Exabeam, the security analytics and automation company announce Exabeam Fusion XDR and Exabeam Fusion SIEM, two new powerful cloud-delivered security products that efficiently solve threat detection, investigation and response (TDIR) without disrupting an organisation’s existing technology stack.
Exabeam Fusion products integrate behavioural analytics and automation capabilities to deliver the outcomes-based approach to security operations (SecOps). The Fusion product line showcases an open system approach to extended detection and response (XDR) and security information and event management (SIEM) enabling any organisation to acquire an advanced TDIR layer on top of existing IT and security stacks.
Advanced behaviour analytics
Exabeam is also announcing the general availability of its TDIR use case packages that are integrated into Fusion XDR and Fusion SIEM. “We’ve been using Exabeam as our XDR for some time now as the technology can see and connect data from far more locations than just our endpoint detection and response solutions,” said Marc Crudgington, CISO at Woodforest National Bank.
Exabeam is also announcing the general availability of its TDIR use case packages
“It’s exciting to see Exabeam package its advanced behaviour analytics and automation capabilities into these forward-thinking cloud products. We rely on Exabeam Fusion XDR in our SOC operations to help us more quickly detect, investigate and remediate threats — an essential outcome in keeping our networks, business operations, employee and customer data continuously protected.”
Malicious insider attacks
Exabeam is reimagining XDR with the launch of Fusion. Effective SOCs have clearly defined outcomes aligned to TDIR workflows. The cloud-delivered products contain prescriptive workflows guided by pre-packaged, use case specific content to enable security analysts to defend against common and evolving threats including external, compromised insider, and malicious insider attacks.
“Breach scenarios are still too frequent, with common attack techniques like lateral movement, data exfiltration, and privilege escalation appearing legitimate or spanning across siloed security products,” said Adam Geller, chief product officer at Exabeam.
Security analytics tools
The majority of security analytics tools on the market only automate detection and response
“When security analysts are unable to connect the dots between various systems, malicious attacks go undetected and lead to security breaches. Delivering Exabeam Fusion XDR and Exabeam Fusion SIEM from the cloud enables us to accelerate feature and functionality development, while deploying a use case framework that consistently delivers successful outcomes for our customers.”
According to an Exabeam-sponsored Ponemon research study that surveyed 596 IT and IT security practitioners, security teams spend 12 per cent of their time detecting threats, 36 per cent triaging, 26 per cent investigating, and 26 per cent responding. The majority of security analytics tools on the market only automate detection and response. The Fusion product line automates 100 per cent of the TDIR workflow, including the bulk of the time it takes — 62 per cent — for security teams to conduct triage and investigation.
Critical security issues
Exabeam Fusion combines behaviour analytics, TDIR automation, and pre-built integrations with hundreds of third-party security and productivity tools to overcome weak signals from multiple products and find complex threats missed by other tools.
Exabeam Fusion offerings accurately differentiate normal behaviour from abnormal activity
Customers can easily identify and respond to critical security issues, intrusions and attacks from a single, centralised control plane, substantially increasing analyst productivity and reducing response times. Exabeam Fusion offerings accurately differentiate normal behaviour from abnormal activity, apply risk scoring to identify notable users and events, and build Smart Timelines™ to automatically reconstruct security incidents providing accelerated investigation and response.
Cloud-delivered products
“With Exabeam Fusion, organisations can unify their current security tools to more efficiently detect, investigate, and respond to threats without the need for large-scale rip and replacements of their entire security stack,” said Ralph Pisani, President at Exabeam. “Our customers can keep their existing tools and merge our fully automated TDIR layer on top to benefit from Exabeam’s fast innovation, superior experience and accelerated time to value.”
Gorka Sadowski, chief strategy officer at Exabeam, added, “The Fusion product launch is in line with our strategic direction to expand beyond SIEM and solve the industry’s biggest SecOps challenges by offering a set of world-class, cloud-delivered products and solutions to the marketplace.” Exabeam Fusion SIEM includes all Fusion XDR features and capabilities plus access to centralised log storage, powerful search, and compliance reporting. Fusion XDR and Fusion SIEM come in two editions, Core and Enterprise, to support organisations of all sizes.