Exabeam added generative artificial intelligence (AI) capabilities to the company’s New-Scale security information event management (SIEM) platform.
Developed in collaboration with Google, Threat Explainer is based on a SecPaLM 2 large language model (LLM) created specifically for cybersecurity use cases. In this instance, Threat Explainer uses historical data to classify threats, summarizes their level of risk to the business and provides remediation recommendations.
In addition, Exabeam has extended the existing machine learning algorithms it embeds within its SIEM to capture telemetry data to identify log source configuration errors. A new data telemetry capability uses ML to alert customers about possible log source configuration errors that could result in significant differences between predicted and actual data volumes to help avoid billing overages.
Exabeam CEO Adam Geller said the overall goal is to investigate incidents and remediate issues to reduce the overall level of cybersecurity fatigue. That fatigue often results in cybersecurity teams becoming burnt out by the volume of alerts that need to be investigated. AI will, in effect, streamline threat detection and incident response (TDIR) by automating workflows using a built-in security orchestration, automation and response (SOAR) engine, he added.
The New-Scale SIEM was unveiled by Exabeam last year. Since then, the company has been steadily infusing it with machine learning algorithms to make it simpler to manage cybersecurity investigations at scale. Now, the company, for the first time, is adding generative AI capabilities.
As the volume and sophistication of cybersecurity attacks has increased, it’s become more critical than ever to detect threats as quickly as possible. The longer a threat goes undetected, the greater the blast radius becomes. The challenge has been that cybersecurity platforms tend to generate an overwhelming number of alerts with varying levels of urgency. Over time, cybersecurity teams will become inured to those alerts as the number of them that turn out to be false positives steadily increases. Generative AI promises to streamline the number of alerts generated and make it easier to comprehend the level of risk a threat may represent.
That capability should help reduce staff turnover as fatigue levels drop and also make it easier to onboard new members to a cybersecurity team, as the hope is they will not need as much experience to be effective, noted Geller.
At this point, it’s more a question of to what degree AI will be applied to cybersecurity rather than if. Most cybersecurity professionals are not going to want to work for organizations that don’t provide them with the tools required to succeed, so it’s only a matter of time before most organizations will be required to update their defenses. There will, of course, be a cost associated with making those upgrades, but when compared to the cost of a cybersecurity breach, the return on that investment is too compelling to ignore.
About Exabeam
Exabeam is a global cybersecurity leader that helps organizations detect threats, defend against cyberattacks, and defeat adversaries. Exabeam was the first to put AI and machine learning in its products to deliver behavioral analytics on top of SIEM. Today, our New-Scale SIEMTM includes cloud-scale security log management, powerful behavioral analytics, and automated threat detection, investigation and response (TDIR) to provide an advantage against cyberthreats. Exabeam baselines normal behavior so security operations teams can identify the abnormal and take action — for faster, more complete responses and repeatable security outcomes.
For more information or to order test solutions
