October 2025 Updates
Security operations teams are under constant pressure to prove value. CISOs need to show ROI, analysts must contend with overwhelming alert volumes, while detection engineers struggle to operationalize new content.
The October 2025 Exabeam release delivers updates across the New-Scale and LogRhythm SIEM Platforms to help teams overcome these challenges. With peer benchmarking, customizable risk ratings, automated Sigma rule conversion, embedded help, and extended automation, SOCs can reduce low-value work and focus on strategic outcomes.
NEW ON THE CLOUD-NATIVE PLATFORM
New-Scale Security Operations Platform
A cloud-native platform that automates threat detection, investigation, and response to improve SOC productivity and demonstrate security value.

BENCHMARK AGAINST PEER GROUPS
Benchmark Performance and Validate Strategy
Security leaders can now benchmark their security posture against peers by size, industry, and region using the Exabeam Nova Advisor Agent in Outcomes Navigator. The Advisor Agent provides defensible metrics to brief the board, validate strategy, and justify investments. Daily updates help identify coverage strengths and opportunities for improvement across MITRE ATT&CK® techniques and use cases, helping teams prioritize work with clear, actionable insights.

CUSTOMIZED RISK RATINGS
Apply Business Context to Risk
Not every alert warrants the same response. Customizable risk ratings empower analysts to assign Low, Medium, High, or Critical importance to events. The Exabeam Nova Risk Scoring Agent then dynamically adjusts scores, automatically creating cases for critical events while filtering out noise. This ensures analysts can focus on the threats that pose the greatest risk to the business.

ACCELERATE DETECTION ENGINEERING
Automate Sigma Rule Conversion
The New-Scale Platform now supports Uncoder.io, the open-source marketplace for detection engineering. The platform can now convert rules from Sigma and third-party SIEMs into New-Scale detections and hunts. This includes the vast Sigma threat hunting library, enabling security teams to adopt community-driven detections faster. Detection and hunting teams save time, reduce manual conversion work, and scale coverage efficiently.
New-Scale Customer Success Center
The New-Scale Platform Success Center embeds onboarding plans, documentation, and product announcements directly into the Platform. With faster access to guidance, customers can speed adoption and find answers quickly without searching multiple portals or contacting support.
New-Scale Cloud Collectors
Exabeam introduces certified, end-to-end cloud collectors with built-in content and health monitoring. New collectors for Cylance, GitHub, Qualys, and DataBahn accelerate onboarding, ensure reliable data flow, and close visibility gaps.
Custom Content Conversion
To preserve existing security investments, Exabeam now converts customer-built Advanced Analytics rules into their New-Scale Analytics equivalents during upgrades. This process ensures critical use cases carry forward without manual rebuilds, maintaining operational continuity and efficiency.
Global Email Notifications
Global email notifications route alerts and system events to any email address, list, or ticketing system. This capability ensures important updates align with established workflows, reducing missed alerts and creating more consistent processes.
NEW ON THE SELF-HOSTED PLATFORM
LogRhythm SIEM
A scalable and intuitive self-hosted SIEM that delivers comprehensive visibility, protection, and threat detection across all environments, systems, and assets.
Multi-Cluster Log Forwarding
LogRhythm now supports log forwarding to multiple clusters simultaneously, ensuring data is always available across different regions. If one cluster goes offline, logs remain accessible for investigations and compliance, strengthening business resilience.
New Metric Widgets
Dashboards now support advanced calculations, including count, sum, average, minimum, and maximum. Analysts can quickly identify patterns, spot anomalies, and deliver clearer reports without manual effort.
Unified Threat Center – LogRhythm
The new Threat Center unifies alarms and cases into a single, streamlined view. This console reduces context switching and accelerates triage, creating a more efficient and productive workflow for analysts.
Collector Sync for O365
The new collector sync capability for O365 simplifies verifying log ingestion health. By ensuring reliable data flow from Microsoft 365, teams gain clearer visibility into cloud activity.
Platform Security Enhancements
This release strengthens the LogRhythm SIEM Platform with more robust self-signed certificates, enhanced audit records, and modernized installer packages. These improvements harden the LogRhythm SIEM Platform, strengthening organizations’ overall security posture and resilience.

See Exabeam in Action
Request more information or request a demo of the industry’s most powerful platforms for threat detection, investigation, and response (TDIR).
Learn more:
- If self-hosted or cloud-native SIEM is right for you
- How to ingest and monitor data at cloud scale
- Why seeing abnormal user and device behavior is critical
- How to automatically score and profile user activity
- See the complete picture using incident timelines
- Why playbooks help make the next right decision
- Support compliance mandates
Award-Winning Leaders in Security