Name: Exabeam Fusion
Rating: 6.3 (13 reviews)
Author: Exabeam

Customer Training

Help Desk

Web and Video Conferencing

Customer Support

Cross-Browser Testing

Feature Management

Product Analytics

Virtual Reality

Development

Business Intelligence (BI)

Collaboration

Contract Analysis

Emissions Management

Payment Facilitation

Workflow

Enterprise

Accounting

Accounts Receivable

CTRM

Travel Management

Treasury Management

Finance and Accounting

Applicant Tracking

Corporate Learning Management

HR Management

Payroll

Talent Intelligence

Talent Management

Workforce Analytics

Workforce Management

Human Resources

API Management

Change and Configuration Management

Cloud Migration

Cloud Storage

Configuration Management

Data Deduplication

Database-as-a-Service (DBaaS)

Fraud Detection

Game Engine

Integration Platform as a Service (iPaaS)

Managed Public Cloud Infrastructure

Migration

Mobile Data Security

Mobile Identity

Network Performance Monitoring

SaaS Management

Sensitive Data Discovery

Software Composition Analysis (SCA)

Time Series Databases

Information Technology

A/B Testing

Ad Serving & Retargeting

All-in-One Marketing

Content Management

Content Marketing

Email Marketing

Marketing Automation

Online Reputation Management

Social Media Management

Social Media Publishing

Survey & Forms Building

Web Analytics

Marketing

AI Meeting Assistants

Project Management

Task Management

Professional Services

Customer Relationship Management (CRM)

Lead Generation

Sales Enablement

Sales Incentive Compensation Management

Sales Performance Management

eCommerce Analytics

Sales

Cloud Infrastructure Entitlement Management

Intrusion Detection

Security

Aviation

Banking

Geographic Information

Insurance Agency Management

Insurance Claims Management

Physical Therapy

Vertical-Specific

Find top rated software and services based on in-depth reviews from verified users. 400+ software categories including PaaS, NoSQL, BI, HR, and more.

Splunk Enterprise

Splunk

Splunk User Behavior Analytics (UBA)

TheHive

StrangeBee

Microsoft Sentinel

Microsoft

Google Security Operations

Google

IBM Security QRadar SIEM

Qualys TruRisk Platform

Qualys

AlienVault USM

AT&T Cybersecurity

CrowdStrike Falcon

CrowdStrike

Microsoft Defender for Endpoint

Exabeam is a powerful cybersecurity tool that offers a range of use cases for users. With its SIEM capabilities, Exabeam quickly identifies risky users and compromised assets, helping organizations effectively mitigate potential threats. Users appreciate the product's ability to eliminate the challenges of dealing with multiple dashboards and uncorrelated data streams, streamlining IT security operations.

The advanced threat detection and security orchestration features provided by Exabeam make it an invaluable tool for enhancing operational efficiency. Customers have found that Exabeam's comprehensive approach to threat detection and response yields positive outcomes in terms of identifying insider risks and catching potential threats. Additionally, the simplicity of Exabeam's IR/SOAR feature helps with ROI for SOC threat hunting and log retention.

Moreover, Exabeam serves as an effective solution for log aggregation, UEBA, threat hunting, investigations, compliance reporting, alerting, and InfoSec ticketing. Its Data Lake acts as a true repository for security event data, enhancing OEM reports and addressing the lack of OEM reporting maturity in other tools. Notably, Exabeam's user-friendly interface makes it suitable for small teams, enabling them to utilize the tool without extensive training or expertise.

In addition to its security-focused applications, Exabeam has proven useful in day-to-day IT operations. The product's simplicity allows help desk teams to diagnose issues with user assets quickly and easily. Furthermore, the built-in case management feature facilitates the review and triaging of alerts while also supporting the initiation of playbooks.

Overall, Exabeam provides a comprehensive solution for various cybersecurity needs. Its user-centric design, advanced threat detection capabilities, and seamless integration with existing systems make it a valuable asset for organizations looking to enhance their security posture and streamline IT operations.

Complexity of product: Some users have found the complexity of the SIEM solution to be a potential drawback. They have mentioned that setting up and configuring the product effectively requires significant expertise, which can be challenging.

Limited prebuilt playbooks: While the vendor is actively working on developing more prebuilt playbooks, some users have expressed that there were not as many available as they would have liked. This has led to limitations in automation and customization for certain use cases.

Previous issues with high availability: In previous versions, the platform had encountered problems with high availability. However, it is worth noting that the vendor has been making continuous improvements in this area to enhance stability and reliability.

Good Visibility in Security Logs: Several users have found that Exabeam Datalake provides good visibility in security logs. They appreciate the platform's ability to offer an end-to-end view of cyber threats and the clarity and reliability it offers when properly configured.

