Security Operations, Channel partners, Content, Security Program Controls/Technologies

Exabeam Unveils MITRE ATT&CK Framework for SIEM Platform

Exabeam, a security information and event management (SIEM) platform provider, has integrated MITRE ATT&CK Framework labels into its Security Management Platform (SMP). The company announced the news at this week's Spotlight19 user conference in San Francisco, California.

SMP detection methods are now mapped to the MITRE ATT&CK Framework to provide a common taxonomy for security analysts, Exabeam said. As such, SMP helps security analysts accelerate threat investigations and incident response.

Furthermore, security analysts can use SMP to view and filter MITRE ATT&CK Framework techniques within Exabeam Smart Timelines, the company stated. This allows security analysts to investigate security incidents without querying multiple systems.

Security analysts also can search for MITRE ATT&CK Framework tactics and techniques using the Exabeam Threat Hunter user and entity behavior analytics (UEBA) solution, the company indicated. This provides security analysts with drop-down menus and a point-and-click interface that they can use to search threat queries.

Exabeam Unveils SMP Enhancements

In addition to MITRE ATT&CK Framework labels, Exabeam unveiled the following SMP enhancements at Spotlight19:

  • Cross-Cluster Search: Enables security analysts to search up to seven clusters across data environments.
  • Customizable Incidents: Allows security analysts to customize incident types, values and layouts.
  • Disaster Recovery: Provides incident details, playbooks and actions to help improve disaster recovery.
  • Incident Response Checklists: Ensures that security analysts can create checklists to standardize their incident response efforts.

Security analysts use SMP to collect unlimited log data, leverage behavioral analytics to detect cyberattacks and automate incident response, Exabeam noted. Also, more than 350 software and services vendors have joined Exabeam's Technology Alliance Program and integrated SMP into their portfolios.

Dan Kobialka

Dan Kobialka is senior contributing editor, MSSP Alert and ChannelE2E. He covers IT security, IT service provider business strategies and partner programs. Dan holds a M.A. in Print and Multimedia Journalism from Emerson College and a B.A. in English from Bridgewater State University. In his free time, Dan enjoys jogging, traveling, playing sports, touring breweries and watching football.