Editorial & Advertiser Disclosure Global Banking And Finance Review is an independent publisher which offers News, information, Analysis, Opinion, Press Releases, Reviews, Research reports covering various economies, industries, products, services and companies. The content available on globalbankingandfinance.com is sourced by a mixture of different methods which is not limited to content produced and supplied by various staff writers, journalists, freelancers, individuals, organizations, companies, PR agencies etc. The information available on this website is purely for educational and informational purposes only. We cannot guarantee the accuracy or applicability of any of the information provided at globalbankingandfinance.com with respect to your individual or personal circumstances. Please seek professional advice from a qualified professional before making any financial decisions. Globalbankingandfinance.com also links to various third party websites and we cannot guarantee the accuracy or applicability of the information provided by third party websites.
Links from various articles on our site to third party websites are a mixture of non-sponsored links and sponsored links. Only a very small fraction of the links which point to external websites are affiliate links. Some of the links which you may click on our website may link to various products and services from our partners who may compensate us if you buy a service or product or fill a form or install an app. This will not incur additional cost to you. For avoidance of any doubts and to make it easier, you may consider any links to external websites as sponsored links. Please note that some of the services or products which we talk about carry a high level of risk and may not be suitable for everyone. These may be complex services or products and we request the readers to consider this purely from an educational standpoint. The information provided on this website is general in nature. Global Banking & Finance Review expressly disclaims any liability without any limitation which may arise directly or indirectly from the use of such information.

Exabeam Announces New Threat Intelligence Service

Cloud-based offering helps organisations consolidate and analyse threat indicators; included with all Exabeam subscriptions 

Exabeam, the next-gen security management company, today announced Exabeam Threat Intelligence Service, a cloud-based offering that aggregates threat indicators from multiple online sources.

The new service will be an integral part of the Exabeam Security Management Platform and available at no additional charge to customers with a current Exabeam subscription.

Exabeam Threat Intelligence Service collects potential indicators of compromise (IoCs), including suspicious IP addresses, blacklisted IP addresses, known phishing URLs, and malicious file signatures. Machine algorithms are then applied to remove false positives and rank each indicator. To do this, the Exabeam Security Management platform uses behavioural analytics techniques, similar to those used to assess users or devices, to baseline IoCs and gain a more relevant picture of the threats in the environment.

Analysts will be able to leverage the feeds directly in Exabeam products, simplifying the task of understanding the impact of a potential threat and saving time conducting the investigation. The analytics engine in the Exabeam Security Management Platform will automatically match the IoCs to user and device activities to more accurately assess their risk level. Security analysts can use the new service in several ways, including to:

  • Add risk to a session in Exabeam Advanced Analytics when an IoC is involved in a user timeline, such as malware detected on a user’s laptop
  • Automate an investigation playbook in Exabeam Incident Responder using a threat indicator, such as a known phishing URL or webmail IP address
  • Trigger an alert via a rule in Exabeam Data Lake if an indicator of compromise is detected, such as a known endpoint from a TOR network

“Threat intelligence has always been a good idea but hard to use in practice. The problem is that using the intel is a manual process that eats up an analyst’s time,” said Exabeam CEO Nir Polak. “The stumbling block has always been integration into analyst workflows. By making it available at no extra charge, increasing the value using machine learning, and integrating it directly into our platform, we make it simple. No other enterprise SIEM can offer what Exabeam’s new Threat Intelligence Service does.”

“Organisations are failing at early breach detection, with more than 80% of breaches undetected by the breached organisation. The situation can be improved with threat intelligence, behaviour profiling and effective analytics. SIEM vendors continue to increase their native support for behaviour analysis capabilities as well as integrations with third-party technologies, and Gartner customers are increasingly expressing interest in developing use cases based on behaviour,” wrote Kelly Kavanagh and Toby Bussa, research analysts at Gartner. Exabeam was recognised as a Visionary in Gartner’s 2017 Magic Quadrant for Security Information and Event Management.

Delivered from the cloud, Exabeam Threat Intelligence Service can work with any Exabeam deployment, whether on premises, in a public cloud, or hybrid. Centrally managed, the offering adds no overhead to the operations of customers and will benefit from periodic enhancements. Exabeam Threat Intelligence Service is the first of several planned cloud security services that will form an integral part of the Exabeam Security Management Platform.

For more information on the Exabeam Threat Intelligence Service, announced at the company’s inaugural customer conference Spotlight 18, please visit https://www.exabeam.com/product/.

Source: Gartner, Inc., Magic Quadrant for Security Information and Event Management, December 4, 2017

Gartner disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.