Exabeam extends its AI-driven security operations leadership

Exabeam has introduced two pioneering cybersecurity features, Threat Center and Exabeam Copilot, to its AI-driven Exabeam Security Operations Platform.

  • Wednesday, 28th February 2024 Posted 8 months ago in by Phil Alsop

A first-to-market combination, Threat Center is a unified workbench for threat detection, investigation, and response (TDIR) that simplifies and centralises security analyst workflows, while Exabeam Copilot uses generative AI to help analysts quickly understand active threats and offers best practices for rapid response. These leading-edge innovations greatly reduce learning curves for security analysts and accelerate their productivity in the SOC.

“We built Threat Center with Exabeam Copilot to give security analysts a simple, central interface to execute their most critical TDIR functions, automate routine tasks, and supercharge investigations for analysts at any skill level,” said Steve Wilson, Chief Product Officer, Exabeam. “These new features amp up the value of our AI-driven security operations platform and take analyst productivity, efficiency, and effectiveness to new heights. Threat Center helps security analysts overcome one of the biggest challenges we’ve heard from them — having to deal with too many fragmented interfaces in their environments. By combining Threat Center with Exabeam Copilot we not only improve security analyst workflows, we also lighten their workload.”

Solving for Lack of Visibility and Automation

Security operations teams are often challenged with managing multiple security tools, which can lead to siloed data and a lack of visibility into threats. This can make it difficult to understand their entire threat landscape and execute TDIR in a timely manner.

According to Exabeam’s recent The State of Threat Detection, Investigation, and Response (TDIR) Report 2023, organisations globally reported that they can “see” or monitor only 66% of their IT environments, leaving ample room for blindspots. Exabeam customers are already using the Outcomes Navigator feature as a driver to know what parts of their environments they are able to monitor for TDIR and where coverage improvement may still be needed. Threat Center streamlines these processes further to remediate threats against covered areas faster.

The report also reveals that only slightly more than half (53%) of global organisations have automated 50% or less of their TDIR workflow. With Threat Center and Exabeam Copilot, the Exabeam Security Operations Platform applies AI and automation to security operations workflows for a holistic approach to cyberthreats, helping companies solve for a lack of automation and ultimately accelerating response.

Powered by AI-driven detection, the Exabeam platform easily pinpoints high-risk threats by learning the normal behaviour of users and entities and prioritising threats with context-aware risk scoring — all now presented through the Threat Center interface — for faster, more accurate, and consistent TDIR. Revealed as the second most identified need in the Exabeam TDIR report — 35% of respondents reported a desire for improved understanding of normal user and entity and peer group behaviour within their organisation.

More About Threat Center and Exabeam Copilot

Threat Center unifies threat management, investigation tools, and automation to accelerate and efficiently investigate and respond to threats. Powered by an advanced security-trained, generative AI model, Exabeam Copilot supercharges security analyst investigations.

Threat Center with Exabeam Copilot helps analysts:

• Understand an entire threat that spans multiple detections to tell a complete story of what happened.

• Conduct complex powerful search queries in plain natural language.

• Understand a threat, and know how to respond, using generative AI threat explanations for clear cross-organisation communication.

• Automate routine tasks, expose hidden threats, and greatly accelerate response times.

• Prioritise alerts and cases, with context-aware risk scoring.

• Reduce the number of alerts that analysts need to investigate – detection grouping associates related entities and events.

• Optimise SOC team collaboration with case sharing, case escalation, and shared notes.

• Visualise evidence with interactive threat timelines and instant access to relative data including behavioural models, users, and endpoints.

• Author automation rules critical to SOC workflows, such as escalating specific alerts to cases or queues via APIs or webhooks.

• Utilise pre-built playbooks with the ability to view, disable or clone for easy customisation.

Maximise Microsoft Sentinel Investment with Exabeam

In addition to identifying high-risk threats, providing faster, more accurate investigation and response, and improving threat coverage, the AI-driven Exabeam Security Operations Platform helps security teams realise the full potential of their security investments. Also announced today, customers can now add Exabeam TDIR capabilities on top of existing Microsoft Sentinel deployments. Extending industry-leading Exabeam analytics and automation to Microsoft Sentinel helps organisations realise new potential from their SIEM.

With Exabeam, Microsoft Sentinel users can see new detections with broader insights and automate workflows, ingest data from a wide range of Microsoft and best-of-breed security products, and accelerate the TDIR capabilities of their SIEM deployment. The Collector for Microsoft Sentinel adds to a growing list of supported SIEM products - Splunk and IBM QRadar, to name a few.

Guardz expands in EMEA

Posted 1 day ago by Phil Alsop
Through a new partnership with Infinigate Cloud, Guardz will help to secure SMBs and support the MSP community across EMEA.
Data centre operators can now achieve the unparalleled speeds needed for the most demanding Artificial Intelligence (AI) applications, thanks to a...

Dell Technologies boosts AI for enterprises

Posted 1 day ago by Phil Alsop
Dell Technologies continues to make enterprise AI adoption easier with the Dell AI Factory, expanding the world’s broadest AI solutions portfolio....

AMD accelerates Exascale Computing

Posted 1 day ago by Phil Alsop
El Capitan, powered by the AMD Instinct MI300A APU, becomes the second AMD supercomputer to surpass the Exascale barrier, placing #1 on the Top500...
Global system integrator won over by simplicity, security and speed of the Cloudbrink service.
The Seeq platform will be leveraged to maximize production and increase energy efficiency across the largest biorefinery in Europe.
This global service forms part of the recently launched Intelligent Security portfolio and increases Logicalis' proactive threat-hunting capabilities...

Pure Storage invests in CoreWeave

Posted 3 days ago by Phil Alsop
Pure Storage and CoreWeave have announced Pure Storage’s strategic investment in CoreWeave to accelerate AI cloud services innovation. Alongside...