New-Scale SIEM

Name: New-Scale SIEM
Brand: Exabeam
Availability: InStock

New-Scale SIEM is cloud-native with fast, modern search, powerful correlation, reporting, dashboarding, and case management combined with Generative AI productivity. New-Scale SIEM includes cloud-scale log management and a centralized workbench for threat, detection, investigation, and response (TDIR) efficiency.

Request a Demo Read the Data Sheet

7937+

pre-built log parsers

events per second sustained

100+

pre-built correlation rules

549

product integrations

HIGH PERFORMANCE SEARCH

Search across terabytes of data in seconds

A highlight of New-Scale SIEM is its Search — a single interface that allows analysts to search data at lightning-fast speeds. Power users can leverage a powerful advanced query language, and less experienced users can utilize Natural Language Processing (NLP) to execute searches, timelines, and create powerful visualizations.

Generative AI powered NLP search, dashboards, and timelines
Empowering all skill levels

POWERFUL AGENT ASSISTANCE

Boost your team capabilities using intelligent agents

Exabeam Nova agents act as an extension to your SOC team, automating and simplifying both strategic and routine tasks. Whether it’s a review of your security posture, an analysis of detections, threat classifications, or case summaries, Exabeam Nova is powering workflows across security operations.

FOCUSED ON OUTCOMES

Align data ingestion with critical business outcomes

Outcomes Navigator, an application on the New-Scale Platform, helps organizations follow their unique security journeys. Rather than forcing a path, it guides you toward outcomes. As the only vendor mapping data to security outcomes and MITRE ATT&CK®, Exabeam offers insights and solutions to close any gaps.

Malicious insider, compromised insider, and external threat coverage
Prescriptive approach
Supports insider threat monitoring

THREAT CENTER CASE MANAGEMENT

Quickly and easily create, respond, and close cases

A feature within the Threat Center workbench, incidents from the New-Scale Platform or third-party products are centralized for an analyst’s review. Create a case to start tracking your response or assign the case to the person responsible for responding. Easily document your response and track your progress.

STREAMLINE ANALYST WORKFLOWS

Centralize threat detection, investigation, and response (TDIR)

Threat Center unifies alerts, cases, detections and automation within a single interface. It streamlines TDIR through alert prioritization, automated evidence collection, and timeline creation ensuring a consistent view of threats.

Reduces analyst workload
Centralizes alerts, cases, detections and automation

SERVICE AND HEALTH CONSUMPTION

Visualize platform consumption and service health

Engineers can quickly identify any issues within New-Scale Platform services, determine the root cause, and remediate issues. Deep visibility into the platform helps isolate service or performance issues faster, saving valuable time. Service and Health also lets users monitor their daily consumption to control costs and avoid overages.

Quickly identify issues, deep visibility, contrail costs and overages

LOG COLLECTION MADE EASY

Add a new data source in minutes

Securely collect data from on-premises or cloud data sources at scale using a single interface. A wizard enables custom parser creation from new or templated log sources making it easy to develop, deploy, and manage error-free parsers. Process events at over 2 million per second (EPS) sustained.

Over 7,000 pre-built log parsers
Multiple transport methods: API, agent, syslog, SIEM, data lake

DATA PREPARATION AND ORGANIZATION

Ingestion powered by a Common Information Model (CIM)

A Common Information Model provides the New-Scale Platform normalized, security-relevant logs that are faster and easier to parse, store, and manage. The CIM promotes rapid detection and response, visualizations and reporting, and high-performance search.

Transforms raw data into organized, actionable security events
Defines the 10 most important fields, 76 subjects, 395 activity types, and two outcomes
Supports any vendor log source

THREAT INTELLIGENCE SERVICE

Aggregating and analyzing feeds for better accuracy

Available at no additional cost and refreshed every 24 hours, the Threat Intelligence Service ingests commercial and open-source feeds, then aggregates, scrubs, and ranks them, using machine learning algorithms to produce a highly accurate stream of IoCs.

REPORTING AND DASHBOARD BUILDING

Build dashboards and reports using a business intelligence-type tool

Print, export, and view dashboard data with pre-built compliance reports and customize dashboards with 14 different chart types. Custom reports allow organizations to glean value from their SIEM data that is tailored to their requirements without purchasing additional tools. Leverage natural language to quickly and easily create dashboards.

POWERFUL CORRELATION BUILDING

Build custom detections from scratch or use a template

Turn your searches into powerful threat-hunting rules in one click. Properly designed correlation rules enable you to surface a broad range of behaviors and events. Write, test, publish, and monitor up to 1,000 custom correlation rules, including defining higher criticality for those that correspond to Threat Intelligence Service-sourced activity.

Start from scratch, use a template, or save a search
Define events of interest and the conditions they must meet
Assign conditions and criticality to support the appropriate response

FLEXIBLE AND ADAPTABLE DEPLOYMENT

Easy to Get Started

The modular, AI-driven New-Scale Security Operations Platform is delivered through three products: New-Scale Fusion, New-Scale SIEM, and New-Scale Analytics. The platform provides powerful, fully integrated log management, SIEM, UEBA, SOAR, and insider threat capabilities, plus compliance. With New-Scale, replace a SIEM or augment one with behavioral analytics and automation.

How can we help? Talk to an expert.

Frequently Asked Questions

How does the vendor ensure availability of the SIEM solution?

The New-Scale Security Operations Platform is built on the Google Cloud Platform (GCP) which has a 99.5% uptime service level agreement (SLA). Uptime is further enhanced with application-level resiliency and redundancy. Lastly, Exabeam has a global team of cloud operations experts who monitor dozens of health signals around the clock to proactively detect and remediate concerns before they become issues. Customers can access their unique status page at any time to check the availability of Exabeam cloud-delivered services.

Where is the solution delivered from, and where is my data stored?

New-Scale SIEM is cloud-native and is delivered from GCP. We leverage GCP to store data securely and leverage many of their availability centers across the globe. The exact location and country used in your deployment will be determined at the time of purchase as we continuously keep adding new locations. Customers may choose where their service is hosted from a list of available, global locations. We use every care to protect our customers’ data. As part of our commitment to making data private, each customer’s data is isolated and not visible to other tenants.

How is my data collected and transported?

We use a combination of Collectors, log forwarding, as well as log fetching options directly from other SIEMs like QRadar, Sentinel, or Splunk (on-prem or Splunk Cloud) using their APIs, to securely transport customer data to our cloud-hosted solution. Collectors are virtual machines running Exabeam software on your premises. They are secured behind your firewalls and use SSL to forward encrypted data to the New-Scale Platform. Collectors can also bring your data from public clouds such as AWS, Azure, and GCP and SaaS applications, including Microsoft Office 365 and Salesforce.

“Using Exabeam reminded me of how surprisingly fast the platform updates. There is an almost daily improvement on desired functions, and with Exabeam, it all keeps getting better.”