.
- [SOX Audits: Requirements, Process & Best Practices](https://www.exabeam.com/explainers/sox-compliance/sox-audits-requirements-process-best-practices/): The Sarbanes-Oxley Act of 2002 (SOX) is a U.S. federal law enacted to address major corporate and accounting scandals like Enron, Tyco, and WorldCom.
- [SOX Compliance: Requirements and Checklist](https://www.exabeam.com/explainers/sox-compliance/sox-compliance-requirements-and-checklist/): Understanding the requirements of the regulation is only half the battle when it comes to SOX compliance. To achieve compliance effectively, you will need the right technology stack in place.
## MITRE ATT&CK
- [MITRE ATT&CK Cloud Matrix: Use Cases, Tactics, and Sub-Matrices](https://www.exabeam.com/explainers/mitre-attck/mitre-attck-cloud-matrix-use-cases-tactics-and-sub-matrices/): The MITRE ATT&CK Cloud Matrix is a knowledge base used for planning, discussing, and improving cloud security.
- [MITRE ATT&CK ICS: Tactics, Techniques, and Best Practices](https://www.exabeam.com/explainers/mitre-attck/mitre-attck-ics-tactics-techniques-and-best-practices/): MITRE ATT&CK for ICS is a framework designed to tackle unique challenges and threats in industrial environments.
- [MITRE ATT&CK Navigator: Use Cases, Layers, and How to Get Started](https://www.exabeam.com/explainers/mitre-attck/mitre-attck-navigator-use-cases-layers-and-how-to-get-started/): MITRE ATT&CK Navigator helps cybersecurity professionals visualize and understand the MITRE ATT&CK framework's comprehensive cyber adversary behavior database.
- [Cyber Kill Chain vs. Mitre ATT&CK®: 5 Key Differences and Synergies](https://www.exabeam.com/explainers/mitre-attck/cyber-kill-chain-vs-mitre-attck-4-key-differences-and-synergies/): The Cyber Kill Chain and Mitre ATT&CK Frameworks are models for understanding cyber adversary operations and behavior.
- [MITRE Engenuity MITRE ATT&CK® Evaluations in Your Organization](https://www.exabeam.com/explainers/mitre-attck/mitre-engenuity-mitre-attck-evaluations-in-your-organization/): MITRE Engenuity is a non-profit affiliated with the MITRE Corporation. It provides ATT&CK Evaluations, a program that checks products and solutions against the ATT&CK framework.
- [What is the MITRE Matrix?](https://www.exabeam.com/explainers/mitre-attck/what-is-the-mitre-matrix/): The MITRE organization has developed a matrix that maps out tactics, techniques and procedures, which can help monitor and analyze security events.
- [Mitigating Security Threats with MITRE ATT&CK®](https://www.exabeam.com/explainers/mitre-attck/mitigating-security-threats-with-mitre-attck/): Learn about tactics, techniques and procedures (TTPs), and how understanding them can help prevent and remediate security incidents.
- [What is MITRE ATT&CK®: An Explainer](https://www.exabeam.com/explainers/mitre-attck/what-is-mitre-attck-an-explainer/): Learn about the MITRE ATT&CK framework, understand tactics, techniques, and common knowledge, discover the three ATT&CK matrices, and much more.
- [What is MITRE ATT&CK® Framework and How Your SOC Can Benefit](https://www.exabeam.com/explainers/mitre-attck/what-is-mitre-attck-framework-and-how-your-soc-can-benefit/): Learn about the MITRE ATT&CK Framework, its use cases, the Matrices that make it up, and how it relates to other industry standards and tools like SIEM and XDR.
- [What is MITRE Engage (Formerly MITRE Shield)?](https://www.exabeam.com/explainers/mitre-attck/what-is-mitre-engage-formerly-mitre-shield/): Learn about MITRE Engage (Shield), a collection of defensive tactics, techniques and procedures you can use for active defense against cyber threats.
- [What Is MITRE D3FEND™?](https://www.exabeam.com/explainers/mitre-attck/what-is-mitre-d3fend/): The MITRE D3FEND Framework is a cybersecurity framework developed by MITRE Corporation and was created as a counterpart to the widely recognized MITRE ATT&CK Framework.
