Exabeam Cloud Archive

Announcing Availability of Exabeam Cloud Archive

Published
June 09, 2020

Author
Sam Humphries

Stale logs sitting on a storage device somewhere are just that… stale. SecOps teams can’t easily make use of them, rendering them almost useless for investigations. The value of your data deteriorates fast when you can’t easily access it. Restoring data from a frozen state can be painful, especially when you don’t know the exact timeframe you need to look at. 

Additionally, your organization also likely needs to keep logs for a period of time for one or more compliance reasons. But as compliance alone clearly doesn’t equal security, there’s somewhat of a paradox of stashing logs to check the compliance box but not being able to put them to good operational use. 

Ultimately, you’re faced with the choice between expensive hot or warm storage costs, or using cheaper inaccessible cold or frozen logs. Or are you…? Enter stage right: Exabeam Cloud Archive! Available as an add-on to Exabeam Saas Cloud solutions, Cloud Archive solves the conundrum of log accessibility vs storage cost. You can store your logs securely in Exabeam Cloud Platform, and search them with ease. 

And meeting compliance requirements is a breeze — your data can be stored and searched for up to 10 years. No fiddly restore efforts to demonstrate during audits, and as the data is written in immutable files you know that it’s not been tampered with or accidentally modified. 

Logs sent to Cloud Archive are fully parsed, and are searched and filtered using the same methods as Exabeam Data Lake. No new querying languages to learn, and no unacceptably long wait times to get valuable results from your data. 

How it works: Cloud Archive directly integrates with the Exabeam SaaS Cloud infrastructure to ingest all the received logs. Cloud Archive indexes and stores logs in a cloud-native object store, then makes those logs available through its search service. Logs in Cloud Archive are parsed the same way they are in Data Lake. To ensure parsing consistency, Cloud Archive synchronizes the parser configuration with Data Lake every 24 hours.


Drive-by Compromise Technique
Figure 1: Cloud Archive architecture in Exabeam Cloud.
 

To learn more about Cloud Archive — check out the Cloud Archive datasheet!

Recent SIEM Articles

New Logging Standard for Federal Cyber Detection and Response

Read More

Hitting “Refresh” on Federal Cybersecurity in 2021

Read More

Cloud SIEM: Features, Capabilities, and Advantages

Read More

Exabeam Adds Automated Incident Diagnosis to Speed Investigations

Read More

Exabeam Fusion XDR and Exabeam Fusion SIEM now available in Google Cloud Marketplace

Read More



Recent Information Security Articles

7 Detection Tips for the Log4j2 Vulnerability

Read More

New CISO? 5 Things to Achieve In Your First 90 Days

Read More

5 Security Questions to Consider this Holiday Season

Read More

Our Customers Have Spoken: Exabeam named a 2021 Gartner Peer Insights™ Customers’ Choice for SIEM

Read More

What Is XDR? Transforming Threat Detection and Response

Read More