Exabeam Brings AI Security Operations to On-Premises, Cloud Native and Hybrid Environments
Security operations platform provider Exabeam announced its first product release since acquiring LogRhythm earlier this year, a provider of self-hosted and cloud-native SIEM platforms, log management, network monitoring and behavior and security analytics products. Exabeam’s announcement boasts enhancements to AI and cloud-native security operation platforms.
The acquisition and today’s news highlight how cybersecurity vendors swiftly integrate AI into their security information and event management (SIEM) platforms to improve threat detection, investigation and incident response abilities. Cloud-native SIEMs with AI have indeed experienced increased adoption.
The first update announced is a new product the company calls LogRhythm Intelligence. LogRhythm Intelligence incorporates existing AI features from Exabeam and LogRhythm’s self-hosted SIEM platform for behavior analytics-based threat detection, investigation and response.
Exabeam’s chief product officer, Steve Wilson, explained to Security Boulevard that the enhanced security analytics are based on behavioral models and 1,800 fact-based rules.
Exabeam is taking steps to tackle some of the biggest challenges security operations teams face today: Surging threats, alert volumes and protecting very dynamic cloud environments. The attack surface of cloud environments is expanding continuously, and cloud-native operations shift rapidly and demand constant adjustments from security operations teams. These trends demand security teams leverage AI and machine learning capabilities and automate to the extent currently feasible.
In February 2024, Exabeam introduced its copilot, or “generative AI cybersecurity virtual assistant,” and has provided periodic updates since. Today, Wilson said Exabeam extended its copilot generative AI capabilities to include natural language assistance so that analysts can create dashboard visualizations without having to write queries, and it also streamlines report generation and indicator of compromise detection.
Since GenAI went mainstream in the winter of 2022, security vendors have promised to introduce AI security assistant copilots to their platforms. In April 2024, Microsoft announced the general availability of its Copilot for Security. Google also introduced Gemini for security operations and its Splunk AI. Vendors say these AI features accelerate security analyst training, improve understanding of security threats, and speed threat hunting and incident investigations.
The company also released new cloud collectors that help enterprise security teams capture log data more effectively and quickly identify threats to their systems and data.
New capabilities also enable analysts to create searches, dashboards and reports and execute security orchestration and automated response capabilities. Wilson said the goal is to reduce the time-consuming creation of manual rulesets and reduce false positives.
“We’ve added the ability to create new visualizations and dashboards in plain English,” Wilson said. “It used to be that if you wanted to create a dashboard to investigate something visually, or you wanted to make a daily dashboard for your chief information security officer, there was a lot of pointing and clicking and hunting to figure out exactly how you would do that, even if all the data were available in the SIEM. Now you can simply type what you want: Give me a pie chart of events in the last 14 days, and a few seconds later, you have what you want,” he said.
CISOs Hope AI Will Save Time
CISOs hope such security enhancements from AI will help speed up the time to train new security analysts and shorten the time it takes experienced analysts to investigate incidents, block threats and report findings to the broader management team. CISOs are expected to invest significantly in AI and security in the years ahead. The market research firm Market and Markets anticipates the overall artificial intelligence in the cybersecurity market to reach nearly $62 billion by 2028, up from $22 billion in 2023.
