Exabeam ‘reinvents’ security analytics

Innovative automated threat detection, investigation and response (TDIR) products illuminate industry’s first use case-driven, prescriptive and outcomes-based security solutions.

  • Thursday, 13th May 2021 Posted 3 years ago in by Phil Alsop

Exabeam has introduced Exabeam Fusion XDR and Exabeam Fusion SIEM, two new powerful cloud-delivered security products that efficiently solve threat detection, investigation and response (TDIR) without disrupting an organisation’s existing technology stack. Exabeam Fusion products integrate market-leading behavioural analytics and automation capabilities to deliver the industry’s first outcomes-based approach to security operations (SecOps). The Fusion product line showcases an open system approach to extended detection and response (XDR) and security information and event management (SIEM) enabling any organisation to acquire an advanced TDIR layer on top of existing IT and security stacks. Exabeam is also announcing the general availability of its TDIR Use Case Packages that are integrated into Fusion XDR and Fusion SIEM.

 

“We’ve been using Exabeam as our XDR for some time now as the technology can see and connect data from far more locations than just our endpoint detection and response solutions,” said Marc Crudgington, CISO at Woodforest National Bank. “It’s exciting to see Exabeam package its advanced behaviour analytics and automation capabilities into these forward-thinking cloud products. We rely on Exabeam Fusion XDR in our SOC operations to help us more quickly detect, investigate and remediate threats — an essential outcome in keeping our networks, business operations, employee and customer data continuously protected.”

 

Exabeam is reimagining XDR with the launch of Fusion. Today’s effective SOCs have clearly defined outcomes aligned to TDIR workflows. The cloud-delivered products contain prescriptive workflows guided by pre-packaged, use case specific content to enable security analysts to defend against today’s common and evolving threats including external, compromised insider, and malicious insider attacks.

 

“Breach scenarios are still too frequent, with common attack techniques like lateral movement, data exfiltration, and privilege escalation appearing legitimate or spanning across siloed security products,” said Adam Geller, chief product officer at Exabeam. “When security analysts are unable to connect the dots between various systems, malicious attacks go undetected and lead to security breaches. Delivering Exabeam Fusion XDR and Exabeam Fusion SIEM from the cloud enables us to accelerate feature and functionality development, while deploying a use case framework that consistently delivers successful outcomes for our customers.”

 

According to an Exabeam-sponsored Ponemon research study that surveyed 596 IT and IT security practitioners, security teams spend 12 percent of their time detecting threats, 36 percent triaging, 26 percent investigating, and 26 percent responding. The majority of security analytics tools on the market today only automate detection and response. The Fusion product line automates 100 percent of the TDIR workflow, including the bulk of the time it takes — 62 percent — for security teams to conduct triage and investigation. 

 

Exabeam Fusion combines market-leading behaviour analytics, TDIR automation, and pre-built integrations with hundreds of third-party security and productivity tools to overcome weak signals from multiple products and find complex threats missed by other tools. Customers can easily identify and respond to critical security issues, intrusions and attacks from a single, centralised control plane, substantially increasing analyst productivity and reducing response times. Exabeam Fusion offerings accurately differentiate normal behaviour from abnormal activity, apply risk scoring to identify notable users and events, and build Smart Timelines™ to automatically reconstruct security incidents providing accelerated investigation and response. 

 

“With Exabeam Fusion, organisations can unify their current security tools to more efficiently detect, investigate, and respond to threats without the need for large-scale rip and replacements of their entire security stack,” said Ralph Pisani, president at Exabeam. “Our customers can keep their existing tools and merge our fully automated TDIR layer on top to benefit from Exabeam’s fast innovation, superior experience and accelerated time to value.” 

 

Gorka Sadowski, chief strategy officer at Exabeam, added, “The Fusion product launch is in line with our strategic direction to expand beyond SIEM and solve the industry’s biggest SecOps challenges by offering a set of world-class, cloud-delivered products and solutions to the marketplace.”