Editorial & Advertiser disclosure

Global Banking and Finance Review is an online platform offering news, analysis, and opinion on the latest trends, developments, and innovations in the banking and finance industry worldwide. The platform covers a diverse range of topics, including banking, insurance, investment, wealth management, fintech, and regulatory issues. The website publishes news, press releases, opinion and advertorials on various financial organizations, products and services which are commissioned from various Companies, Organizations, PR agencies, Bloggers etc. These commissioned articles are commercial in nature. This is not to be considered as financial advice and should be considered only for information purposes. It does not reflect the views or opinion of our website and is not to be considered an endorsement or a recommendation. We cannot guarantee the accuracy or applicability of any information provided with respect to your individual or personal circumstances. Please seek Professional advice from a qualified professional before making any financial decisions. We link to various third-party websites, affiliate sales networks, and to our advertising partners websites. When you view or click on certain links available on our articles, our partners may compensate us for displaying the content to you or make a purchase or fill a form. This will not incur any additional charges to you. To make things simpler for you to identity or distinguish advertised or sponsored articles or links, you may consider all articles or links hosted on our site as a commercial article placement. We will not be responsible for any loss you may suffer as a result of any omission or inaccuracy on the website.

Technology

Posted By Gbaf News

Posted on September 14, 2018

Exabeam Announces New Threat Intelligence Service

Cloud-based offering helps organisations consolidate and analyse threat indicators; included with all Exabeam subscriptions 

Exabeam, the next-gen security management company, today announced Exabeam Threat Intelligence Service, a cloud-based offering that aggregates threat indicators from multiple online sources.

The new service will be an integral part of the Exabeam Security Management Platform and available at no additional charge to customers with a current Exabeam subscription.

Exabeam Threat Intelligence Service collects potential indicators of compromise (IoCs), including suspicious IP addresses, blacklisted IP addresses, known phishing URLs, and malicious file signatures. Machine algorithms are then applied to remove false positives and rank each indicator. To do this, the Exabeam Security Management platform uses behavioural analytics techniques, similar to those used to assess users or devices, to baseline IoCs and gain a more relevant picture of the threats in the environment.

Analysts will be able to leverage the feeds directly in Exabeam products, simplifying the task of understanding the impact of a potential threat and saving time conducting the investigation. The analytics engine in the Exabeam Security Management Platform will automatically match the IoCs to user and device activities to more accurately assess their risk level. Security analysts can use the new service in several ways, including to:

  • Add risk to a session in Exabeam Advanced Analytics when an IoC is involved in a user timeline, such as malware detected on a user’s laptop
  • Automate an investigation playbook in Exabeam Incident Responder using a threat indicator, such as a known phishing URL or webmail IP address
  • Trigger an alert via a rule in Exabeam Data Lake if an indicator of compromise is detected, such as a known endpoint from a TOR network

“Threat intelligence has always been a good idea but hard to use in practice. The problem is that using the intel is a manual process that eats up an analyst’s time,” said Exabeam CEO Nir Polak. “The stumbling block has always been integration into analyst workflows. By making it available at no extra charge, increasing the value using machine learning, and integrating it directly into our platform, we make it simple. No other enterprise SIEM can offer what Exabeam’s new Threat Intelligence Service does.”

“Organisations are failing at early breach detection, with more than 80% of breaches undetected by the breached organisation. The situation can be improved with threat intelligence, behaviour profiling and effective analytics. SIEM vendors continue to increase their native support for behaviour analysis capabilities as well as integrations with third-party technologies, and Gartner customers are increasingly expressing interest in developing use cases based on behaviour,” wrote Kelly Kavanagh and Toby Bussa, research analysts at Gartner. Exabeam was recognised as a Visionary in Gartner’s 2017 Magic Quadrant for Security Information and Event Management.

Delivered from the cloud, Exabeam Threat Intelligence Service can work with any Exabeam deployment, whether on premises, in a public cloud, or hybrid. Centrally managed, the offering adds no overhead to the operations of customers and will benefit from periodic enhancements. Exabeam Threat Intelligence Service is the first of several planned cloud security services that will form an integral part of the Exabeam Security Management Platform.

For more information on the Exabeam Threat Intelligence Service, announced at the company’s inaugural customer conference Spotlight 18, please visit https://www.exabeam.com/product/.

Source: Gartner, Inc., Magic Quadrant for Security Information and Event Management, December 4, 2017

Gartner disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner’s research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.

Recommended for you

  • How can we ensure privacy in the digitization of healthcare?

  • Quantum Computing: Unleashing Disruptive Potential and Strategic Industry Implications

  • Integrity360 accelerates further with Nclose acquisition