Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured classes right here.
With a watch on shifting away from legacy SIEMs, cybersecurity agency Exabeam right now introduced a cloud-native portfolio of merchandise designed to allow safety groups to “detect the undetectable.”
New-Scale SIEM is constructed on the cloud-native Exabeam Safety Operations Platform and combines cloud-scale safety log administration, behavioral analytics and an automatic investigation expertise, in line with the corporate.
“Safety operations groups fail as a result of limitations of legacy SIEM,’’ Exabeam CEO Michael DeCesare informed VentureBeat. “The shortage of innovation out there relative to the expansion of information, the sophistication of assaults, and a shift to the cloud have created a SIEM effectiveness hole.”
Legacy instruments don’t present a whole image of a risk, he maintained. “They bury analysts with alerts and compel gradual, ineffective and guide investigations.”
Be part of right now’s main executives on the Low-Code/No-Code Summit just about on November 9. Register in your free cross right now.
Register Right here
In the meantime, secops groups are overwhelmed with information and uncertain of what information to gather, DeCesare added.
On the similar time, assaults have gotten more and more refined and exhausting to detect, and credential-based assaults are multiplying.
Extra information sources to scale response
The aim of Exabeam’s New-Scale SIEM platform is to allow secops groups to handle extra information sources and better volumes in a cloud-native structure, DeCesare stated. “It’s about scaling response to give attention to risk-based priorities, scaling investigations with automation, scaling detection with behavioral analytics intelligence throughout billions of entry factors, scaling operations and other people to raise expertise, and scaling budgets with cloud-based economics.”
Exabeam’s merchandise are designed to assist a wide range of transport strategies together with APIs, brokers, syslog, and log aggregators equivalent to SIEM or log administration merchandise — which means an current SIEM doesn’t have to get replaced; Exabeam might be added on prime of it, he stated.
Exabeam developed and maintains a typical info mannequin (CIM) “that provides safety context to, and speeds the ingestion of, uncooked logs for occasion constructing, leading to sooner safety occasion constructing, search, dashboards and growth of recent parsers,’’ DeCesare stated.
SIEM with behavioral fashions to detect anomalies
Greater than 750 behavioral fashions energy 1,200 anomaly detection guidelines in Exabeam to baseline regular habits for each consumer and gadget — one thing legacy SIEMs can’t do, the corporate stated. For instance, for a company with primary logging, 20,000 customers, and 50,000 property, Exabeam is designed to dynamically construct and replace 50 million distinctive detection guidelines.
New-Scale SIEM additionally goals to present safety groups a holistic image of their environments –– information from core safety merchandise, IT infrastructure, cloud functions, and infrastructure and enterprise functions — joined with vital consumer and gadget context and well timed risk intelligence information, Exabeam stated.
“Exabeam is our holistic safety operations platform that gives and coordinates automated visibility, detection, analytics, investigation and response throughout our key working environments,” stated Jerry Larsen, IT safety supervisor at Patrick Industries. “We now have a number of ERP programs that each one must be protected and Exabeam does the job higher than any legacy SIEM we checked out.”
The brand new Exabeam Safety Operations Platform was architected on Google Cloud. The brand new portfolio constructed on the platform consists of:
- Exabeam Safety Log Administration — Cloud-scale log administration to ingest, parse, retailer and search log information with dashboarding and correlation.
- Exabeam SIEM — Cloud-native SIEM at hyperscale with quick, trendy search, and correlation, reporting, dashboarding and case administration.
- Exabeam Fusion — New-Scale SIEM, powered by trendy, scalable safety log administration, behavioral analytics and automatic risk detection and incident response (TDIR).
- Exabeam Safety Analytics — Automated risk detection powered by consumer and entity habits analytics with correlation and risk intelligence.
- Exabeam Safety Investigation — TDIR powered by consumer and entity behavioral analytics, correlation guidelines and risk intelligence, supported by alerting, incident administration, automated triage and response workflows.
Pricing for New-Scale SIEM “is linear with no workload restrictions or surprises, permitting safety leaders to extra predictably funds as information volumes improve and enterprise wants change,’’ DeCesare stated.
The brand new product portfolio is mostly obtainable right now.