Efficient Log Ingestion: Many reviewers have praised Exabeam Datalake for its robust connector for log ingestion, which makes the process efficient. This feature saves time and effort for users, allowing them to focus on other aspects of their work.

Dashboard Feature for Risk Identification: The dashboard feature in Exabeam Datalake has been well-received by users as it allows them to identify risky behavior and assets. This capability enhances the overall security posture by providing valuable insights into potential threats or vulnerabilities.

Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be deployed on-premise or from the cloud. Exabeam can also integrate information from the Exabeam Threat Intelligence Service, or into a third-party SIEM.

IBM Verify, formerly known as IBM Cloud Identity, is an identity-as-a-service (IDaaS) offering that aggregates dynamic user, device and environmental context to automate risk protection and continuously authenticate any user to any resource.

IBM Verify

Trellix Helix (formerly FireEye Helix) is a SIEM solution providing a non-malware threat detection solution.

Helix Console

Helix Enterprise

Trellix Helix

Exabeam Fusion

Identity Threat Detection & Response Software

Likelihood to Recommend

Usability

Support Rating

<p>Exabeam is a global cybersecurity leader that adds intelligence to every IT and security stack. The leader in Next-gen SIEM and XDR, Exabeam is reinventing the way security teams use analytics and automation to solve Threat Detection, Investigation, and Response (TDIR), from common security threats to the most critical that are difficult to identify. Exabeam offers a comprehensive cloud-delivered solution that leverages machine learning and automation using a prescriptive, outcomes-based approach to TDIR. We design and build products to help security teams detect external threats, compromised users and malicious adversaries, minimize false positives and best protect their organizations. For more information, visit <a href="https://www.exabeam.com/">www.exabeam.com</a></p><div><br></div>

Exabeam

Exabeam Fusion 2022-04-19 11:47:22

Exabeam Fusion 2022-04-21 11:45:05

TrustRadius is a technology and business research firm based in Austin, Texas. The company is known as a review platform for verified B2B technology and software reviews through a proprietary algorithm and human verification.

TrustRadius

Not find

Documentation and examples

Drop down

Api functionality

Drop down menus

Functionality available

Set up

System health

Search functions

Health checks

Fast response

Command line

Command line interface

Main dashboard

Well supported

Pane of glass

Excellent service

Graphical interface

Service and support

Coding language

Home

It is our SIEM and SOAR tool. We use it for all investigations. We use it for log retention and complance reporting. We use it for all alerting and InfoSec ticketing. With its simplicisty our help desk uses it to diagnose issues with user assets quickly and easly with very little training.

Simple graphical interface
Plan text searching, no need to know another coding language
Very very fast response
All saved logs up to 7 years instantly searchable
Not cold or frozen buckets for years old logs

More and better drop-down menus, some items in threat hunter require you know subsets.
Less dashboards, combine AA and DL without having separate logins.
More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
Quarterly health checkup diagnostics of systems sent out to users.

The simple automated response has allowed us to respond to thousands of more alerts a day.
From a phishing perspective, Exabeam can recognize a threat and automatically remove it from all mailboxes effected before an analyst can see it on a dashboard.
With the cloud deployment, Exabeam handles almost all admin duties for the tool themselves versus us having to spend 10 to 20 hours a month just keeping our old cloud-based SIEM healthy and up to date.

The setup was amazing, it pulled logs from our EDR that was already deployed, thus we were 85% set up in 10 mins.
Simple API ingestion.
Exabeam DL just works, unlike other SIEM logging systems that never fully work and require constant maintenance.

Raw log search from DL rather than AA.
Compliance reporting for log retention is not a simple report option, takes several tasks to complete.

We have been using the Exabeam suite as our SIEM solution to collect logs from different systems into a centralised location which can then be used for forensics purposes later on as well as real-time alerting on sensitive assets. Furthermore, the inbuilt case management has been the solution our analysts use to review and triage alerts as well as initiate playbooks.

Fast search times, unlike other competing solutions.
The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments.
License is suitable for organisations with lots of logs to ingest.
Hardware required for on premise deployments is well supported.

Improvements on top of Lucene/KQL to add more search functions.
Stability of the overall deployment.
Ability to run version upgrades quicker and without data ingestion problems afterward.
More documentation and examples about the API functionality available.

Reduced time to triage alerts.
Reduced number of alerts which need escalation to senior tiers.
The ability for analysts to quickly run playbooks for additional information and enrichment.
Ability to retain data for longer periods for forensics purposes.
Improved search performance compared with other SIEM solutions.

Exabeam Fusion

Overview

What is Exabeam Fusion?