We are delighted to be part of Gartner Peer Insights ‘Voice of the Customer’: Security Information and Event Management. Since October 2015, Gartner Peer Insights, a free peer-review and rating platform designed for enterprise software and services decision-makers, provides a valuable resource for anyone in the process of evaluating and purchasing a SIEM solution. Customer reviews go through a strict validation and moderation process to ensure they are authentic. You could think of it as “Yelp for software vendors.”
Over 205,000 reviews across 330+ markets have been posted to Gartner Peer Insights since late 2015.
In this post, we share Gartner Peer Insights on Exabeam focusing on the following criteria:
- Quick time-to-value
- Ease of deployment
- Modern SIEM platform
- A must-have tool for information security
- Superior customer support
- Peer advice
The survey respondents are anonymous, although the following table provides background on several recent reviews. We’ve identified each customer according to their survey posting date to facilitate this compilation.
|Respondent ID (date)||What They Do||Industry||Company Size (USD)|
|3-28||Consultant||Manufacturing||1B – 3B|
|4-1||Infrastructure and Operations||Finance||3B – 10B|
|4-9||Security and Risk Management||Finance||Gov’t/PS/ED
50,000 + employees
|4-10||Infrastructure and Operations||Manufacturing||1B – 3B|
|4-13||Security and Risk Management||Services||3B – 10B|
|4-22||Analyst||Manufacturing||250M – 500M|
|4-23||Security and Risk Management||Manufacturing||1B – 3B|
|5-31||Infrastructure and Operations||Construction||50M – 250M|
|6-11||Senior Security Engineer||Manufacturing||<50M|
|Security and Risk Management||Finance||<50M|
|Knowledge Specialist||Healthcare||500M – 1B|
Note: All customer responses in this post have been lightly edited for continuity and clarity or summarized. Overall, each customer’s response remains integral as extracted and compiled from this Gartner site.
Organizations are looking to see value from their SIEM investments in a short period of time. According to a recent report, 92 percent of Exabeam respondents were able to see its value within a week after deployment. Here’s what customers have said about their experience.
Regarding implementation one customer says “[Exabeam’s] implementation is done in minutes; after the trial period you begin to receive very valuable information.” Another customer stated, “Exabeam increased our IT security compliance compared to the industry standard.”
Several customers reported seeing actionable results right away with one writing that importing different data sources was quite easy, and they started finding possible incidents from day one.
As for installation, a customer reports, “Installation took only two hours, and within the first hour I had actionable alerts to follow-up on.” Another agreed saying, “On day one we saw value and increased visibility over our previous SIEM.”
Ease of deployment
People often think of deploying a SIEM as some gargantuan, daunting task but it needn’t be. Over the years, we’ve spent considerable effort to ensure that our products are easy to set up, intuitive to use, and simple to maintain.
On the topic of ease of implementing Exabeam, one customer wrote, “Exabeam is a product we implemented and were able to quickly onboard it for our team to support. The console has a clean UI that is very intuitive and easy to navigate…It’s easy to configure, to use, and supports many log ingestion types.” A second customer agrees: “Exabeam is an excellent security solution because it has an easy implementation.”
Other customers wrote that “Exabeam deployment is very simple,” and “the product mostly runs itself without intervention.” One customer remarked that “we haven’t gone through training yet, but also haven’t needed it—the product is very self-explanatory.”
For many customers, importing multiple data sources was important with one customer writing that Exabeam makes it “easy to import new data sources, helping us bring in new external clients, as well as parts or whole business units. It lets us focus on defining the use cases and start ingesting, detecting, and monitoring in days instead of weeks.”
For others the out-of-the box features, ability to customize the solution to further fit their needs and the ability to support many log formats out-of-the box were critical.
As for working in conjunction with existing security solutions, one customer said that Exabeam’s modular platform makes it “extremely easy to integrate [Exabeam] UEBA with Splunk.”
Modern SIEM platform
A modern SIEM combines automation, analytics, and machine learning with a big data platform to deliver effective security management with the scale and speed needed to handle modern data loads. Here are some excerpts from customers discussing just that:
“We wanted to save time during the incident analysis and confirmation, and Exabeam delivered a solution for those needs,” says one customer, adding that “Exabeam deployment is very simple and the existing models saved us a lot of time instead of creating correlation rules by hand. We decided to go further with their SIEM plus UEBA solution to help us improve visibility and risk related to users.”
Another customer wrote, “The insights Exabeam’s user behavior analytics (UEBA) platform provides helps our SOC team understand the context around certain behavior and take a risk-based approach to security monitoring.” For a third customer, Exabeam offered a very solid UEBA platform. “Within seconds I can view the correlation between user and computers. Its ability to instigate SIEM alerts makes it invaluable and saves a tremendous amount of time.”
