Exabeam extends its AI-driven security operations leadership

Exabeam has introduced two pioneering cybersecurity features, Threat Center and Exabeam Copilot, to its AI-driven Exabeam Security Operations Platform.

  • Wednesday, 28th February 2024 Posted 9 months ago in by Phil Alsop

A first-to-market combination, Threat Center is a unified workbench for threat detection, investigation, and response (TDIR) that simplifies and centralises security analyst workflows, while Exabeam Copilot uses generative AI to help analysts quickly understand active threats and offers best practices for rapid response. These leading-edge innovations greatly reduce learning curves for security analysts and accelerate their productivity in the SOC.

“We built Threat Center with Exabeam Copilot to give security analysts a simple, central interface to execute their most critical TDIR functions, automate routine tasks, and supercharge investigations for analysts at any skill level,” said Steve Wilson, Chief Product Officer, Exabeam. “These new features amp up the value of our AI-driven security operations platform and take analyst productivity, efficiency, and effectiveness to new heights. Threat Center helps security analysts overcome one of the biggest challenges we’ve heard from them — having to deal with too many fragmented interfaces in their environments. By combining Threat Center with Exabeam Copilot we not only improve security analyst workflows, we also lighten their workload.”

Solving for Lack of Visibility and Automation

Security operations teams are often challenged with managing multiple security tools, which can lead to siloed data and a lack of visibility into threats. This can make it difficult to understand their entire threat landscape and execute TDIR in a timely manner.

According to Exabeam’s recent The State of Threat Detection, Investigation, and Response (TDIR) Report 2023, organisations globally reported that they can “see” or monitor only 66% of their IT environments, leaving ample room for blindspots. Exabeam customers are already using the Outcomes Navigator feature as a driver to know what parts of their environments they are able to monitor for TDIR and where coverage improvement may still be needed. Threat Center streamlines these processes further to remediate threats against covered areas faster.

The report also reveals that only slightly more than half (53%) of global organisations have automated 50% or less of their TDIR workflow. With Threat Center and Exabeam Copilot, the Exabeam Security Operations Platform applies AI and automation to security operations workflows for a holistic approach to cyberthreats, helping companies solve for a lack of automation and ultimately accelerating response.

Powered by AI-driven detection, the Exabeam platform easily pinpoints high-risk threats by learning the normal behaviour of users and entities and prioritising threats with context-aware risk scoring — all now presented through the Threat Center interface — for faster, more accurate, and consistent TDIR. Revealed as the second most identified need in the Exabeam TDIR report — 35% of respondents reported a desire for improved understanding of normal user and entity and peer group behaviour within their organisation.

More About Threat Center and Exabeam Copilot

Threat Center unifies threat management, investigation tools, and automation to accelerate and efficiently investigate and respond to threats. Powered by an advanced security-trained, generative AI model, Exabeam Copilot supercharges security analyst investigations.

Threat Center with Exabeam Copilot helps analysts:

• Understand an entire threat that spans multiple detections to tell a complete story of what happened.

• Conduct complex powerful search queries in plain natural language.

• Understand a threat, and know how to respond, using generative AI threat explanations for clear cross-organisation communication.

• Automate routine tasks, expose hidden threats, and greatly accelerate response times.

• Prioritise alerts and cases, with context-aware risk scoring.

• Reduce the number of alerts that analysts need to investigate – detection grouping associates related entities and events.

• Optimise SOC team collaboration with case sharing, case escalation, and shared notes.

• Visualise evidence with interactive threat timelines and instant access to relative data including behavioural models, users, and endpoints.

• Author automation rules critical to SOC workflows, such as escalating specific alerts to cases or queues via APIs or webhooks.

• Utilise pre-built playbooks with the ability to view, disable or clone for easy customisation.

Maximise Microsoft Sentinel Investment with Exabeam

In addition to identifying high-risk threats, providing faster, more accurate investigation and response, and improving threat coverage, the AI-driven Exabeam Security Operations Platform helps security teams realise the full potential of their security investments. Also announced today, customers can now add Exabeam TDIR capabilities on top of existing Microsoft Sentinel deployments. Extending industry-leading Exabeam analytics and automation to Microsoft Sentinel helps organisations realise new potential from their SIEM.

With Exabeam, Microsoft Sentinel users can see new detections with broader insights and automate workflows, ingest data from a wide range of Microsoft and best-of-breed security products, and accelerate the TDIR capabilities of their SIEM deployment. The Collector for Microsoft Sentinel adds to a growing list of supported SIEM products - Splunk and IBM QRadar, to name a few.

Exclusive Global Solutions (XGS) aimed at reducing complexity, increasing value and accelerating time to revenue for global cybersecurity...

WPP and Kyndryl enhance creativity

Posted 5 days ago by Phil Alsop
Kyndryl and WPP, the creative transformation company, have created a modern, digital workplace using advanced technologies such as hybrid cloud and...
La Molisana, a leading Italian pasta company, selects Hitachi Vantara’s Virtual Storage Platform One offering, leveraging advanced data...

Cerabyte receives EIC Accelerator Grant funding

Posted 5 days ago by Phil Alsop
Cerabyte, the pioneering leader in ceramic-based data storage technology, has been awarded a highly sought-after grant from the European Innovation...

Peer Software unveils next-generation PeerGFS

Posted 1 week ago by Phil Alsop
Innovations for large-scale deployments focused on flexibility, operational efficiency, resilience, and data governance.
New wired and wireless network consolidates and transforms operations to underpin mission-critical gas production across Europe.
ELTEX, Inc., a pioneer in the e-commerce industry in Japan, has modernised its storage infrastructure with the InfiniBox® solution, achieving a 2.4x...

StorMagic SvHCI expands

Posted 1 week ago by Phil Alsop
StorMagic has introduced version 2.0 of its SvHCI full-stack HCI (hyperconverged infrastructure) solution, which is purpose-built for enterprise edge...