Exabeam introduced New-Scale SIEM, a cloud-based SIEM environment. According to the vendor, the solution “detects the undetectable”.
Designed for Google Cloud, the Exabeam Security Operations Platform helps security experts fight hackers using an integrated workflow of threat detection, threat investigation and response.
The platform combines cloud-based and unlimited scalable security log management, behavioural analysis and an automated investigation experience in a single environment, Exabeam New-Scale SIEM.
The vendor says the environment can find answers with search queries from petabytes of hot, warm and cold data in seconds. In addition, unlimited logs can be processed at high speeds of more than 1 million events per second.
Behavioural analytics
According to the vendor, behavioural analysis functionality is key to New-Scale SIEM. The functionality examines and analyzes ‘normal’ behaviour to find and prioritize anomalies.
The ‘normal’ behaviour that the SIEM environment uses as the basis for its detection activities is determined by as many as 750 different behaviour analysis models. In addition, Exabeam New-Scale SIEM has more than 1,800 pre-built correlation rules and more than 1,100 anomaly detection rules.
Its unique rules and models can be applied to any end user and device within a company. If, for example, a customer has 20,000 users and 50,000 different assets or devices, the SIEM environment can dynamically build and update about 50 million unique detection rules.
Integrations
In addition, the SIEM environment integrates with more than 550 products from other providers. For this purpose, the solution comes with 8,000 pre-built parsers. This should significantly reduce the onboarding, deployment and runtime requirements of an environment, the vendor said.
The SIEM environment gains further functionality when combined with Exabeam’s other solutions. These cloud-based solutions include Exabeam Security Log Management, Exabeam SIEM, Exabeam Fusion, Exabeam Security Analytics and Exabeam Security Investigation.
All of the services mentioned above support the basic features of the platform: security logging, behavioural analysis and threat detection.