Exabeam Announces New Threat Intelligence Service
Cloud-based offering helps organizations consolidate and analyze
threat indicators; included with all Exabeam subscriptions
LAS VEGAS–(BUSINESS WIRE)–Exabeam,
the next-gen security management company, today announced Exabeam Threat
Intelligence Service, a cloud-based offering that aggregates threat
indicators from multiple online sources. The new service will be an
integral part of the Exabeam Security Management Platform and available
at no additional charge to customers with a current Exabeam subscription.
Exabeam Threat Intelligence Service collects potential indicators of
compromise (IoCs), including suspicious IP addresses, blacklisted IP
addresses, known phishing URLs, and malicious file signatures. Machine
algorithms are then applied to remove false positives and rank each
indicator. To do this, the Exabeam Security Management Platform uses
behavioral analytics techniques, similar to those used to assess users
or devices, to baseline IoCs and gain a more relevant picture of the
threats in the environment.
Analysts will be able to leverage the feeds directly in Exabeam
products, simplifying the task of understanding the impact of a
potential threat and saving time conducting the investigation. The
analytics engine in the Exabeam Security Management Platform will
automatically match the IoCs to user and device activities to more
accurately assess their risk level. Security analysts can use the new
service in several ways, including to:
-
Add risk to a session in Exabeam Advanced Analytics when an IoC is
involved in a user timeline, such as malware detected on a user’s
laptop -
Automate an investigation playbook in Exabeam Incident Responder using
a threat indicator, such as a known phishing URL or webmail IP address -
Trigger an alert via a rule in Exabeam Data Lake if an indicator of
compromise is detected, such as a known endpoint from a TOR network
“Threat intelligence has always been a good idea but hard to use in
practice. The problem is that using the intel is a manual process that
eats up an analyst’s time,” said Exabeam CEO Nir Polak. “The stumbling
block has always been integration into analyst workflows. By making it
available at no extra charge, increasing the value using machine
learning, and integrating it directly into our platform, we make it
simple. No other enterprise SIEM can offer what Exabeam’s new Threat
Intelligence Service does.”
“Organizations are failing at early breach detection, with more than 80%
of breaches undetected by the breached organization. The situation can
be improved with threat intelligence, behavior profiling and effective
analytics. SIEM vendors continue to increase their native support for
behavior analysis capabilities as well as integrations with third-party
technologies, and Gartner customers are increasingly expressing interest
in developing use cases based on behavior,” wrote Kelly Kavanagh and
Toby Bussa, research analysts at Gartner. Exabeam was recognized as a
Visionary in Gartner’s 2017 Magic Quadrant for Security Information and
Event Management.
Delivered from the cloud, Exabeam Threat Intelligence Service can work
with any Exabeam deployment, whether on premises, in a public cloud, or
hybrid. Centrally managed, the offering adds no overhead to the
operations of customers and will benefit from periodic enhancements.
Exabeam Threat Intelligence Service is the first of several planned
cloud security services that will form an integral part of the Exabeam
Security Management Platform.
For more information on the Exabeam Threat Intelligence Service,
announced at the company’s inaugural customer conference Spotlight
18, please visit https://www.exabeam.com/product/.
Source: Gartner, Inc., Magic Quadrant for Security Information and
Event Management, December 4, 2017
Gartner disclaimer
Gartner does not endorse any vendor, product or service depicted in its
research publications, and does not advise technology users to select
only those vendors with the highest ratings or other designation.
Gartner research publications consist of the opinions of Gartner’s
research organization and should not be construed as statements of fact.
Gartner disclaims all warranties, expressed or implied, with respect to
this research, including any warranties of merchantability or fitness
for a particular purpose.
About Exabeam
Exabeam delivers next-generation security management technology that
enables organizations to protect their most valuable information. The
Exabeam Security Management Platform combines unlimited log data
collection, advanced behavioral analytics, and automated incident
response, all supported by Exabeam’s patented Smart Timeline technology
that uses machine learning to track identity and behavior over time. The
company’s recent industry accolades include Forbes Cloud 100, Inc. 500,
and SC Awards Europe, among many other distinctions. Exabeam is
privately funded by Aspect Ventures, Cisco Investments, Icon Ventures,
Lightspeed Venture Partners, Norwest Venture Partners and well-known
security investor Shlomo Kramer. For more information, visit http://www.exabeam.com or
follow us on Twitter @exabeam.
Contacts
Touchdown PR for Exabeam
Emily Gallagher/Alyssa Pallotti,
512-373-8500
exabeam@touchdownpr.com