Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured classes right here.
With an eye fixed on shifting away from legacy SIEMs, cybersecurity agency Exabeam immediately introduced a cloud-native portfolio of merchandise designed to allow safety groups to “detect the undetectable.”
New-Scale SIEM is constructed on the cloud-native Exabeam Safety Operations Platform and combines cloud-scale safety log administration, behavioral analytics and an automatic investigation expertise, in accordance with the corporate.
“Safety operations groups fail as a result of limitations of legacy SIEM,’’ Exabeam CEO Michael DeCesare advised VentureBeat. “The shortage of innovation available in the market relative to the expansion of information, the sophistication of assaults, and a shift to the cloud have created a SIEM effectiveness hole.”
Legacy instruments don’t present an entire image of a menace, he maintained. “They bury analysts with alerts and compel sluggish, ineffective and guide investigations.”
Occasion
Low-Code/No-Code Summit
Be part of immediately’s main executives on the Low-Code/No-Code Summit just about on November 9. Register on your free go immediately.
Register Right here
In the meantime, secops groups are overwhelmed with information and uncertain of what information to gather, DeCesare added.
On the similar time, assaults have gotten more and more refined and laborious to detect, and credential-based assaults are multiplying.
Extra information sources to scale response
The aim of Exabeam’s New-Scale SIEM platform is to allow secops groups to handle extra information sources and better volumes in a cloud-native structure, DeCesare stated. “It’s about scaling response to give attention to risk-based priorities, scaling investigations with automation, scaling detection with behavioral analytics intelligence throughout billions of entry factors, scaling operations and other people to raise expertise, and scaling budgets with cloud-based economics.”
Exabeam’s merchandise are designed to help quite a lot of transport strategies together with APIs, brokers, syslog, and log aggregators resembling SIEM or log administration merchandise — which means an current SIEM doesn’t have to get replaced; Exabeam may be added on high of it, he stated.
Exabeam developed and maintains a standard data mannequin (CIM) “that provides safety context to, and speeds the ingestion of, uncooked logs for occasion constructing, leading to quicker safety occasion constructing, search, dashboards and growth of latest parsers,’’ DeCesare stated.
SIEM with behavioral fashions to detect anomalies
Greater than 750 behavioral fashions energy 1,200 anomaly detection guidelines in Exabeam to baseline regular habits for each person and machine — one thing legacy SIEMs can’t do, the corporate stated. For instance, for a corporation with primary logging, 20,000 customers, and 50,000 belongings, Exabeam is designed to dynamically construct and replace 50 million distinctive detection guidelines.
New-Scale SIEM additionally goals to present safety groups a holistic image of their environments –– information from core safety merchandise, IT infrastructure, cloud functions, and infrastructure and enterprise functions — joined with essential person and machine context and well timed menace intelligence information, Exabeam stated.
“Exabeam is our holistic safety operations platform that gives and coordinates automated visibility, detection, analytics, investigation and response throughout our key working environments,” stated Jerry Larsen, IT safety supervisor at Patrick Industries. “We have now a number of ERP methods that every one have to be protected and Exabeam does the job higher than any legacy SIEM we checked out.”
The brand new Exabeam Safety Operations Platform was architected on Google Cloud. The brand new portfolio constructed on the platform contains:
- Exabeam Safety Log Administration — Cloud-scale log administration to ingest, parse, retailer and search log information with dashboarding and correlation.
- Exabeam SIEM — Cloud-native SIEM at hyperscale with quick, trendy search, and correlation, reporting, dashboarding and case administration.
- Exabeam Fusion — New-Scale SIEM, powered by trendy, scalable safety log administration, behavioral analytics and automatic menace detection and incident response (TDIR).
- Exabeam Safety Analytics — Automated menace detection powered by person and entity habits analytics with correlation and menace intelligence.
- Exabeam Safety Investigation — TDIR powered by person and entity behavioral analytics, correlation guidelines and menace intelligence, supported by alerting, incident administration, automated triage and response workflows.
Pricing for New-Scale SIEM “is linear with no workload restrictions or surprises, permitting safety leaders to extra predictably funds as information volumes enhance and enterprise wants change,’’ DeCesare stated.
The brand new product portfolio is usually accessible immediately.