What’s New in Exabeam Product Development — January 2024 - Exabeam

What’s New in Exabeam Product Development — January 2024

Published
February 02, 2024

Author

Reading time
3 mins

Happy (belated) New Year! Over the holidays, the Exabeam product development team was busy delivering features for our January 30 product release. The focus for the January release is improved threat detection accuracy, streamlined onboarding for on-premises Site Collectors, enhanced visualizations for security operations, and expanded support for Microsoft log ingestion.

Please join us on February 13 at 8 a.m. PT for an in-depth webinar that expands on this blog’s content. We’ll explore each key feature, offering detailed insights and live demonstrations. 

Highlights from the release include: 

Improved threat detection accuracy with unordered event detection

Cybersecurity rule chaining supports detections that are based on an ordered series of events that occur in a specific sequence. Detection engineers often build detections to match a sequence of events that mimic attack behavior. For example, “Trigger an alert if John Doe does X, then does Y, then does Z.” The Exabeam Security Operations platform now supports rule chaining in any order. This means that security engineers can now define sequences to look for events and specify that the order does not matter. Unordered rule chaining provides users with greater flexibility for creating correlation rules where certain chains of events are of interest, but the order is irrelevant. It also saves time, eliminating the need to create multiple ordered rules to cover various combinations of events.

What’s new in Exabeam Product Development — January 2024
Figure 1 – Shows the option of selecting “Unordered” for chained Correlation Rules.

Improved security visualization with new, pre-built SOC Overview Dashboard

This pre-built dashboard provides security operations center (SOC) administrators and security leaders with an overview of the entire security posture of their organization. It includes visualizations that allow users to quickly assess the overall status of SOC operations and identify areas that need attention. The dashboard includes charts that depict various aspects of incidents, anomalies, and correlation rules. This out-of-the-box persona-based dashboard provides quick insights and actionable information relevant to SOC managers and administrators.

What’s new in Exabeam Product Development — January 2024
Figure 2 – A sample of the many dashboard visualizations available from. the new SOC Overview Dashboard.

Faster onboarding with OVA VM kickstarter

An OVA file is an Open Virtual Appliance (OVA) that contains a compressed, “installable” version of a virtual machine (VM). Exabeam now supports OVA VM kickstarter to rapidly provision a fully compatible VM with all the Site Collector prerequisites, including support for VMWare, Google Cloud Platform (GCP), and AWS. Customers can prepare VMs using a compressed OVA image file to speed up POVs and log onboarding.

Expanded Azure log collection capabilities

Two new Cloud Collectors are now available for the Exabeam Security Operations platform. Azure Activity Log Cloud Collector and Azure Storage Analytics Cloud Collector allow customers to ingest logs via EventHub instead of API. This is the recommended ingestion method by Microsoft, and this updated collector provides better scalability, reliability, and E2E support, including content.

What’s new in Exabeam Product Development — January 2024
Figure 3 – Simple configuration experience for Azure Collectors

For a complete list and description of the Exabeam January release features, please visit Exabeam Security Operations Platform Release Notes.

Stay up to date with Exabeam Community

Dig into the new release in the Exabeam Community. Engage in live ExaExpert Q&A sessions every other week, or join technical discussions at your convenience. Your curiosity and questions are always welcome.

Exabeam Community

Similar Posts

What’s New in Exabeam Product Development — February 2024

New Cloud Coverage – Switzerland: Exabeam Support for Swiss and European Businesses Grows

What’s New in Exabeam Product Development — November 2023




Recent Posts

What’s New in Exabeam Product Development — February 2024

Save The Date! Exabeam Spotlight24 Global Webcast Registration Opens March 12

Exabeam Unveils 2023 Partner of the Year Award Winners

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!