Exabeam is embracing the Open-AI Standard (OAS) in a move that not only will make its security operations platform more automated and open but also will deliver similar enhancements to MSSPs that use it.
The Foster City, California-based company this week announced that its New-Scale Security Operations Platform is now compatible with the venerable OAS, which is important to security vendors and service providers that want to more easily bring automation to their security operations center (SOC) capabilities.
This is particularly important when it comes to responding to threats, according to Steve Wilson, chief product officer at Exabeam, adding that there are few metrics are more important when a cyberattack happens than mean time to respond (MTTR).
“When we look at TDIR [threat detection, investigation, and response] workflows, automating the [response] is a critical part of optimizing MTTR,” Wilson told MSSP Alert. “Automating responses may involve connecting to many types of third-party systems.”
Automation is Key
With the OAS support behind Exabeam’s Automation Management tool, analysts will now be able to quickly onboard thousands of third-party integrations and build automation without having to write code, Kevin Binder, senior product marketing manager at Exabeam, wrote in a blog post, adding that “for engineers preferring more control, Automation Management also supports creating both basic and advanced integrations using Python or a no-code point-and-click interface.”
Automation solutions traditionally have required developer-level skills to connect these systems, Wilson said. Exabeam’s use of OpenAPI in its new automation solution instantly enables security teams to connect to modern software-as-a-service (SaaS) services using simple low-code or no-code workflows. Service providers will see similar benefits.
“This new announcement makes it dramatically easier for MSP and MSSPs to create new automations,” Wilson said. “This can have the dual benefit of improving service levels and reducing their own overhead, all while improving the MTTR metrics that are so important to their customers.”
The Need for SOCs
SOCs are playing increasingly larger roles in organizations’ cybersecurity operations as the number of cyberattacks increase in number and sophistication, the growing number of Internet of Things and other connected devices, and the amount of data being generated. Polaris Market Research is expecting the global SOC market to expand from $7.4 billion last year to $16.18 billion by 2032.
SOC capabilities are at the heart of the services that MSSPs provide to organizations that may not have the money or in-house talent to create and operating their own SOCs.
“The challenges facing Security Operations Centers (SOCs) are growing as the cybersecurity landscape becomes more complex,” Exabeam’s Binder wrote. “Analysts are overwhelmed by too many alerts, outdated workflows, and disconnected tools, making it harder to stay ahead of advanced threats.”
Expanding the New-Scale Platform
The enhancements in the New-Scale Security Operations Platform include New-Scale Analytics for threat-detection capabilities that learn over time and applies business factors to risk scoring, all of which automates the tuning, reduces noise, and integrates event logs that come in late.
Exabeam also is unifying threat detection and response via New-Scale Analytics, bringing together the company’s Threat Center’s capabilities for managing detections and cases with the generative AI capabilities of Exabeam Copilot to deliver concise threat summaries, natural language search, and automated investigations.
In addition, there is streamlined triage in Threat Center via detection-grouping capabilities and, as an open platform, New-Scale Analytics can be easily adopted by partners.
The vendor’s LogRhythm SIEM platform now includes better searches across warm data and support for Cloudflare Beat for improved visibility into logs stored in Amazon Web Services’ S3 cloud storage service.
Exabeam also is making Netmon – a technology for collecting telemetry data that was developed by LogRythm, which Exabeam merged with last summer – available across the entire Exabeam portfolio. It will bring in insights from more than 3,500 applications to analyze traffic and other data points and automate threat detection, according to Exabeam.
