Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be deployed on-premise or from the cloud. Exabeam can also integrate information from the Exabeam Threat Intelligence Service, or into a third-party SIEM.
N/A
Huntress
Score 9.3 out of 10
N/A
Huntress is a security platform that surfaces hidden threats, vulnerabilities, and exploits.
The platform helps IT resellers protect their customers from persistent footholds, ransomware and other attacks.
As a SIEM tool for investigations, Exabeam is the best in class. The AI assigns numeric values to observed logs them presents high scores to the analyst in a simple dashboard. We can see what is a real threat and ignore so many false positives. Exabeam is the best SIEM was used from an alert fatigue perspective. The simple interface allows other teams not just InfoSec to utilize the tool; helpdesk for asset diagnoses, HR for staffing questions, etc.
Huntress is great for a managed service provider to provide a better cybersecurity stack to their endpoints/customers. Some smaller clients cannot afford high-priced SOC services but require SOC-level protection. Along with a couple of other layers of security, Huntress provides peace of mind for the MSP that if a threat were to arise, they would be notified with specific instructions for dealing with that threat.
Using the latest industry knowledge of threats that have been ongoing, but not previously known and projecting it back in time against their installed endpoints to identify machines that are vulnerable or breached and when it these events occurred
Very quiet. If they alert, it is a thing.
Very good at remediation.
They communicate extremely well when it matters.
While there are the most extensive products more often than not they are the first to alert us to a threat.
More and better drop-down menus, some items in threat hunter require you know subsets.
Less dashboards, combine AA and DL without having separate logins.
More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
Quarterly health checkup diagnostics of systems sent out to users.
Exabeam is very good at processing lots of logs without excessive licensing costs. It has a professional support team that's very quick to resolve any issues and provides custom parsers quickly and enables our analysts to search vast data sets without having to wait long for results to be returned. The product is getting more mature with new features every major release.
We dropped SentinelOne in favor of Huntress because the UI was much more simplistic for the tier 1 techs to maintain. It beats the old web design model of three clicks to where you want to go. It is very intuitive. No one needs training to figure out how to navigate its console.
Exabeam Fusion has so many diffferent out reach meetings, webinars, community virtual coffees, and events that you can always stay abreast of what if happening and get new ideas for use cases. Their support actually answers their phones and can respond in chat instantly. With our cloud deployment Exabeam support teams can instantly see our systems and help us.
Firstly from a business model, [VMware] Carbon Black [Cloud Managed Detection] was not outfitted for the MSP where Huntress is very MSP-friendly from an affordably easy point to entry to value for money licensing. Carbon Black TS is not bad in anyway, well, that we found, but Huntress is a new layer of security that fits between the OS and AV layers to provide additional information, monitoring, and detection. With Huntress backing the MSP, [it] sure does help as well.
