New Exabeam Ingester for CrowdStrike app available via online store, resellers
Exabeam, a specialist in security information and event management (SIEM), has a new app in the online CrowdStrike Store that will enable users to more easily detect and identify abnormal or risky behavior that might indicate a potential cyberattack.
The Lowdown: The company’s new Exabeam Ingester for CrowdStrike app is a user and entity behavior analytics (UEBA) tool that gathers endpoint telemetry from CrowdStrike’s Falcon platform and augments it with real-time data streaming, using a pre-built connector to detect advanced threats.
The Details: The app, announced this week, is designed to do all this in a tightly integrated cloud-to-cloud manner that requires only a single click to deploy. The software applies Exabeam’s UEBA to the near-real time endpoint data from CrowdStrike without the user having to do any ingesting or indexing of the data.
Exabeam Ingester for CrowdStrike also enables businesses to detect both advanced and insider threats by helping to thwart issues like lateral movement by bad actors, the compromising of credentials, and data exfiltration. It natively integrates with Exabeam’s Advanced Analytics technology so analysts can leverage automatic alert prioritization and machine-built incident timelines, accelerating investigations and shortening an organization’s response time to incidents.
Exabeam is making the app available both through the CrowdStrike Store and via its reseller channel partners.
The Impact: Enterprises are beginning to embrace the idea of migrating their security tools to the cloud but also have a number of concerns. According to a survey released in March by Exabeam, almost three quarters of respondents said they began moving to cloud-based security products between 2018 and 2020, while 13% have not yet started. The rest are unsure when they will. Almost 60% of those who have started the move have migrated at least a quarter of their tools to the cloud, while 33% said more than half of their tools are now based in the cloud.
Respondents said they’ve seen benefits from leveraging the cloud for security, from better monitoring and tracking of attacks (29%) to reduced maintenance (22%) and capital expenses (18%). However, it’s a mixed bag, with respondents also saying they have concerns, including data privacy (30%), unauthorized access (16%), server outages (14%), and data sovereignty (13%).
The Buzz: “By launching an app in the CrowdStrike Store, CrowdStrike and Exabeam deliver a fully integrated SaaS [Software-as-a-Service] offering that provides customers with the flexibility to solve complex security management problems, while also adhering to cloud-first and cloud-only procurement mandates,” Exabeam CEO Nir Polak said. “Our goal is to empower SOC [security operations center] analysts to detect advanced threats and protect the enterprise, and this new application makes that possible in a robust yet efficient way.”
“With this partnership, we are providing our customers another use case for the industry-leading telemetry of the CrowdStrike Falcon platform and the power of the CrowdStrike Store, allowing them to solve for advanced security challenges without adding complexity,” said Amol Kulkarni, chief product officer at CrowdStrike. “We are pleased to strengthen our partnership with Exabeam and enable our customers to experience the combined power of our solutions.”