In general, customers said the GUI layout and session creation save security analysts a significant amount of time during daily checks, investigations, and incident response. A veteran user, who had been implementing and managing SIEM for the past 11 years, wrote, “Data Lake is a better product than any SIEM.”
Product features that appealed to customers include ease of deployment, faster response for historical search, and anomaly detection. And one customer sums it up as “Exabeam gives us meaningful information and more insights on the data that feeds into it. With it, I don’t have to dive into the sea of logs; this saves a lot of time in analyzing security threats. Yet it gives us great information for investigation.”
A must-have tool for InfoSec
Ultimately, the choice to use a specific tool often comes down to (or at least should) the value it provides a security program. This is what our customers have to say:
One customer wrote, “This is a must-have product for any size security team, as it consolidates investigation efforts into one tool and brings in lots of visibility, efficiency, and automation.” Another customer agreed saying, “Exabeam is a powerful tool in terms of machine learning; it generates much valuable information.”
For SOC teams who are looking for data insights into their environment, one customer said, “Exabeam’s UEBA solution has proved to be invaluable to our company’s security operations center. Its analytics give us insights and visibility that our traditional SIEM simply isn’t able to provide.”
Customers agreed that user and entity behavior analytics was a must-have tool for security. In addition to bundling log aggregation, correlation, threat intelligence, and prepackaged connectors to tools and case management, Exabeam provided a high ROI and value.
Exabeam UEBA also helped customers with their IR investigations, as it detects user anomalies and suspicious activities. One customer said, “In switching to it [Exabeam], we get incident response (IR) automation, higher EPS for log collection, and better performance—coupled with very responsive customer support.”
“In a field plagued with alert fatigue and talent shortage, Exabeam’s UEBA platform creates actionable alerts that can be understood by security analysts of all levels,” says one customer. Others agree saying the UEBA dashboard and timeline format are extremely useful and easy to use with the dashboard highlighting high-risk users, assets, account lockouts and watch lists. By providing an excellent starting point for any security analyst, Exabeam makes life easier for the administrators.
For several customers, Exabeam deployment would be the first step for security monitoring and they would have implemented Exabeam earlier and not have considered others. One customer said, “If we were to start over, we would evaluate whether to incorporate other Exabeam products, such as the data lake/SIEM, case management, and automation modules.”
Superior customer support
In a perfect world, there would be no need for customer support, right? As wonderful as that might sound, the fact of the matter is that things sometimes break or behave in unexpected ways, and people may need guidance. For this reason, support programs are critical aspects of any company. These reviews cover Exabeam’s support team:
Superior technical support was a big plus for customers who said “Exabeam’s documentation is comprehensive and their support is always ready to help… They have lots of useful training videos on their community portal, along with plenty of high-quality webinars and workshops on a regular basis. In addition, we always receive fast responses and updates for our support cases. Their being very knowledgeable not only helps us set up and troubleshoot issues, but also assists in our creation of custom use cases.”
One customer said, “Our experience with the product and support from Exabeam’s customer success team is phenomenal. Their customer success team is 100% committed to fulfill all of our needs.”
One of the top customer support comments was about how the team was very responsive about adding new products such as features and parsers by request even though Exabeam integrates with out of the box products. The sales staff and solutions engineers were also praised for their knowledge and follow-through by a tech veteran with over 15 years of IT and engineering work. In sum, one customer said, “Exabeam has a strong customer focus, services expertise, and user community.”
Advice to others
One of the more valuable features of Gartner Peer Insights reviews is that they offer customers and prospects the ability to provide knowledge and advice to each other. Here are some examples:
There were several comments for those who are looking to purchase SIEM solutions. One current customer wrote “Prior to selecting any product you must fully understand your business requirements and what you’re trying to achieve. With that information in hand you can scope your Exabeam infrastructure and deployment accordingly.” Another customer says, “Based on our experience, I’d tell everyone to not have any second thoughts about choosing this product; you can place your trust with the Exabeam team.”
One suggestion that many customers agreed with was to run a proof of concept with Exabeam sales engineers to see the value quickly.
Summing it all up, a customer suggests, “Compare the existing models in Exabeam to how much time your team spends creating rules after an incident. If you’re being measured on MTTD, MTTR, or other time-based indicators, Exabeam can save a lot of time for analysts during any possible incident.”
For more on security information and event management solutions, we invite you to read our paper “Ten Must-Have Features of a Modern SIEM.”