Exabeam, a security information and event management (SIEM) platform provider, has integrated MITRE ATT&CK Framework labels into its Security Management Platform (SMP). The company announced the news at this week's Spotlight19 user conference in San Francisco, California.
SMP detection methods are now mapped to the MITRE ATT&CK Framework to provide a common taxonomy for security analysts, Exabeam said. As such, SMP helps security analysts accelerate threat investigations and incident response.
Furthermore, security analysts can use SMP to view and filter MITRE ATT&CK Framework techniques within Exabeam Smart Timelines, the company stated. This allows security analysts to investigate security incidents without querying multiple systems.
Security analysts also can search for MITRE ATT&CK Framework tactics and techniques using the Exabeam Threat Hunter user and entity behavior analytics (UEBA) solution, the company indicated. This provides security analysts with drop-down menus and a point-and-click interface that they can use to search threat queries.
Exabeam Unveils SMP Enhancements
In addition to MITRE ATT&CK Framework labels, Exabeam unveiled the following SMP enhancements at Spotlight19:
- Cross-Cluster Search: Enables security analysts to search up to seven clusters across data environments.
- Customizable Incidents: Allows security analysts to customize incident types, values and layouts.
- Disaster Recovery: Provides incident details, playbooks and actions to help improve disaster recovery.
- Incident Response Checklists: Ensures that security analysts can create checklists to standardize their incident response efforts.
Security analysts use SMP to collect unlimited log data, leverage behavioral analytics to detect cyberattacks and automate incident response, Exabeam noted. Also, more than 350 software and services vendors have joined Exabeam's Technology Alliance Program and integrated SMP into their portfolios.