Item: Exabeam Fusion
Rating: 10
Author: Verified User

Use Cases and Deployment Scope

It is our SIEM and SOAR tool. We use it for all investigations. We use it for log retention and complance reporting. We use it for all alerting and InfoSec ticketing. With its simplicisty our help desk uses it to diagnose issues with user assets quickly and easly with very little training.

Pros and Cons

Simple graphical interface
Plan text searching, no need to know another coding language
Very very fast response
All saved logs up to 7 years instantly searchable
Not cold or frozen buckets for years old logs

More and better drop-down menus, some items in threat hunter require you know subsets.
Less dashboards, combine AA and DL without having separate logins.
More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
Quarterly health checkup diagnostics of systems sent out to users.

Return on Investment

The simple automated response has allowed us to respond to thousands of more alerts a day.
From a phishing perspective, Exabeam can recognize a threat and automatically remove it from all mailboxes effected before an analyst can see it on a dashboard.
With the cloud deployment, Exabeam handles almost all admin duties for the tool themselves versus us having to spend 10 to 20 hours a month just keeping our old cloud-based SIEM healthy and up to date.

Support Rating

Exabeam Fusion has so many diffferent out reach meetings, webinars, community virtual coffees, and events that you can always stay abreast of what if happening and get new ideas for use cases. Their support actually answers their phones and can respond in chat instantly. With our cloud deployment Exabeam support teams can instantly see our systems and help us.

Key Insights

Do you think Exabeam Fusion delivers good value for the price?

Yes

Are you happy with Exabeam Fusion's feature set?

Yes

Did Exabeam Fusion live up to sales and marketing promises?

Yes

Did implementation of Exabeam Fusion go as expected?

Yes

Would you buy Exabeam Fusion again?

Yes

Usability

The system is set up to run out of the box. It has a simple easy to understand the graphical interface. Exabeam designed its SIEM from the ground up to be user-friendly and intuitive. They designed it to use plain text searches so no special training is needed. You do NOT have to learn another programming language and keep up with it daily to be proficient and productive with the tool, unlike all other SIEMs we have used before. Did I mention we love Exabeam?

Likelihood to Recommend

As a SIEM tool for investigations, Exabeam is the best in class. The AI assigns numeric values to observed logs them presents high scores to the analyst in a simple dashboard. We can see what is a real threat and ignore so many false positives. Exabeam is the best SIEM was used from an alert fatigue perspective. The simple interface allows other teams not just InfoSec to utilize the tool; helpdesk for asset diagnoses, HR for staffing questions, etc.

Usability Pros and Cons

Pros	Cons
Like to use Relatively simple Easy to use Technical support not required Well integrated Consistent Quick to learn Convenient Feel confident using Familiar	None

Easy Tasks

The setup was amazing, it pulled logs from our EDR that was already deployed, thus we were 85% set up in 10 mins.
Simple API ingestion.
Exabeam DL just works, unlike other SIEM logging systems that never fully work and require constant maintenance.

Difficult Tasks

Raw log search from DL rather than AA.
Compliance reporting for log retention is not a simple report option, takes several tasks to complete.

Finally a SIMPLE and EASY to use SIEM/SOAR solution :) One you will ENJOY using (really!!)

Modules Used

Overall Satisfaction with Exabeam Fusion