## What Are TTPs
- [What Is Lateral Movement? Detect and Prevent It](https://www.exabeam.com/explainers/what-are-ttps/what-is-lateral-movement-and-how-to-detect-and-prevent-it/): Lateral movement is a post-breach technique where attackers use stolen credentials to move through a network, access sensitive data, escalate privileges, and potentially take full control.
- [9 Lateral Movement Techniques and Defending Your Network](https://www.exabeam.com/explainers/what-are-ttps/9-lateral-movement-techniques-and-defending-your-network/): Lateral movement techniques refer to the strategies and methods employed by cybercriminals to progress through a network after gaining initial access.
- [What Are TTPs and How Understanding Them Can Help Prevent the Next Incident](https://www.exabeam.com/explainers/what-are-ttps/what-are-ttps-and-how-understanding-them-can-help-prevent-the-next-incident/): Learn about tactics, techniques and procedures (TTPs), and how understanding them can help prevent and remediate security incidents.
## PCI Compliance
- [What Is a PCI Attestation of Compliance (AoC)?](https://www.exabeam.com/explainers/pci-compliance/what-is-a-pci-attestation-of-compliance-aoc/): A PCI Attestation of Compliance (AoC) is a declaration provided by an organization stating its compliance with the PCI Data Security Standard (PCI DSS).
- [PCI Compliance on AWS: How AWS Supports the 12 PCI Requirements](https://www.exabeam.com/explainers/pci-compliance/pci-compliance-on-aws-how-aws-supports-the-12-pci-requirements/): PCI DSS is a set of security standards designed to ensure that all companies accepting or transmitting credit card information maintain a secure environment.
- [PCI Report on Compliance (RoC): A Practical Guide](https://www.exabeam.com/explainers/pci-compliance/pci-report-on-compliance-roc-a-practical-guide/): A PCI Report on Compliance (RoC) is a document reviewing an organization's adherence to the Payment Card Industry Data Security Standards.
- [What Is FISMA Compliance? Requirements and Best Practices](https://www.exabeam.com/explainers/pci-compliance/what-is-fisma-compliance-requirements-and-best-practices/): FISM, is key U.S. legislation aimed at enhancing the security of data and information systems used by the federal government.
- [PCI Compliance SAQ: 10 Types and Which One Is Right for You](https://www.exabeam.com/explainers/pci-compliance/pci-compliance-saq-9-types-and-which-one-is-right-for-you/): A PCI Self-Assessment Questionnaire (SAQ) is used by merchants handling credit card data to declare their compliance with the PCI Data Security Standard.
- [Quick PCI Compliance Checklist: Be Ready for Your Next Audit](https://www.exabeam.com/explainers/pci-compliance/quick-pci-compliance-checklist-be-ready-for-your-next-audit/): Get a PCI compliance checklist including security policies, firewalls, encryption, and access control, which can help you prepare for a PCI DSS audit.
- [The 4 PCI Compliance Levels Explained](https://www.exabeam.com/explainers/pci-compliance/the-4-pci-compliance-levels-explained/): PCI compliance is important for maintaining a company's reputation and protecting consumer data by avoiding security issues and data breaches. There are four PCI DSS compliance levels for merchants, based on the number of card transactions they process each year.
- [What Is PCI Compliance? The 12 Requirements](https://www.exabeam.com/explainers/pci-compliance/pci-compliance-a-quick-guide/): What Is PCI Compliance? The Payment Card Industry Data Security Standards (PCI DSS) applies to any company storing processing, or transmitting credit card data. It facilitates the comprehensive adoption of consistent data security measures.
- [PCI Audit: Requirements and 5 Steps to Prepare for Your Audit](https://www.exabeam.com/explainers/pci-compliance/pci-audit-requirements-and-5-steps-to-prepare-for-your-audit/): Understand PCI DSS requirements, which companies are required to perform PCI audits.
- [Executive Order 14028: What You Need to Know](https://www.exabeam.com/explainers/pci-compliance/executive-order-14028-what-you-need-to-know/): Executive Order 14028 primary focus is to strengthen national cybersecurity defenses, particularly in the face of increasingly sophisticated and frequent cyberattacks.
- [The 12 PCI DSS Requirements Explained](https://www.exabeam.com/explainers/pci-compliance/the-12-pci-dss-requirements-explained/): Learn which organizations need to be PCI compliant, what are the consequences of non-compliance, and get the gist of the 12 main PCI DSS requirements.
