Exabeam pushes AI-driven security with Threat Center & Copilot

Mon, 4th Mar 2024

Exabeam has unveiled two game-changing cybersecurity features for its AI-driven Security Operations Platform: Threat Center and Exabeam Copilot. The Threat Center is a first-in-market amalgamation, envisioned as a consolidated workbench for threat detection, investigation, and response (TDIR) that simplifies and centres security analyst workflows. In contrast, Exabeam Copilot utilises generative AI to assist analysts in swiftly comprehending active threats, providing best-practice guidance for speedy responses. These innovative technical advancements are set to dramatically decrease learning curves for security analysts and significantly boost productivity within the Security Operations Centre (SOC).

Chief Product Officer at Exabeam, Steve Wilson, states, "We built Threat Center with Exabeam Copilot to give security analysts a simple, central interface to execute their most critical TDIR functions, automate routine tasks, and supercharge investigations for analysts at any skill level." Wilson added, "These new features amp up the value of our AI-driven security operations platform and take analyst productivity, efficiency, and effectiveness to new heights. Threat Center helps security analysts overcome one of the biggest challenges we've heard from them - having to deal with too many fragmented interfaces in their environments."

Security operations teams often grapple with managing a plethora of security tools, leading to siloed data and missed threats due to a lack of visibility. This can make comprehending their entire threat landscape and executing TDIR quite challenging. As per a recent Exabeam report, The State of Threat Detection, Investigation, and Response (TDIR) Report 2023, organisations worldwide reported they could only monitor approximately 66% of their IT environments. These blindspots leave room for undetected threats.

The Threat Center aims to streamline these processes, enabling companies to respond faster to threats in their covered areas. Powered by AI-driven detection, the Exabeam platform can easily identify high-risk threats by learning the normal behaviour of users and entities, prioritising threats with context-aware risk scoring – all now presented through the Threat Center interface.

Additionally, Exabeam revealed in their report that only slightly over half (53%) of global organisations have automated 50% or less of their TDIR workflow. The integration of Threat Center and Exabeam Copilot within the Exabeam Security Operations Platform applies AI and automation to security operations workflows. This holistic approach to cyber threats assists companies in remedying a lack of automation, ultimately accelerating their response.

The Threat Center unifies threat management, investigation tools and automation, hence accelerating and efficiently investigating and responding to threats. Exabeam Copilot, powered by an advanced security-trained, generative AI model, enhances security analyst investigations. This amalgamation helps analysts understand an entire threat landscape that spans multiple detections, reducing the need to pivot between separate locations. It also allows security analysts to make complex, powerful search queries in plain language and optimise SOC team collaboration with case sharing, case escalation and shared notes.

Besides identifying high-risk threats, providing faster, more accurate investigation and response, and improving threat coverage, the AI-driven Exabeam Security Operations Platform enables security teams to realise the full potential of their security investments. The company also announced that customers can now add Exabeam TDIR capabilities to existing Microsoft Sentinel deployments to realise new potential from their Security Information and Event Management (SIEM).

These transformative features from Exabeam are expected to be widely available from March 2024.