During the Black Hat USA 2020 Virtual Event, Exabeam, the Smarter SIEM™ company, announced that customers can now license its cloud SIEM technology by use case, beginning with licensable use cases for expedited insider threat and compromised credential detection. In addition, to simplify the process of acquiring and installing critical security content, the company is unveiling the new Exabeam Content Library, an easy-to-use security content repository to help organizations deploy advanced use cases more efficiently. Exabeam use case content increases threat visibility and enables security operations center (SOC) teams to extract more value from their SIEM.
According to the ‘Exabeam 2020 State of the SOC Report,’ security managers and analysts rated their ability to create content the lowest among all hard skills, yet creating rules and models to detect advanced threats, like lateral movement and credential switching, is critical to their security maturity. By providing a simple way to acquire the content needed to detect and remediate these critical security use cases, Exabeam is speeding the time to maturity for organizations.
“Security use cases for a SIEM tool should be a priority in the CISO’s tool box, and should not only cater to basic security hygiene, for which best practices exist, but also cater to the business needs of the organization,” wrote Gorka Sadowski, senior director analyst at Gartner in a Gartner report.1
The Content Library is an online repository of knowledge and content that organizations can use to roll out new use cases. The initial release allows customers to quickly map data sources to security use cases and to download the necessary parsers.
Exabeam is also announcing new, easy-to-implement content and tools to help customers maintain security as they adapt to a remote workforce. Exabeam Cloud Connector for Code42 allows security teams to quickly detect and investigate data exfiltration by departing and remote employees, as well as the leak of high value data during a merger or acquisition. This announcement follows the previous release of the Exabeam Cloud Connector for Zoom. The ability for Exabeam solutions to easily plug into existing security environments enhances SOC team speed and efficacy.
“New research shows that one-third of organizations have been hit with successful cyberattacks since the forced move to work from home. As security teams rush to respond to the pandemic and the increase in threats, it is critical that they find cost-effective ways to strengthen and mature their security posture,” commented Adam Geller, chief product officer, Exabeam. “In announcing these innovations, Exabeam is further enabling security teams to rapidly obtain value by detecting insider threats and compromised credentials and improving their security posture for remote employees.”
“Unlike other SIEM vendors, Exabeam has allowed us to quickly add analytics to detect and investigate insider threats without having to replace our existing log management investment,” explained Director Damien Manuel, Cyber Security Research and Innovation Centre at Deakin University. “That’s a critical capability in the context of constantly evolving risks and potential vulnerabilities, and it gives us a smarter strategy to protect our organization, employees, customers and data.”
Exabeam has also released the first of its previously announced Turnkey Playbooks, automated solutions for common security investigations that do not require third-party licenses or configuration. The new Turnkey Playbook for Threat Intelligence automatically identifies malicious domains, IP addresses, URLs, files, and email addresses with no additional configuration or third-party threat intelligence licenses required.
To learn more about Exabeam’s full product portfolio for on-premises and cloud SIEM deployments, visit https://exabeam.com.
Exabeam is the Smarter SIEM™ company. We help security operations and insider threat teams work smarter, allowing them to detect, investigate and respond to cyberattacks in 51 percent less time. Security organizations no longer have to live with missed distributed attacks and unknown threats, manual investigations and remediation, or excessive storage fees. With the modular Exabeam Security Management Platform, analysts can use behavioral analytics to detect attacks, automate investigation and incident response, and reduce storage costs. Exabeam Smart Timelines, sequences of user and device behavior created using machine learning, further reduce the time and specialisation required to detect attacker tactics, techniques and procedures. For more information, visit https://www.exabeam.com.
Exabeam, the Exabeam logo, Threat Hunter, Smarter SIEM, Smart Timelines and Security Management Platform are service marks, trademarks or registered marks of Exabeam, Inc. in the United States and other countries. All other brand names, product names, or trademarks belong to their respective owners. © 2020 Exabeam, Inc. All rights reserved.
1Gartner, How to Build Security Use Cases for Your SIEM, Gorka Sadowski, July 19, 2019.