- [PCI Security: 7 Steps to Becoming PCI Compliant](https://www.exabeam.com/explainers/pci-compliance/pci-security-7-steps-to-becoming-pci-compliant/): If your business processes credit card payments, you must comply with the PCI DSS standard. Learn what PCI encompasses, and what compliance requires.
## Industries
- [Manufacturing](https://www.exabeam.com/industries/manufacturing/): Improve operational visibility and secure your manufacturing processes with Exabeam. Gain insights, detect threats, and safeguard your data.
- [Higher Education](https://www.exabeam.com/industries/higher-education/): Enhance operational visibility in higher education with Exabeam. Find out how Exabeam helps detect and respond to advanced threats and protect sensitive information.
- [Healthcare](https://www.exabeam.com/industries/healthcare/): As the healthcare industry embraces IoT, digital therapeutics, cloud hosting, and AI to improve patient care, it becomes increasingly vulnerable to emerging threats, putting patient privacy at risk.
- [Government](https://www.exabeam.com/industries/government/): Securing critical infrastructure and government agencies is easier with Exabeam's innovative tools for smarter detection, faster investigations, and easier response.
- [Financial Services](https://www.exabeam.com/industries/financial-services/): Discover how Exabeam is transforming financial services. Revolutionize data collection, detection, and response with a comprehensive security solution.
## Infographic
- [The AI Opportunity in Security Operations](https://www.exabeam.com/resources/infographics/the-ai-opportunity-in-security-operations/): Artificial intelligence (AI) has long been part of the security landscape, but more recent developments like generative AI bring new challenges and opportunities for the security operations center (SOC).
- [The Challenges of Cybersecurity in Higher Education](https://www.exabeam.com/resources/infographics/the-challenges-of-cybersecurity-in-higher-education/): Colleges and universities are faced with balancing small cyber security teams and limited budgets. This balance is challenged even more by the large number of regulations they are required to adhere to.
- [5 Key Things to Achieve in Your First 90 Days as CISO](https://www.exabeam.com/resources/infographics/5-key-things-to-achieve-in-your-first-90-days-as-ciso-infographic/): The role of CISO has changed. The increase in cyberattacks has placed the role of the CISO at center stage. Make the most of the first 90 days on your job.
- [How Effective Is Your SOC?](https://www.exabeam.com/resources/infographics/how-effective-is-your-soc/): Our “Exabeam 2020 State of the SOC Report” uncovered the ways that survey respondents across the world ensure their SOC is as effective as possible.
- [Mitigating Insider Threats with Exabeam](https://www.exabeam.com/resources/infographics/mitigating-insider-threats-with-exabeam/): Here’s everything you need to know about insider threats—and how you can fight them.
## Log Management
- [Why You Need Cloud Log Management and 3 Critical Best Practices](https://www.exabeam.com/explainers/log-management/why-you-need-cloud-log-management-3-critical-best-practices/): Cloud log management is an advanced approach to managing and analyzing log data generated by applications, systems, and networks in a cloud-based environment.
- [What Is Log Analysis? Process, Techniques, and Best Practices](https://www.exabeam.com/explainers/log-management/what-is-log-analysis-process-techniques-and-best-practices/): Log analysis is the process of collecting, parsing, and examining machine-generated event data, such as server requests, application errors, and security events. It is critical for diagnosing system failures, uncovering cybersecurity threats, and optimizing performance.
- [Top 7 Log Management Tools in 2026 and How to Choose](https://www.exabeam.com/explainers/log-management/top-6-log-management-tools-and-how-to-choose/): Log management tools are software systems designed to collect, process, and store log data generated by various devices in an organization's IT infrastructure.
- [7 Critical Log Management Best Practices](https://www.exabeam.com/explainers/log-management/7-critical-log-management-best-practices/): Log management is the process of collecting, storing, and analyzing log files, which can be used to track performance, availability, and security of IT systems.
- [Log Analytics: Use Cases, Challenges, and Best Practices](https://www.exabeam.com/explainers/log-management/log-analytics-a-practical-guide/): Log analytics is the process of collecting, indexing, and analyzing computer-generated log data from infrastructure and applications to gain operational insights, enhance security, and troubleshoot issues. It centralizes data from various sources to enable monitoring, real-time analysis, and trend identification.
