Exabeam New-Scale SIEM

Name: New-Scale SIEM
Brand: Exabeam
Availability: InStock

New-Scale SIEM is a cloud-native SIEM that provides fast search, powerful correlation, and centralized case management. It unites cloud-scale log management with a unified workbench to accelerate threat, detection, investigation, and response (TDIR).

Request a Demo Read the Data Sheet

HIGH-PERFORMANCE SEARCH

Search Terabytes of Data in Seconds

Query terabytes of data in seconds through a single search interface. New-Scale SIEM supports all analyst skill levels. Power users can build advanced queries while the entire team can use natural language to run searches, create timelines, and build visualizations.

Power searches, dashboards, and timelines with natural language.
Support all analyst skill levels with simple or advanced query options.

AI-DRIVEN AUTOMATION

Automate Tasks with an Intelligent Agent Framework

Exabeam Nova is an intelligent agent framework that automates routine and strategic SOC tasks, from generating case summaries to classifying threats. It helps analysts work more effectively by providing consistent, AI-driven insights throughout the security operations workflow.

Reduce manual effort by offloading repetitive validation and documentation.
Deliver faster, more consistent decisions to improve SOC efficiency.

OUTCOMES-FOCUSED SECURITY

Connect Security Work to Business Value

Outcomes Navigator translates technical security data into strategic business value. It maps ingested data to security use cases and the MITRE ATT&CK^® framework, providing clear insight into all human and non-human entities. The integrated Exabeam Nova Advisor Agent recommends actions to measurably strengthen your security posture.

Benchmark your security program against industry peers to provide context for investments.
Quantify and report on your compliance posture for key frameworks like NIST and GDPR.

CENTRALIZED TDIR WORKBENCH

Unify Threat Detection, Investigation, and Response

Threat Center centralizes alerts, cases, detections, and watchlists in a single workbench. It streamlines TDIR by automating prioritization, triage, and evidence collection so analysts can manage cases efficiently from start to finish.

Unify investigation workflows and critical case information to reduce context switching.
Accelerate response with automated evidence gathering, case management, and recommended next-steps from Exabeam Nova.

PLATFORM SERVICE AND HEALTH

Monitor Platform Health and Consumption

Quickly identify, diagnose, and remediate issues with New-Scale Platform services. Deep platform visibility helps engineers isolate service or performance issues faster. You can also monitor daily consumption to control costs.

Automatically detect anomalies in ingestion or processing rates.
Use forecasting tools to predict when scaling or cost adjustments are needed.

Quickly identify issues, deep visibility, contrail costs and overages

SIMPLIFIED LOG COLLECTION

Add a New Data Source in Minutes

Securely collect data from on-premises or cloud sources at scale with prebuilt collectors that can process events at over 2 million per second (EPS) sustained. A wizard simplifies creating, deploying, and managing custom parsers from new or existing log source templates.

Start with over 7,000 prebuilt log parsers.
Use multiple transport methods, including API, agent, syslog, SIEM, and data lake.

COMMON INFORMATION MODEL

Standardize Data for Faster Analysis

A Common Information Model (CIM) normalizes data at ingestion so security-relevant logs are faster and easier to parse, store, and manage. The CIM enables rapid detection, response, visualization, and high-performance search.

Transform raw data into organized, actionable security events.
Reduce noise by standardizing event definitions across all sources.
Standardize AI agent logs with CIM support for easier parsing and analysis.

THREAT INTELLIGENCE SERVICE

Improve Accuracy with Curated Threat Feeds

The Exabeam Threat Intelligence Service ingests and scores commercial and open-source feeds, refreshed every 24 hours and available at no additional cost. It uses machine learning to produce a highly accurate stream of indicators of compromise (IoCs).

Lower false positives by scoring threat intelligence against historical context.
Enrich detections by automatically linking IoCs with active cases.
Ingest your own threat intelligence feeds with the prebuilt STIX/TAXII Cloud Collector.

CUSTOM REPORTING AND DASHBOARDS

Build Dashboards and Reports with Natural Language

Create custom dashboards with 14 chart types and schedule compliance reports for delivery. Use natural language to quickly build reports and dashboards, gaining insight from SIEM data without purchasing additional tools.

Keep leadership informed with scheduled report delivery.
Use interactive dashboards for ad-hoc exploration of SIEM data.

CUSTOM DETECTION ENGINEERING

Build Correlation Rules from Search

Turn your searches into powerful threat hunting rules in one click. Write, test, publish, and monitor up to 1,000 custom correlation rules and define higher criticality for rules that correspond to high-fidelity threat intelligence.

Build rules from scratch, use a template, or save a search.
Define events of interest and the conditions they must meet.
Assign conditions and criticality to support the appropriate response.

FLEXIBLE AND ADAPTABLE DEPLOYMENT

Easy to Get Started

The modular, AI-driven New-Scale Security Operations Platform is delivered through three products: New-Scale Fusion, New-Scale SIEM, and New-Scale Analytics. The platform provides powerful, fully integrated log management, SIEM, UEBA, SOAR, and insider threat capabilities, plus compliance. With New-Scale, replace a SIEM or augment one with behavioral analytics and automation.

How can we help? Talk to an expert.

Frequently Asked Questions

How does the vendor ensure availability of the SIEM solution?

The New-Scale Security Operations Platform is built on Google Cloud Platform (GCP), which has a 99.5% uptime service level agreement (SLA). We build on this with application-level resiliency and redundancy. A global Exabeam cloud operations team monitors platform health signals around the clock to proactively detect and remediate potential issues. You can access a unique status page at any time to check the availability of your Exabeam cloud services.

Where is the solution delivered from, and where is my data stored?

New-Scale SIEM is a cloud-native solution delivered from GCP. We use GCP to store data securely in availability centers across the globe, and we continuously add new locations. At the time of purchase, you may choose where your service is hosted from a list of available global locations. We carefully protect our customer data, and each customer’s data is isolated and not visible to other tenants.

How is my data collected and transported?

We securely transport data to the cloud-native New-Scale Platform using a combination of methods. These include Exabeam Collectors, log forwarding, and fetching logs directly from other SIEMs—such as QRadar, Sentinel, or Splunk—using their APIs. Collectors are virtual machines running Exabeam software on your premises, secured behind your firewalls, and use SSL to forward encrypted data. Collectors can also bring in data from public clouds like AWS, Azure, and GCP, as well as SaaS applications like Microsoft Office 365 and Salesforce.

“Using Exabeam reminded me of how surprisingly fast the platform updates. There is an almost daily improvement on desired functions, and with Exabeam, it all keeps getting better.”