What’s New in Exabeam Product Development – January 2023 - Exabeam

What’s New in Exabeam Product Development – January 2023

February 01, 2023


Reading time
4 mins

January flew by with a haze of New Year’s resolutions for everyone. Whether this is the month of good intentions or best practices, Exabeam’s product management and engineering teams have been forging ahead with meeting customer requests, improving back-end functionality, and innovating on how we play in the security space. Here are some highlights. 

In this article:

Context search

Within Search, you can now reference a context table to narrow down search results and conveniently search for indicators of compromise (IoCs). Search for IoCs within context tables and find threats faster.


New pre-built dashboards

Access to new, pre-built dashboards helps reduce time spent on customizing or building reports. Exabeam offers five new dashboards covering account management activity, application security event summary, denied web access activity, top attackers, and an overview of Microsoft Windows.

Log Stream

Better parser management

Log Stream offers improved parser management for event definitions, handling, and improvement. Add custom fields and fine tune the data ingestion process to meet your bespoke use cases. Or, reset and remove customizations from default parsers with a single click.

Alert and Case Management

Upload file attachments to alerts and cases

Now, you can upload file attachments (1GB/file) to alerts and cases within Alert and Case Management. Speed investigation and remediation efforts — find security alerts, cases, and related evidence in a single place. If a file needs to be uploaded for investigation and remediation purposes, you can manually attach it to an alert or case. Cases, alerts, and all related evidence can be managed and reviewed by all analysts assigned to the case or alert.

Correlation Rules

Create correlation rules from context search queries

Within Search, you can build queries to find field values that are or are not in a context table. Now, you can build correlation rules from these searches. Building correlation rules that reference context tables improves threat detection. For example, you can build a search query that looks up an IP address in a ransomware context table, and create a correlation rule to trigger if a match is found.

Event Selection

Save, edit, delete or enable policies

Admins can now save a group of event selection statements as an event selection policy. Under event selection in settings, an admin can access saved policies and have the option to view, delete or make a previous event selection policy active. Simply select a previous policy, and you can load the policy. Saving and restoring past policies offers rapid recovery from update mistakes and better visibility of changes performed by other admins in your Exabeam environment.

Outcomes Navigator

Parser calibration score update

Now Outcomes Navigator can present “Parser Calibration Score” to show just how well data is being used, as well as guide you through improving parsing. Parsing can now be improved by data source as well as use case.

Fully documented calculation measurement

Gain greater confidence and understanding of scoring across Outcomes Navigator by understanding exactly how scores are calculated. This clarity allows for identification of out of bounds values and alerts the internal owner about the issue.

Read the documentation for further details.

Exabeam annual penetration test executive summary now available

This month, Exabeam concluded its third-party, annual penetration test. The Executive Summary report is now available for distribution to customers and partners. The assessment evaluates and identifies any application-level security issues in the Exabeam SOC Platform and Exabeam SecOps Platform including Advanced Analytics, Case Manager, Incident Responder, MATIS API, Cloud Connector, and Site Collector. You can request copies of the Summary from your Exabeam Representative.

But wait, there’s more!

These are just a few highlights of what Exabeam has released in January 2023. For more including updates to Site Collectors and Cloud Collectors, along with other security updates, check out the release notes on the Exabeam Documentation Portal.

Don’t forget to check out our new Community Webinar on Standing up a SOC. Whether you’ve got a well-established security operation or just starting to dedicate security personnel to the issue, this series (or recording if you’re so busy you need to watch later at your convenience) is for you.

Stay up-to-date with Exabeam Community

To learn more about all these updates, visit the Exabeam Community to read documentation, and sign up for webinars to keep track of all the latest announcements.

Exabeam Community

Similar Posts

How Exabeam Can Help Drive Value With APIs

4 Requirements for Building a Successful Insider Threat Team

What’s New in Exabeam Product Development – December 2022

Recent Posts

Exabeam vs. Splunk: Six Ways to Compare and Evaluate

The New CISO Podcast: Translating Your Military Skills for Security Success

Exabeam vs. QRadar: Four Ways to Compare and Evaluate

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!