- [What Is Log Management? Process & Tools](https://www.exabeam.com/explainers/log-management/log-management-process-tools-and-tips-for-success/): A log is an automatically generated, timestamped record of events related to a particular system Effective log management is critical to both security and compliance.
- [7 Best Log Analysis Tools You Should Know](https://www.exabeam.com/explainers/log-management/log-analysis-tools-key-capabilities-and-5-tools-you-should-know/): Log analysis tools are software applications that collect, and analyze log data from a variety of sources and provide advanced features.
- [Splunk Log Analysis with Log Observer: 5 Key Capabilities](https://www.exabeam.com/explainers/log-management/splunk-log-analysis-with-log-observer-5-key-capabilities/): Splunk log analysis is the process of using the Splunk platform to search, filter, and analyze log data to gain insights and troubleshoot problems.
- [What is Azure Log Analytics?](https://www.exabeam.com/explainers/log-management/azure-log-analytics-the-basics-and-a-quick-tutorial/): Azure Log Analytics is a service that monitors your cloud and on-premises resources and applications. It allows you to collect and analyze data generated by resources in your cloud and on-premises environments. You can use Azure Log Analytics to search, analyze, and visualize data to identify trends, troubleshoot issues, and monitor your systems.
- [AWS Log Analytics: Cloud Services and Reference Architecture](https://www.exabeam.com/explainers/log-management/aws-log-analytics-cloud-services-and-reference-architecture/): Log analysis is the process of collecting, parsing, and analyzing log data from various sources in order to identify patterns, trends, and issues.
## Video
- [Spotlight23: Exabeam Cybersecurity Warrior Awards](https://www.exabeam.com/resources/videos/spotlight23-exabeam-cybersecurity-warriors-awards/): The Exabeam Cybersecurity Warriors Awards recognize top Exabeam customers that distinguish themselves through leadership and innovation in cybersecurity.
- [Spotlight23: Lessons in Leadership With Chris Mullin](https://www.exabeam.com/resources/videos/spotlight23-lessons-in-leadership-with-chris-mullin/): Former sports broadcaster, Sherry Lowe, interviews Chris Mullin on leadership, teamwork, and high performance.
- [Spotlight23: Evolution of Cybersecurity, Advanced Threats, and How AI is Changing the Game](https://www.exabeam.com/resources/videos/spotlight23-evolution-of-cybersecurity-advanced-threats-and-how-ai-is-changing-the-game/): Brian Goldstein shares his insights on how he’s seen AI evolve within cybersecurity, the complexity of risk, and where security teams need to get hyper focused.
- [See How We Protect Your Business From Insider Threats](https://www.exabeam.com/resources/videos/live-demo-see-how-we-protect-your-business-from-insider-threats/): To combat insider threats you must baseline, monitor, and analyze behavior of users and assets around the clock, and react fast when something suspicious is identified.
- [The Importance of Automated Cyberthreat Response](https://www.exabeam.com/resources/videos/the-importance-of-automated-cyberthreat-response/): Mike DeCesare discusses: taking an "open approach" to XDR, the importance of automated response and the biggest cybersecurity pain points.
- [Spotlight21: Data Unleashed for the Exabeam Power User](https://www.exabeam.com/resources/videos/spotlight21-data-unleashed-for-the-exabeam-power-user/): In this session from our Spotlight21 experts discuss ways you can make use of the data collected and analyzed by the Exabeam platform.
- [Spotlight21: How Exabeam Smart Timelines Work and Why They’ll Change How You Investigate Incidents](https://www.exabeam.com/resources/videos/spotlight21-now-thats-smart-how-exabeam-smart-timelines-work-and-why-theyll-change-how-you-investigate-incidents/): Learn about Exabeam Smart Timelines and how embracing the context they deliver can make all the difference in the world to your SOC.
## SIEM Security
- [SIEM vs. SOC: 4 Key Differences and How They Work Together](https://www.exabeam.com/explainers/siem-security/siem-vs-soc-4-key-differences-and-how-they-work-together/): Security information and event management (SIEM) is a software solution that aggregates and analyzes activity data from various resources across your IT infrastructure. A SOC is a centralized unit that deals with security issues on an organizational and technical level.
