Overview
What is Exabeam Fusion?
Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be…
Finally a SIMPLE and EASY to use SIEM/SOAR solution :) One you will ENJOY using (really!!)
Pricing
What is Exabeam Fusion?
Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be deployed on-premise or from the…
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Would you like us to let the vendor know that you want pricing?
104 people also want pricing
Alternatives Pricing
What is Microsoft Sentinel?
Microsoft Sentinel (formerly Azure Sentinel) is designed as a birds-eye view across the enterprise. It is presented as a security information and event management (SIEM) solution for proactive threat detection, investigation, and response.
Product Details
- About
- Tech Details
What is Exabeam Fusion?
Exabeam Fusion Technical Details
Operating Systems | Unspecified |
---|---|
Mobile Application | No |
Comparisons
Compare with
Reviews and Ratings
(12)Attribute Ratings
Reviews
(1-2 of 2)Exabeam is a customisable SIEM solution with advanced functionality that does not cost a fortune
- Fast search times, unlike other competing solutions.
- The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments.
- License is suitable for organisations with lots of logs to ingest.
- Hardware required for on premise deployments is well supported.
- Improvements on top of Lucene/KQL to add more search functions.
- Stability of the overall deployment.
- Ability to run version upgrades quicker and without data ingestion problems afterward.
- More documentation and examples about the API functionality available.
- Centralized event and log data collection
- 80%8.0
- Correlation
- 60%6.0
- Event and log normalization/management
- 90%9.0
- Deployment flexibility
- 60%6.0
- Integration with Identity and Access Management Tools
- 90%9.0
- Custom dashboards and workspaces
- 70%7.0
- Host and network-based intrusion detection
- 80%8.0
- Log retention
- 100%10.0
- Data integration/API management
- 70%7.0
- Behavioral analytics and baselining
- 90%9.0
- Rules-based and algorithmic detection thresholds
- 50%5.0
- Response orchestration and automation
- 70%7.0
- Reporting and compliance management
- 80%8.0
- Incident indexing/searching
- 80%8.0
- Reduced time to triage alerts.
- Reduced number of alerts which need escalation to senior tiers.
- The ability for analysts to quickly run playbooks for additional information and enrichment.
- Ability to retain data for longer periods for forensics purposes.
- Improved search performance compared with other SIEM solutions.
Finally a SIMPLE and EASY to use SIEM/SOAR solution :) One you will ENJOY using (really!!)
- Simple graphical interface
- Plan text searching, no need to know another coding language
- Very very fast response
- All saved logs up to 7 years instantly searchable
- Not cold or frozen buckets for years old logs
- More and better drop-down menus, some items in threat hunter require you know subsets.
- Less dashboards, combine AA and DL without having separate logins.
- More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
- Quarterly health checkup diagnostics of systems sent out to users.
- Centralized event and log data collection
- 90%9.0
- Correlation
- 100%10.0
- Event and log normalization/management
- 90%9.0
- Deployment flexibility
- 100%10.0
- Integration with Identity and Access Management Tools
- 80%8.0
- Custom dashboards and workspaces
- 70%7.0
- Host and network-based intrusion detection
- 80%8.0
- Log retention
- 100%10.0
- Data integration/API management
- 90%9.0
- Behavioral analytics and baselining
- 100%10.0
- Rules-based and algorithmic detection thresholds
- 80%8.0
- Response orchestration and automation
- 100%10.0
- Reporting and compliance management
- 100%10.0
- Incident indexing/searching
- 100%10.0
- The simple automated response has allowed us to respond to thousands of more alerts a day.
- From a phishing perspective, Exabeam can recognize a threat and automatically remove it from all mailboxes effected before an analyst can see it on a dashboard.
- With the cloud deployment, Exabeam handles almost all admin duties for the tool themselves versus us having to spend 10 to 20 hours a month just keeping our old cloud-based SIEM healthy and up to date.
- The setup was amazing, it pulled logs from our EDR that was already deployed, thus we were 85% set up in 10 mins.
- Simple API ingestion.
- Exabeam DL just works, unlike other SIEM logging systems that never fully work and require constant maintenance.
- Raw log search from DL rather than AA.
- Compliance reporting for log retention is not a simple report option, takes several tasks to complete.