Exabeam Extends Security Reach to Multiple Cloud Services

Exabeam has added support for more than 40 cloud services, including Zoom, to its security information event management (SIEM) platform also accessed via the cloud.

At the same time, Exabeam has released a free trial of Exabeam SaaS Cloud, which can ingest and behaviorally analyzes data from any cloud or on-premises data source. Available upon request, the trial is designed to provide cybersecurity teams with hands-on experience using a cloud service to secure their rapidly expanding IT environments.

Sam Humphries, senior product marketing manager and security strategist for Exabeam, said in the wake of the COVID-19 pandemic the number of cloud services being employed by organizations has exploded. This has created a major challenge for IT security teams who often are not in a position to prevent end users from accessing services they need, with more employees working from home for the foreseeable future.

At the same time, she said, cybersecurity professionals working from home need to be able to access the tools they require, which is accelerating a transition to cloud-based security tools that Humphries noted was well underway prior to the pandemic. Cybersecurity teams who employ Exabeam Data Lake and Exabeam Advanced Analytics can now analyze logs from Zoom, Workday, Ping Identity, Cloudflare, Fidelis and other cloud services.

Humphries said it takes about two weeks for Exabeam Advanced Analytics to establish new baselines indicative of abnormal behavior now that so many employees are working from home. Armed with those baselines it then becomes possible for cybersecurity teams to discern, for example, what credentials are being used at what time to access cloud services such as Zoom.

There’s no doubt many cybersecurity teams don’t have as much visibility into their IT environments now that organizations are relying on a wide array of cloud services. What was viewed as an extended snow day is now becoming the new normal, so it’s only a matter of time until organizations that have not yet updated their security tools to address cloud services will be compelled to make a change.

There is no such thing as perfect software. As the number of cloud services employed continues to increase, the size of the overall attack surface that needs to be defended is also increasing. While Zoom may be drawing a lot of attention because of its newfound popularity, Humphries noted Zoom is hardly the only cloud service that is likely to have a security issue. In fact, many of the security issues that have surfaced involving Zoom have been known for some time.

There is also no shortage of options when it comes to cloud-based security platforms. Cybersecurity teams who have not made the transition to cloud will have to weigh their options. However, they may not have as much time to evaluate those platforms, as end users seem to be adopting new cloud applications almost every day.

Featured eBook
The Dangers of Open Source Software and Best Practices for Securing Code

The Dangers of Open Source Software and Best Practices for Securing Code

More and more organizations are incorporating open source software into their development pipelines. After all, embracing open source products such as operating systems, code libraries, software and applications can reduce costs, introduce additional flexibility and help to accelerate delivery. Yet, open source software can introduce additional concerns into the development process—namely, security. Unlike commercial, or ... Read More
Security Boulevard

Michael Vizard

Mike Vizard is a seasoned IT journalist with over 25 years of experience. He also contributed to IT Business Edge, Channel Insider, Baseline and a variety of other IT titles. Previously, Vizard was the editorial director for Ziff-Davis Enterprise as well as Editor-in-Chief for CRN and InfoWorld.

mike-vizard has 464 posts and counting.See all posts by mike-vizard