Exabeam is a customisable SIEM solution with advanced functionality that does not cost a fortune
April 22, 2022

Exabeam is a customisable SIEM solution with advanced functionality that does not cost a fortune

Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User

Modules Used

  • Exabeam Advanced Analytics
  • Exabeam Data Lake
  • Exabeam Incident Responder

Overall Satisfaction with Exabeam Fusion

We have been using the Exabeam suite as our SIEM solution to collect logs from different systems into a centralised location which can then be used for forensics purposes later on as well as real-time alerting on sensitive assets. Furthermore, the inbuilt case management has been the solution our analysts use to review and triage alerts as well as initiate playbooks.

Pros

  • Fast search times, unlike other competing solutions.
  • The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments.
  • License is suitable for organisations with lots of logs to ingest.
  • Hardware required for on premise deployments is well supported.

Cons

  • Improvements on top of Lucene/KQL to add more search functions.
  • Stability of the overall deployment.
  • Ability to run version upgrades quicker and without data ingestion problems afterward.
  • More documentation and examples about the API functionality available.
  • Reduced time to triage alerts.
  • Reduced number of alerts which need escalation to senior tiers.
  • The ability for analysts to quickly run playbooks for additional information and enrichment.
  • Ability to retain data for longer periods for forensics purposes.
  • Improved search performance compared with other SIEM solutions.
The engineers working to support Exabeam are very professional and competent. They always arrive prepared for troubleshooting meetings and provide helpful input to resolve most issues without requiring excessive escalation whenever possible. Their support team is good at promptly providing parsers that can be used to enhance the product's functionality and ensure fields are all populated.

Do you think Exabeam Fusion delivers good value for the price?

Yes

Are you happy with Exabeam Fusion's feature set?

Yes

Did Exabeam Fusion live up to sales and marketing promises?

No

Did implementation of Exabeam Fusion go as expected?

Yes

Would you buy Exabeam Fusion again?

Yes

Exabeam is very good at processing lots of logs without excessive licensing costs. It has a professional support team that's very quick to resolve any issues and provides custom parsers quickly and enables our analysts to search vast data sets without having to wait long for results to be returned. The product is getting more mature with new features every major release.
Due to the generous per-user licensing model and wide availability of prebuilt parsers with the ability for the vendor's support team to create custom ones promptly. Exabeam is great for when you have lots of logs to collect from different devices and manufacturers. Similarly, Exabeam excels if you have an in-house engineering team that is keen to explore the product, its components, and architecture in order to adapt it for your organisation's needs.

Exabeam Fusion Feature Ratings

Comments

More Reviews of Exabeam Fusion

  1. Home
  2. Identity Threat Detection & Response Software
  3. Exabeam Fusion Reviews
  4. User Review of Exabeam Fusion