During the Black Hat USA 2020 Virtual Event, Exabeam, the Smarter SIEM™ company, announced that customers can now licence its cloud SIEM technology by use case, beginning with licensable use cases for expedited insider threat and compromised credential detection. In addition, to simplify the process of acquiring and installing critical security content, the company is unveiling the new Exabeam Content Library, an easy-to-use security content repository to help organisations deploy advanced use cases more efficiently. Exabeam use case content increases threat visibility and enables security operations centre (SOC) teams to extract more value from their SIEM. According to the ‘Exabeam 2020 State of the SOC Report,’ security managers and analysts rated their ability to create content the lowest among all hard skills, yet creating rules and models to detect advanced threats, like lateral movement and credential switching, is critical to their security maturity. By providing a simple way to acquire the content needed to detect and remediate these critical security use cases, Exabeam is speeding the time to maturity for organisations. Security business needs “Security use cases for a SIEM tool should be a priority in the CISO’s tool box, and should not only cater to basic security hygiene, for which best practices exist, but also cater to the business needs of the organisation,” wrote Gorka Sadowski, senior director analyst at Gartner in a Gartner report. The Content Library is an online repository of knowledge and content that organisations can use to roll out new use cases. The initial release allows customers to quickly map data sources to security use cases and to download the necessary parsers. Exabeam is also announcing new, easy-to-implement content and tools to help customers maintain security as they adapt to a remote workforce. Investigate data exfiltration Exabeam is further enabling security teams to rapidly obtain value by detecting insider threats" Exabeam Cloud Connector for Code42 allows security teams to quickly detect and investigate data exfiltration by departing and remote employees, as well as the leak of high value data during a merger or acquisition. This announcement follows the previous release of the Exabeam Cloud Connector for Zoom. The ability for Exabeam solutions to easily plug into existing security environments enhances SOC team speed and efficacy. “New research shows that one-third of organisations have been hit with successful cyberattacks since the forced move to work from home. As security teams rush to respond to the pandemic and the increase in threats, it is critical that they find cost-effective ways to strengthen and mature their security posture,” commented Adam Geller, chief product officer, Exabeam. “In announcing these innovations, Exabeam is further enabling security teams to rapidly obtain value by detecting insider threats and compromised credentials and improving their security posture for remote employees.” Turnkey Playbooks “Unlike other SIEM vendors, Exabeam has allowed us to quickly add analytics to detect and investigate insider threats without having to replace our existing log management investment,” explained Director Damien Manuel, Cyber Security Research and Innovation Centre at Deakin University. “That’s a critical capability in the context of constantly evolving risks and potential vulnerabilities, and it gives us a smarter strategy to protect our organisation, employees, customers and data.” Exabeam has also released the first of its previously announced Turnkey Playbooks, automated solutions for common security investigations that do not require third-party licences or configuration. The new Turnkey Playbook for Threat Intelligence automatically identifies malicious domains, IP addresses, URLs, files, and email addresses with no additional configuration or third-party threat intelligence licences required.
Exabeam, the Smarter SIEM company, announced the appointment of former Palo Alto Networks executive Adam Geller to Chief Product Officer. In his role, Geller will be responsible for aligning the product and engineering departments to drive strategy and innovation to Exabeam’s portfolio and will report directly to CEO Nir Polak. Throughout Geller’s 20-year career in the information security industry, he has led product teams to build and deliver cutting-edge security offerings. Before joining the Exabeam team, he served as Senior Vice President of Cloud Delivered Security, Product and Engineering at Palo Alto Networks. Cloud access security broker During his tenure at the network security firm, he led the cloud transformation of the company by launching the VM-Series next-generation firewalls across multiple public and private clouds, growing cloud access security broker (CASB) and new data loss prevention (DLP) capabilities for SaaS security, and driving the expansion into securing public cloud infrastructure with the acquisitions of Evident and RedLock. Geller’s expertise will serve to build out Exabeam’s entire cloud portfolio, including the Exabeam Cloud Platform Most recently, he developed and ran Palo Alto Networks’ SASE (Prisma Access and SD-WAN), which runs as a global cloud service in both Amazon Web Services and Google Cloud Platform. Prior to Palo Alto Networks, Geller led the development of NTT Ltd.’s next-generation managed security services platform and worked with cyber security and technology companies Symantec and Verisign. Cloud-based security tools With more organisations adopting cloud-based security tools to adapt to the increase in targeted cyber threats and remote work environments, Geller’s expertise will serve to build out Exabeam’s entire cloud portfolio, including the Exabeam Cloud Platform (ECP) launched earlier this year. Since the debut, Exabeam’s cloud services have become highly sought after by enterprises around the world. More than half of the company’s sales in 2020 have been from cloud services. The momentum has been built on consistent improvements to Exabeam’s cloud-first product and partner strategy, including the ECP, Exabeam SaaS Cloud Essential for SMEs and an enhanced partner programme accessible via the cloud for MSSPs and managed detection and response (MDR) providers. Geller will continue this momentum in conjunction with the company’s technology partners. Rapidly growing SaaS practice His experience and discipline will ensure we continue our trajectory to become the overall SIEM market leader" “A strong product with an equally advanced partner ecosystem play is key for any SIEM solution, and Geller will be responsible for ensuring alignment for our continued success,” said Polak. “We are excited to welcome him to the team, as he thoroughly understands what is needed in today’s growing market and has a proven track record of leading product teams at scale. His experience and discipline will ensure we continue our trajectory to become the overall SIEM market leader, and his cloud expertise will help drive our already rapidly growing SaaS practice.” Security management solutions “I am looking forward to leading the direction of Exabeam’s security management solutions, which have already made a significant impact in the SIEM market to date,” said Geller. "As cyber threats continue to evolve, it is more critical than ever to help our clients predict security incidents and enforce response postures on-premise and in the cloud. With more teams working remotely, the shift to meeting and collaborating online in a cloud-based work environment is a learning curve for most security organisations. I look forward to creating solutions that will make it possible for them to best protect their businesses in today’s new world.”