Security analysts can leverage the Threat Intelligence Service to add risk to a session in the Exabeam Advanced Analytics user and entity behavior analytics (UEBA) solution when an IoC is involved in a user timeline, the company said. They also can use a threat indicator to automate an investigation playbook in the Exabeam Incident Responder solution or trigger an alert via a rule in the Exabeam Data Lake log management tool.
The Threat Intelligence Service will be integrated into the Exabeam Security Management Platform and available at no additional charge to customers with a current Exabeam subscription. Furthermore, the service can be used in conjunction with on-premises and hybrid and public cloud Exabeam deployments.
Exabeam Adds Case Management Module to Its UEBA Solutions
In addition to its Threat Intelligence Service announcement, Exabeam this week integrated case management functionality into the Exabeam Advanced Analytics and Exabeam Entity Analytics UEBA solutions.
Exabeam Case Management offers threat intelligence to help security analysts speed up incident response, according to the company. It includes a customizable user interface designed for security teams' workflows and leverages machine learning to provide users with relevant fields, values and data for different types of incidents.
What Does Exabeam Case Management Offer?
Key features of Exabeam Case Management include:
- Case Context: Provides security analysts with access to incidents related to cases in Exabeam Advanced Analytics and Exabeam Entity Analytics interfaces.
- Incident Cards: Offers graphical cards on each security analyst's Exabeam home page that show active incidents prioritized by severity and automates the creation of tickets based on incidents with a high risk score.
- Workflow Management: Enables security analysts to see incidents and request a merge or escalation as needed.
Exabeam Case Management is in beta testing, and it is expected to be released next month.
Today, Exabeam provides security intelligence and management solutions to organizations worldwide. The company's Security Intelligence Platform (SIP) empowers organizations with a data lake, machine learning and automated incident response capabilities.