Skip to main content
TrustRadius

Overview

What is Exabeam Fusion?

Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be…

Read more
Recent Reviews
Read all reviews
Return to navigation

Pricing

View all pricing
N/A
Unavailable

What is Exabeam Fusion?

Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be deployed on-premise or from the…

Entry-level set up fee?

  • No setup fee

Offerings

  • Free Trial
  • Free/Freemium Version
  • Premium Consulting / Integration Services

Would you like us to let the vendor know that you want pricing?

104 people also want pricing

Alternatives Pricing

What is Microsoft Sentinel?

Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.

Return to navigation

Product Details

Return to navigation

Comparisons

View all alternatives
Return to navigation

Reviews and Ratings

(12)

Attribute Ratings

Reviews

(1-2 of 2)
Companies can't remove reviews or game the system. Here's why
Score 7 out of 10
Vetted Review
Verified User
Incentivized
We have been using the Exabeam suite as our SIEM solution to collect logs from different systems into a centralised location which can then be used for forensics purposes later on as well as real-time alerting on sensitive assets. Furthermore, the inbuilt case management has been the solution our analysts use to review and triage alerts as well as initiate playbooks.
  • Fast search times, unlike other competing solutions.
  • The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments.
  • License is suitable for organisations with lots of logs to ingest.
  • Hardware required for on premise deployments is well supported.
  • Improvements on top of Lucene/KQL to add more search functions.
  • Stability of the overall deployment.
  • Ability to run version upgrades quicker and without data ingestion problems afterward.
  • More documentation and examples about the API functionality available.
Due to the generous per-user licensing model and wide availability of prebuilt parsers with the ability for the vendor's support team to create custom ones promptly. Exabeam is great for when you have lots of logs to collect from different devices and manufacturers. Similarly, Exabeam excels if you have an in-house engineering team that is keen to explore the product, its components, and architecture in order to adapt it for your organisation's needs.
Security Information and Event Management (SIEM) (14)
76.42857142857143%
7.6
Centralized event and log data collection
80%
8.0
Correlation
60%
6.0
Event and log normalization/management
90%
9.0
Deployment flexibility
60%
6.0
Integration with Identity and Access Management Tools
90%
9.0
Custom dashboards and workspaces
70%
7.0
Host and network-based intrusion detection
80%
8.0
Log retention
100%
10.0
Data integration/API management
70%
7.0
Behavioral analytics and baselining
90%
9.0
Rules-based and algorithmic detection thresholds
50%
5.0
Response orchestration and automation
70%
7.0
Reporting and compliance management
80%
8.0
Incident indexing/searching
80%
8.0
  • Reduced time to triage alerts.
  • Reduced number of alerts which need escalation to senior tiers.
  • The ability for analysts to quickly run playbooks for additional information and enrichment.
  • Ability to retain data for longer periods for forensics purposes.
  • Improved search performance compared with other SIEM solutions.
The engineers working to support Exabeam are very professional and competent. They always arrive prepared for troubleshooting meetings and provide helpful input to resolve most issues without requiring excessive escalation whenever possible. Their support team is good at promptly providing parsers that can be used to enhance the product's functionality and ensure fields are all populated.
Exabeam is very good at processing lots of logs without excessive licensing costs. It has a professional support team that's very quick to resolve any issues and provides custom parsers quickly and enables our analysts to search vast data sets without having to wait long for results to be returned. The product is getting more mature with new features every major release.
Score 10 out of 10
Vetted Review
Verified User
Incentivized
It is our SIEM and SOAR tool. We use it for all investigations. We use it for log retention and complance reporting. We use it for all alerting and InfoSec ticketing. With its simplicisty our help desk uses it to diagnose issues with user assets quickly and easly with very little training.
  • Simple graphical interface
  • Plan text searching, no need to know another coding language
  • Very very fast response
  • All saved logs up to 7 years instantly searchable
  • Not cold or frozen buckets for years old logs
  • More and better drop-down menus, some items in threat hunter require you know subsets.
  • Less dashboards, combine AA and DL without having separate logins.
  • More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
  • Quarterly health checkup diagnostics of systems sent out to users.
As a SIEM tool for investigations, Exabeam is the best in class. The AI assigns numeric values to observed logs them presents high scores to the analyst in a simple dashboard. We can see what is a real threat and ignore so many false positives. Exabeam is the best SIEM was used from an alert fatigue perspective. The simple interface allows other teams not just InfoSec to utilize the tool; helpdesk for asset diagnoses, HR for staffing questions, etc.
Security Information and Event Management (SIEM) (14)
91.42857142857142%
9.1
Centralized event and log data collection
90%
9.0
Correlation
100%
10.0
Event and log normalization/management
90%
9.0
Deployment flexibility
100%
10.0
Integration with Identity and Access Management Tools
80%
8.0
Custom dashboards and workspaces
70%
7.0
Host and network-based intrusion detection
80%
8.0
Log retention
100%
10.0
Data integration/API management
90%
9.0
Behavioral analytics and baselining
100%
10.0
Rules-based and algorithmic detection thresholds
80%
8.0
Response orchestration and automation
100%
10.0
Reporting and compliance management
100%
10.0
Incident indexing/searching
100%
10.0
  • The simple automated response has allowed us to respond to thousands of more alerts a day.
  • From a phishing perspective, Exabeam can recognize a threat and automatically remove it from all mailboxes effected before an analyst can see it on a dashboard.
  • With the cloud deployment, Exabeam handles almost all admin duties for the tool themselves versus us having to spend 10 to 20 hours a month just keeping our old cloud-based SIEM healthy and up to date.
Exabeam Fusion has so many diffferent out reach meetings, webinars, community virtual coffees, and events that you can always stay abreast of what if happening and get new ideas for use cases. Their support actually answers their phones and can respond in chat instantly. With our cloud deployment Exabeam support teams can instantly see our systems and help us.
The system is set up to run out of the box. It has a simple easy to understand the graphical interface. Exabeam designed its SIEM from the ground up to be user-friendly and intuitive. They designed it to use plain text searches so no special training is needed. You do NOT have to learn another programming language and keep up with it daily to be proficient and productive with the tool, unlike all other SIEMs we have used before. Did I mention we love Exabeam?
  • The setup was amazing, it pulled logs from our EDR that was already deployed, thus we were 85% set up in 10 mins.
  • Simple API ingestion.
  • Exabeam DL just works, unlike other SIEM logging systems that never fully work and require constant maintenance.
  • Raw log search from DL rather than AA.
  • Compliance reporting for log retention is not a simple report option, takes several tasks to complete.
No
Return to navigation