- [5 SecOps Functions and Best Practices for SecOps Success](https://www.exabeam.com/explainers/siem-security/5-secops-functions/): Security Operations (SecOps) is a synergy between security teams and IT operations. SecOps functions include monitoring, triage, incident response, forensics, and threat intelligence.
- [Incident Response Automation and Security Orchestration with SOAR](https://www.exabeam.com/explainers/siem-security/incident-response-and-automation/): Learn about Security Orchestration, Automation and Response (SOAR) tools which make incident response more efficient, effective and manageable at scale.
- [Battling Cyber Threats Using Next-Gen SIEM and Threat Intelligence](https://www.exabeam.com/explainers/siem-security/threat-intelligence/): Exabeam Threat Intelligence Services (TIS) with SIEM: While SIEMs are central for SOC cybersecurity, SIEMs are often not enough. With the growing sophistication of organized, modern cyber attackers and their highly-targeted techniques, organizations can be left with serious vulnerabilities using SIEM alone.
- [A SIEM Security Primer: Evolution and Next-Gen Capabilities](https://www.exabeam.com/explainers/siem-security/a-siem-security-primer/): Security information and event management (SIEM) solutions use statistical correlations and behavioral analytics to turn logs and events into actionable alerts.
- [10 SIEM Use Cases in a Modern Threat Landscape](https://www.exabeam.com/explainers/siem-security/siem-use-cases/): There are a large variety of SIEM use cases from traditional uses such as compliance, to cutting edge use cases such as insider threat detection and IoT security.
- [SOC vs. SIEM: Understanding The Role of SIEM Solutions in the SOC](https://www.exabeam.com/explainers/siem-security/the-soc-secops-and-siem/): Learn how a SIEM powers key SOC processes, see an incident response model based on SIEM, and learn about SOC tools like WAF, NGFW, and EDR.
## Event Logging
- [Security Log Management: Challenges and Best Practices](https://www.exabeam.com/explainers/event-logging/security-log-management-challenges-and-best-practices/): Security event logging involves monitoring logs to detect security-related activities.
- [The Significance and Role of Firewall Logs](https://www.exabeam.com/explainers/event-logging/firewall-logs/): Understand firewall logging, how to analyze firewall logs and learn about firewall logging providers. See why firewall logging is important.
- [Event Log: Leveraging Events and Endpoint Logs for Security](https://www.exabeam.com/explainers/event-logging/event-log/): Learn what is an event, how endpoint logs work, and how to leverage event log data to improve your organization’s security.
- [What Is Log Aggregation? The Complete Guide](https://www.exabeam.com/explainers/event-logging/log-aggregation/): Learn about log aggregation, the log processing flow, log aggregation methods, and top open-source tools like Elastic and Fluentd.
- [SIEM Log Management: The Complete Guide](https://www.exabeam.com/explainers/event-logging/events-and-logs/): Learn how Security Information and Event Management (SIEM) logging works and how to manage security logs for Windows, iOS, Linux, EDR, and firewall.
## XDR
- [What Is XDR? Transforming Threat Detection and Response](https://www.exabeam.com/explainers/xdr/what-is-xdr-transforming-threat-detection-and-response/): Learn about eXtended Detection and Response (EDR), its key capabilities, and how to leverage it for effective detection and eradication of critical threats.
- [XDR vs SIEM: Current Capabilities and How They Will Evolve](https://www.exabeam.com/explainers/xdr/xdr-vs-siem-current-capabilities-and-how-they-will-evolve/): Learn about the key capabilities of XDR vs. SIEM today, and how SIEM and XDR will evolve in the near future.
- [XDR Security: 10 Ways XDR Enhances Your Security Posture](https://www.exabeam.com/explainers/xdr/xdr-security-10-ways-xdr-enhances-your-security-posture/): Understand how XDR helps secure your organization and discover surprising ways XDR can improve your security posture in ways other tools cannot.
- [Understanding Open XDR](https://www.exabeam.com/explainers/xdr/understanding-open-xdr/): Understand open XDR, how it compares to native XDR, and 3 key technical differences between open XDR and SIEM.
- [XDR Solutions: Choosing the Best Option for You](https://www.exabeam.com/explainers/xdr/xdr-solutions-choosing-the-best-option-for-you/): Learn about native XDR vs open XDR, how XDR solutions work, and 4 questions you should ask to evaluate an XDR solution for your organization.