Exabeam Cloud Archive

Announcing Availability of Exabeam Cloud Archive

Published
June 09, 2020

Author
Sam Humphries

Stale logs sitting on a storage device somewhere are just that… stale. SecOps teams can’t easily make use of them, rendering them almost useless for investigations. The value of your data deteriorates fast when you can’t easily access it. Restoring data from a frozen state can be painful, especially when you don’t know the exact timeframe you need to look at. 

Additionally, your organization also likely needs to keep logs for a period of time for one or more compliance reasons. But as compliance alone clearly doesn’t equal security, there’s somewhat of a paradox of stashing logs to check the compliance box but not being able to put them to good operational use. 

Ultimately, you’re faced with the choice between expensive hot or warm storage costs, or using cheaper inaccessible cold or frozen logs. Or are you…? Enter stage right: Exabeam Cloud Archive! Available as an add-on to Exabeam Saas Cloud solutions, Cloud Archive solves the conundrum of log accessibility vs storage cost. You can store your logs securely in Exabeam Cloud Platform, and search them with ease. 

And meeting compliance requirements is a breeze — your data can be stored and searched for up to 10 years. No fiddly restore efforts to demonstrate during audits, and as the data is written in immutable files you know that it’s not been tampered with or accidentally modified. 

Logs sent to Cloud Archive are fully parsed, and are searched and filtered using the same methods as Exabeam Data Lake. No new querying languages to learn, and no unacceptably long wait times to get valuable results from your data. 

How it works: Cloud Archive directly integrates with the Exabeam SaaS Cloud infrastructure to ingest all the received logs. Cloud Archive indexes and stores logs in a cloud-native object store, then makes those logs available through its search service. Logs in Cloud Archive are parsed the same way they are in Data Lake. To ensure parsing consistency, Cloud Archive synchronizes the parser configuration with Data Lake every 24 hours.


Drive-by Compromise Technique
Figure 1: Cloud Archive architecture in Exabeam Cloud.
 

To learn more about Cloud Archive — check out the Cloud Archive datasheet!

Recent SIEM Articles

SIEM Gartner: Get the 2021 Magic Quadrant Report

Read More

Combating Cyber Attacks With SOAR

Read More

Detecting Zerologon CVE-2020-1472 Using Exabeam Data Lake

Read More

Exabeam Leverages the Power of SaaS to Proactively Improve Security Content and User Experience

Read More

Recent Breaches Show Why Federal Agencies Need These 3 Requirements From Modern SIEMs

Read More



Recent Information Security Articles

SIEM Gartner: Get the 2021 Magic Quadrant Report

Read More

Five Steps to Effectively Identify Insider Threats

Read More

Detecting the New PetitPotam Attack With Exabeam

Read More

The Challenges of Today’s CISO: Navigating the Balance of Compliance and Security

Read More

Human Managed Selects Exabeam to Drive Faster Decision-making

Read More