Exabeam’s April 2024 Release: Enhanced Threat Detection Features
New Tools for Streamlined Investigations and Faster Threat Response
Exabeam’s April 2024 product release introduces three major features designed to enhance cybersecurity capabilities: Investigation Timelines with Search, Threat Center APIs, and customizable case queues and stages. These tools enable faster investigations through visual timelines, flexible case management, and advanced API functions within Threat Center for improved alert and case management.
Investigation Timelines: Visualize and Simplify Threat Analysis
The new Investigation Timelines feature provides security analysts and threat hunters with detailed timelines that capture both normal and suspicious behavior. By integrating Investigation Timelines with Exabeam’s Search functionality, users gain granular visualizations that enhance investigative capabilities. The interface offers advanced search and filter options that automatically link threat detections to triggering events, minimizing manual analysis.
Key Benefits of Investigation Timelines
- Granular search and filtering: Users can easily pinpoint anomalies and threats with advanced search and filtering options, allowing for more accurate investigations.
- Streamlined workflows: Investigation Timelines offer cohesive search across multiple detections, simplifying the investigation process and accelerating response times.
- Unified investigation platform: Threat Center and Search integrate seamlessly, enabling a smooth experience for detailed investigations and proactive threat hunting.
- Rapid incident response: Investigation Timelines help expedite response efforts by providing insights into incident scope and risk, facilitating proactive security measures.
Investigation Timelines are expected to be available in Q2 2024. Existing Exabeam customers interested in early access can contact their Exabeam account representative.
New Cloud Collectors for Enhanced Log Ingestion
This release also introduces two new Cloud Collectors: Cisco Duo and Azure Log Analytics Collector. Cisco Duo enables seamless ingestion of authentication and access logs, enriching visibility into user activities and potential security risks. The Azure Log Analytics Collector expands log ingestion capabilities, allowing organizations to harness Azure’s powerful logging features for deeper security insights.
These Cloud Collectors demonstrate Exabeam’s dedication to offering comprehensive solutions that adapt to the evolving needs of organizations, enabling robust, data-driven cybersecurity practices.
Customizable Case Queues and Stages for Enhanced Workflow
Exabeam now provides customizable case queues and stages (such as New, Investigation, Remediation, and Close) to align with organizational needs and internal workflows. Key features of customizable queues and stages include:
- Configurable stages: Organizations can create new stages or modify existing ones to fit SOC workflows.
- Flexible case assignments: Case queues function independently of role-based access control (RBAC), allowing teams to assign cases with more flexibility.
- Streamlined administration: Administrators can easily add, edit, reorder, and delete case stages, enhancing workflow customization.
About Exabeam: AI-Driven Security Operations
Exabeam is a global cybersecurity leader, specializing in AI-driven security operations. Known for integrating AI and machine learning into its SIEM solutions, Exabeam pioneered behavioral analytics for advanced threat detection. Today, the Exabeam Security Operations Platform includes cloud-native SIEM, scalable security log management, powerful behavioral analytics, and automated TDIR capabilities. Exabeam’s solutions enable organizations to detect threats, defend against cyberattacks, and mitigate security risks effectively.
Exabeam uses AI to learn normal behavior patterns, identifying risky activity in real time and allowing security teams to act quickly for consistent, repeatable security outcomes.
Exabeam Solutions from NWU in Ukraine
NWU, the official Exabeam distributor in Ukraine, provides a comprehensive range of Exabeam cybersecurity solutions and SIEM support. Ukrainian businesses and government organizations benefit from Exabeam’s advanced platform, offering top-tier cybersecurity, seamless SIEM integration, and essential automation tools for optimal protection. Partnering with NWU offers local expertise to facilitate Exabeam platform implementation and ensures efficient, successful deployment.
NWU not only delivers Exabeam’s solutions but also offers expert guidance to help Ukrainian organizations maximize their cybersecurity capabilities. With NWU, clients have a reliable cybersecurity partner, gaining access to Exabeam’s latest innovations backed by services that ensure proper deployment and operation. NWU supports businesses with tools for behavioral analytics, threat intelligence, and incident management, enabling proactive defense against sophisticated cyber threats.