Allows security teams to detect, investigate and respond to critical threats faster and more effectively
SAN MATEO, Calif., Nov. 29, 2018 – Exabeam, the next-gen SIEM company, today announced two new features: Exabeam Smart Timelines and a single user interface (UI), as part of its ongoing mission to improve security analyst productivity. The additions to the Exabeam security information and event management (SIEM) platform will offer improved detection, investigation and response to threats. The company also announced the general availability (GA) of its Threat Intelligence Service to its customer base.
Smart Timelines incorporate indicators of compromise (IOCs) from the Exabeam Threat Intelligence Service, including suspicious IP addresses, blacklisted IP addresses, known phishing URLs, and malicious file signatures. By automating the task of timeline creation and automatically stitching together normal and abnormal behaviors for users and devices, Smart Timelines put an end to a common problem for security analysts– known as ‘swivel chair’ incident response– in which workflows require multiple products with different interfaces and credentials. Now, investigators can accurately pinpoint anomalous events and improve their productivity for incident investigation and threat hunting.
“Exabeam Smart Timelines allow us to quickly analyze and understand when there is a threat, so my team can spend their time acting on the evidence and outmaneuver our adversaries,” said Ryan Clarque, senior manager, Global Cybersecurity, Levi Strauss & Co.
Ian Lee, manager, IT Security and Compliance, Hudbay Minerals, Inc., reiterated Clarque’s point: “Exabeam Smart Timelines stitch together events from various sources, making it easy for us to identify anomalous activity in our environment.”
The Threat Intelligence Service behind Smart Timelines is a curated cloud threat intelligence feed that provides context for potential attacks, which SOCs need, by uncovering IOCs and malicious hosts. As part of the service, Exabeam aggregates IOC feeds and applies machine algorithms to remove false positives before downloading the feeds on a daily basis to Exabeam Data Lake and Exabeam Advanced Analytics.
The Exabeam Security Management Platform now also has a single, unified UI for detection, investigation and response. Having fewer tools to master means that engineers have a significantly reduced learning curve. Additionally, the ability to easily and efficiently move from investigation to case management to response without needing to manually assemble information from multiple disparate systems reduces the chance for human error. By spending more time on investigation, teams decrease the mean time to detect (MTTD) and mean time to respond (MTTR).
“We know that SOC teams are severely time constrained and under intense pressure, due to staffing issues and ubiquitous cyberthreats. Manual tasks like reviewing logs to understand the full scope of an attack can be unnecessarily burdensome,” said Trevor Daughney, vice president of Product Marketing at Exabeam. “Considering how overloaded the SOC team is, we want to end fragmented workflows and combine disparate systems and interfaces, so that critical alerts for distributed attacks aren’t missed.”
Other new features of the Exabeam Security Management Platform include:
- SAML integration for quick and easy single sign-on (SSO) authentication with popular identity and access management (IAM) vendors like Okta, Ping and Google
- Granular role-based access control (RBAC) for watch lists to control access of sensitive user information by role and responsibility
- Eight new out-of-the-box response playbooks and over 20 additional prebuilt integrations connecting Exabeam Incident Responder to popular security tools
Exabeam Smart Timelines, Exabeam Case Management, Exabeam Threat Intelligence Service and new versions of Exabeam Advanced Analytics and Exabeam Incident Responder will be GA on Nov. 30, 2018. Exabeam Threat Intelligence Service will be available at no additional charge to Exabeam customers. For more information on the offerings, please visit https://www.exabeam.com/product/.
Exabeam delivers next-generation security management technology that enables organizations to protect their most valuable information. The Exabeam Security Management Platform combines unlimited log data collection, advanced behavioral analytics, and automated incident response, all supported by Exabeam’s patented Smart Timelines technology that uses machine learning to track identity and behavior over time. The company’s recent industry accolades include Forbes Cloud 100, Inc. 500, and SC Awards Europe, among many other distinctions. Exabeam is privately funded by Aspect Ventures, Cisco Investments, Icon Ventures, Lightspeed Venture Partners, Norwest Venture Partners and well-known security investor Shlomo Kramer. For more information, visit https://www.exabeam.com or follow us on Twitter @exabeam.
[UPDATE: Exabeam Threat Intelligence is now available on Exabeam Data Lake. Data Lake version i24 was released on Dec. 17, 2018.]
Exabeam Media Contact:
Emily Gallagher/Alyssa Pallotti