Exabeam Cloud Archive

Announcing Availability of Exabeam Cloud Archive

Published
June 09, 2020

Author

Reading time
2 mins

Stale logs sitting on a storage device somewhere are just that… stale. SecOps teams can’t easily make use of them, rendering them almost useless for investigations. The value of your data deteriorates fast when you can’t easily access it. Restoring data from a frozen state can be painful, especially when you don’t know the exact timeframe you need to look at. 

Additionally, your organization also likely needs to keep logs for a period of time for one or more compliance reasons. But as compliance alone clearly doesn’t equal security, there’s somewhat of a paradox of stashing logs to check the compliance box but not being able to put them to good operational use. 

Ultimately, you’re faced with the choice between expensive hot or warm storage costs, or using cheaper inaccessible cold or frozen logs. Or are you…? Enter stage right: Exabeam Cloud Archive! Available as an add-on to Exabeam Saas Cloud solutions, Cloud Archive solves the conundrum of log accessibility vs storage cost. You can store your logs securely in Exabeam Cloud Platform, and search them with ease. 

And meeting compliance requirements is a breeze — your data can be stored and searched for up to 10 years. No fiddly restore efforts to demonstrate during audits, and as the data is written in immutable files you know that it’s not been tampered with or accidentally modified. 

Logs sent to Cloud Archive are fully parsed, and are searched and filtered using the same methods as Exabeam Data Lake. No new querying languages to learn, and no unacceptably long wait times to get valuable results from your data. 

How it works: Cloud Archive directly integrates with the Exabeam SaaS Cloud infrastructure to ingest all the received logs. Cloud Archive indexes and stores logs in a cloud-native object store, then makes those logs available through its search service. Logs in Cloud Archive are parsed the same way they are in Data Lake. To ensure parsing consistency, Cloud Archive synchronizes the parser configuration with Data Lake every 24 hours.


Drive-by Compromise Technique
Figure 1: Cloud Archive architecture in Exabeam Cloud.
 

To learn more about Cloud Archive — check out the Cloud Archive datasheet!

Tags: Cloud,

Similar Posts

Introducing Exabeam SIEM: A Hyperscale Cloud-native SIEM

10 Questions Security Operations Managers Should Ask About Cloud SIEM Vendors

New-Scale SIEM™: Where Big Data Meets Cybersecurity




Recent Posts

Understanding UEBA: From Raw Events to Scored Events

Exabeam Alert Triage with Dynamic Alert Prioritization Now Available in Exabeam Fusion and Exabeam Security Investigation

Building a UEBA Risk Engine

See a world-class SIEM solution in action

Most reported breaches involved lost or stolen credentials. How can you keep pace?

Exabeam delivers SOC teams industry-leading analytics, patented anomaly detection, and Smart Timelines to help teams pinpoint the actions that lead to exploits.

Whether you need a SIEM replacement, a legacy SIEM modernization with XDR, Exabeam offers advanced, modular, and cloud-delivered TDIR.

Get a demo today!