Exabeam Releases New SIEM Lineup


By: Mary Jander

Security analytics startup Exabeam has reworked its product portfolio and added new capabilities to make its cloud-native security information and event management (SIEM) system more powerful and accessible.

To start with, the vendor has rearranged its products under the brand name New-Scale SIEM, which is based on its Exabeam Security Operations Platform (formerly known as its Exabeam Security Management Platform). The new lineup includes a suite of five products that were formerly sold as capabilities of the platform, now available as discrete, enhanced services for a disaggregated “mix and match” approach.

The five products, which run on Google Cloud, include a new Exabeam Security Log Management tool to “ingest, parse, store, and search log data with powerful dashboarding and correlation,” according to the press release. To this can be added Exabeam SIEM, which adds correlation, analytics, and incident management for users looking to gather data from third-party sources. These include on-premises information from Cisco, VMware, IBM, and other IT wares; cloud-based data from AWS, Github, Azure, and more; as well as sources such as Active Directory.

A third and pivotal product, Exabeam Fusion, provides a data lake for security log management and, with the help of two more products --- Exabeam Security Analytics and Exabeam Security Investigation -- offers behavioral analytics (including user entity and behavior analytics, or UEBA), and threat detection, investigation, and response (TDIR). Exabeam Security Analytics and Exabeam Security Investigation can optionally run on a customer’s third-party stack as well as on Fusion.

All of the New-Scale SIEM products are generally available today.

Integration Is Key to Exabeam’s Strategy

So why would Exabeam unbundle its products when users are clamoring for more unified security tools? The reason seems to be to make them easier to integrate with existing third-party products.

Exabeam’s powerful SIEM capabilities are preconfigured to work with over 500 on-premises and cloud-native IT and security applications. But some customers will want log management only, preferring SIEM capabilities from their existing vendors. Still others will want to augment or completely replace their SIEM systems with Exabeam's, while retaining other third-party data management features. Breaking up specific functions into separate packages of services gives users more choice.

For instance, Exabeam can take data from Github, process it for security purposes, and connect the results to a Palo Alto security incident response system, as indicated in the diagram below:

Exabeam's integration ecosystem. Source: Exabeam

Exabeam’s New-Scale SIEM release is the latest effort toward the company’s goal to become the “number one trusted cloud SecOps platform on the market” – as co-founder Nir Polak expressed the company’s mission last year, when Exabeam raised $200 million in funding on a valuation of $2.4 billion.

So far, the plan seems to be working. Industry sources put Exabeam’s annual recurring revenue at about $100 million. It has 700 employees and is growing its roster. But while IPO seemed a possibility last year, those plans have likely stalled with the market downturn.

Meanwhile, competitors aren’t standing still. A glance at Exabeam’s ecosystem reveals many security players who also offer SIEM, including archrival Splunk (Nasdaq: SPLK). And as credential-based attacks, ransomware, and malware of all kinds grow exponentially, the roster is likely to expand.

Still, Exabeam seems to be staying on track so far, and its latest product revamp indicates it’s honing its sabers for ongoing market infiltration.