What’s New in Exabeam Product Development – March 2023
March came in like a lion, and we’re excited to share the latest roars from our product team! No matter your feelings about the seasonal time change, we hope you’ll appreciate these changing times with our new features, improvements, and capabilities. To stay up-to-date on our releases, subscribe to our blog for monthly updates.
The following changes, new capabilities, functions, and actions are all live as of March 28.
- Outcomes Navigator
- Log Stream
- Correlation Rules
- Alert and Case Management
- Legacy system updates
- Resource: Exabeam platform integrations
One of our most exciting features, Outcomes Navigator, is now available to even more customers. All new Exabeam customers and existing customers who have migrated to the new platform will have access to this improved level of insight and visibility. The feature analyzes your environment to assess how well it protects against specific use cases. Outcomes Navigator provides security engineers and leaders with an interactive view to compare their current coverage with the available product coverage. This feature helps to identify gaps and provides recommendations for enhancing coverage. This tool provides a more efficient method for gaining visibility into security outcomes and enables users to take action to improve their security posture.
Exabeam now supports a new SentinelOne Collector for New-Scale SIEM™ — a closer integration with our XDR Alliance partner in EDR.
The engineering team has improved error messages for Site Collector agents by including additional details in case of operational errors. Users can now view the latest error details within the Exabeam Security Operations Platform, to assist in initial troubleshooting efforts.
In Log Stream, you can add custom vendor and product names when building their unique log parsers. Administrators can track full auditing for all log parser changes or configuration amendments via the audit log function.
Search introduces a new functionality that allows exporting parsed events. When exporting logs, you now have the option to export either the raw event or parsed fields, including subsets of parsed fields.
Additional updates include functionality enhancements such as pinning field summaries and event details. These improvements are designed to support you and provide a more efficient search experience as you scroll through search results or event details.
Read the Search release notes.
The team has introduced three new pre-built dashboards for customers using Exabeam Security Log Management, Exabeam SIEM, and Exabeam Fusion. These new Dashboards display port usage trends, account logout summaries, and lists of authenticated user accounts on hosts. These Dashboards are valuable for both daily review and compliance documentation purposes.
There are also new group and subgroup options when building filters. Analysts can select any logical operator, groups, or sub-groups in two layers when creating filters. This enhancement helps Dashboards emulate the Search conditions when building visualizations.
Users also now have the ability to build Dashboards using context table filters as a key value. This feature enables analysts to build visualizations specifically on Indicators of Compromise (IoCs) or context-specific dashboards.
See the instructions and documentation.
You now have the option to assign MITRE ATT&CK® tactics and techniques when creating a correlation rule. By aligning your correlation rules with the ATT&CK framework, you can more effectively assess your threat coverage against a widely recognized threat classification system.
Read the Correlation Rules release notes.
Alert and Case Management
Exabeam now supports rich text formatting in the Description and Note fields of alerts and cases, enabling more effective communication during incident response efforts. Also new in March, you can now export additional fields for alerts and cases to CSV files, including key fields like notes and attachments. The exported data can be archived or imported into external applications for further analysis or reporting.
Legacy system updates
A new Data Lake i40.6 is now available. This release covered a number of small improvements and bug fixes.
Resource: Exabeam platform integrations
We recently updated our platform integrations datasheet, which includes details on both log ingestion and incident response. This is an excellent resource for understanding how we work with vendors you may already use or be familiar with.
What’s up next?
Join our Community Webinars to talk shop with fellow users, products, and support!
If you missed the March 15 webinar on Outcomes Navigator and Log Stream updates, a replay is available here.
Stay up-to-date with Exabeam Community
To learn more about all these updates, visit the Exabeam Community to read documentation, and sign up for webinars to keep track of all the latest announcements.
8 Critical Considerations For Defending Against Insider Threats
Insider Threat Use Cases: How Modern SIEM Solutions Detect Malicious Activity
Real-world Examples of Insider Threats and Detection Points for Identifying Them
Unveiling Anomalies — Strengthening Bank Security With Behavioral Analytics
The Importance of Data Science in Cybersecurity: Insights from Steve Magowan
Safeguarding Banks With Security Updates, Patching, and Pen Testing
Subscribe today and we'll send our latest blog posts right to your inbox, so you can stay ahead of the cybercriminals and defend your organization.
See How New-Scale SIEM™ Works
New-Scale SIEM lets you:
• Ingest and monitor data at cloud-scale
• Baseline normal behavior
• Automatically score and profile user activity
• View pre-built incident timelines
• Use playbooks to make the next right decision
Request a demo of the industry’s most powerful platform for threat detection, investigation, and response (TDIR).
Get a demo today!