Content
Exabeam Security Management Platform 2019.2
Exabeam Security
Management Platform is a next-generation SIEM that leverages UEBA metrics to
detect threats automatically. This platform adds analytics to existing log
stores and layers SOAR on top of them to decrease logging costs.Pre-built
connectors that support the integration of more than 80 log types, including
cloud-based types, means that organizations may add new logs without paying
volume price. The platform also easily ingests vulnerability scan data. Various
supported data streams provide comprehensive data access that this SIEM can then
use to show full contextual information of an event. A health management
feature keeps the platform functional by monitoring the amount of data entering
the environment.Alert triage
filters out false positives, correlates information and highlights top tks to
prioritize threats. A key strength of this platform is its ability to triage
events accurately. It adeptly analyzes behavior to identify the riskiest
entities.Dashboards come
as fully customizable, out-of-the-box templates. These templates offer views of
relevant information, including watchlists of employees with the riskiest
security behavior. User profiles show risk trends and reveal why the platform
has flagged certain individuals. Exabeam continuously fingerprints user
activity and pulls information from its Active Directory. The dashboard
displays a relationship graph that compares identified peer groups to determine
atypical behaviors. Teams can manually create event investigations or leave
event investigations to the platform’s automation until a risk score exceeds a
pre-determined threshold. The solution also defines and explains abnormal
behavior, so junior analysts can understand events and investigate them with
confidence.
Investigating
and threat hunting have extensive search and query capabilities that do not
necessitate the use of query language, while the point-and-click interface
offers intuitive dropdown menus and filters. The usability and efficiency of
the interface sets this SIEM apart from others in this space because it so dramatically
simplifies the investigative process. It even has pre-connected timelines,
built by machine learning, that further condense the process of searching for
items and interpreting results. In real time and across thousands of users and
machines, the solution stitches together gaps in the data of millions of logs,
alleviating much of the hard work that analysts would otherwise have to do
themselves. Automated playbooks, either created from scratch or leveraged from
customizable templates, respond to various threats based on behavioral analysis
and machine learning.Hundreds of
out-of-the-box report templates visualize reports on virtually all data. All
reports have limitless customizations, so organizations have the flexibility to
view only the data they find most meaningful.Beginning as a
SIEM-helper, the Exabeam Security Management Platform eventually grew into a
full-blown SIEM, a strong indication that the Exabeam teams have worked hard to
improve and refine their product. The solution impressed us very much,
especially its ability to link incidents accurately even when they are tied to
different end-users. There are so many different use cases for this platform,
including layering it onto an existing SIEM for added security and value.Pricing starts
at $75,000 and includes 24/7 standard technical support. Customers also have
access to a FAQ list. Premium support is available for an additional
charge. Tested by: Tom Weil Product title
Exabeam Security Management Platform 2019.2
Product info
Vendor: Exabeam, Inc.
Contact: www.exabeam.com
Price: $75,000
Strength
It adeptly analyzes behavior to accurately identify the riskiest entities. There are so many different use cases for this platform, including layering it onto an existing SIEM for added security and value.
Weakness
None that we found.
Verdict
The solution impressed us very much, especially its ability to link incidents accurately even when they are tied to different end-users.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
You can skip this ad in 5 seconds