Did you miss a session from MetaBeat 2022? Head over to the on-demand library for all of our featured periods right here.

With an eye fixed on shifting away from legacy SIEMs, cybersecurity agency Exabeam immediately introduced a cloud-native portfolio of merchandise designed to allow safety groups to “detect the undetectable.”

New-Scale SIEM is constructed on the cloud-native Exabeam Safety Operations Platform and combines cloud-scale safety log administration, behavioral analytics and an automatic investigation expertise, in accordance with the corporate. 

“Safety operations groups fail because of the limitations of legacy SIEM,’’ Exabeam CEO Michael DeCesare advised VentureBeat. “The dearth of innovation available in the market relative to the expansion of information, the sophistication of assaults, and a shift to the cloud have created a SIEM effectiveness hole.”

Legacy instruments don’t present a whole image of a menace, he maintained. “They bury analysts with alerts and compel sluggish, ineffective and guide investigations.” 


Low-Code/No-Code Summit

Be a part of immediately’s main executives on the Low-Code/No-Code Summit nearly on November 9. Register on your free go immediately.

Register Right here

In the meantime, secops groups are overwhelmed with information and not sure of what information to gather, DeCesare added. 

On the identical time, assaults have gotten more and more refined and exhausting to detect, and credential-based assaults are multiplying.

Extra information sources to scale response

The objective of Exabeam’s New-Scale SIEM platform is to allow secops groups to handle extra information sources and better volumes in a cloud-native structure, DeCesare mentioned. “It’s about scaling response to give attention to risk-based priorities, scaling investigations with automation, scaling detection with behavioral analytics intelligence throughout billions of entry factors, scaling operations and other people to raise expertise, and scaling budgets with cloud-based economics.” 

Exabeam’s merchandise are designed to help quite a lot of transport strategies together with APIs, brokers, syslog, and log aggregators resembling SIEM or log administration merchandise — which means an present SIEM doesn’t have to get replaced; Exabeam might be added on prime of it, he mentioned. 

Exabeam developed and maintains a typical info mannequin (CIM) “that provides safety context to, and speeds the ingestion of, uncooked logs for occasion constructing, leading to quicker safety occasion constructing, search, dashboards and growth of latest parsers,’’ DeCesare mentioned. 

SIEM with behavioral fashions to detect anomalies

Greater than 750 behavioral fashions energy 1,200 anomaly detection guidelines in Exabeam to baseline regular conduct for each consumer and machine — one thing legacy SIEMs can’t do, the corporate mentioned. For instance, for a corporation with fundamental logging, 20,000 customers, and 50,000 property, Exabeam is designed to dynamically construct and replace 50 million distinctive detection guidelines.

New-Scale SIEM additionally goals to provide safety groups a holistic image of their environments –– information from core safety merchandise, IT infrastructure, cloud purposes, and infrastructure and enterprise purposes — joined with essential consumer and machine context and well timed menace intelligence information, Exabeam mentioned. 

“Exabeam is our holistic safety operations platform that gives and coordinates automated visibility, detection, analytics, investigation and response throughout our key working environments,” mentioned Jerry Larsen, IT safety supervisor at Patrick Industries. “We have now a number of ERP programs that every one should be protected and Exabeam does the job higher than any legacy SIEM we checked out.” 

The brand new Exabeam Safety Operations Platform was architected on Google Cloud. The brand new portfolio constructed on the platform contains:

  • Exabeam Safety Log Administration — Cloud-scale log administration to ingest, parse, retailer and search log information with dashboarding and correlation.
  • Exabeam SIEM — Cloud-native SIEM at hyperscale with quick, trendy search, and correlation, reporting, dashboarding and case administration.
  • Exabeam Fusion — New-Scale SIEM, powered by trendy, scalable safety log administration, behavioral analytics and automatic menace detection and incident response (TDIR). 
  • Exabeam Safety Analytics — Automated menace detection powered by consumer and entity conduct analytics with correlation and menace intelligence.
  • Exabeam Safety Investigation — TDIR powered by consumer and entity behavioral analytics, correlation guidelines and menace intelligence, supported by alerting, incident administration, automated triage and response workflows.

Pricing for New-Scale SIEM “is linear with no workload restrictions or surprises, permitting safety leaders to extra predictably funds as information volumes enhance and enterprise wants change,’’ DeCesare mentioned. 

The brand new product portfolio is usually obtainable immediately.

Source link