• Exabeam

  • Exabeam

Exabeam Security Analytics

Automated threat detection powered by user and entity behavior analytics (UEBA) with correlation and threat intelligence.

Transform your legacy SIEM or data lake with UEBA

Exabeam Security Analytics is the only UEBA product in the market that can run on top of an existing SIEM or data lake to upgrade an organization’s defenses and contend with sophisticated and credential-based attacks. Exabeam Security Analytics ingests, parses and normalizes data using a common information model (CIM) focused on security, data enrichment using threat intelligence and other context, helps create security events. Exabeam Security Analytics UEBA capabilities baseline normal behavior for users and devices and highlights anomalies, assigning a risk score to each notable event.

Flexible integration to augment your security investments

Exabeam Security Analytics runs on top of a legacy SIEM or data lake to upgrade an organization’s defenses and contend with sophisticated and credential-based attacks. This enhances your existing investments and data repository.


200+ on-premises connectors

60+ cloud-delivered security product connectors

10+ SaaS productivity product connectors

20+ cloud infrastructure product connectors

7,937 pre-built parsers

65 SOAR integrations

576 SOAR response actions

Upgrade your security team confidence, speed, and performance while getting more out of your existing cloud and on-premises infrastructure, as you unify them into a single control plane for monitoring and operations.

Understand normal behavior

To understand normal behavior and detect anomalies, even as normal keeps changing, all user and device activities get baselined and assigned a risk score. 1,800 rules, including cloud infrastructure security, and over 750 behavioral model histograms power Smart Timelines™ to convey the complete history of an incident, showing complete event flows, like lateral movement and credential use, visualizing the risk score associated with each event. The results: find and stop the threats others tools miss, and uplevel your security team speed and performance to stay ahead of your adversaries.

Detect and prioritize anomalies

Exabeam UEBA capabilities include over 1,800 rules and over 750 behavioral model histograms to find advanced threats, including credential-based attacks, insider threats, and ransomware activity. Smart Timelines™ visualize the complete history of an incident and highlight the risk associated with each event. Anomaly Search in Exabeam Security Analytics provides a simplified search experience with fast query and instant results. A single interface allows analysts and threat hunters to search for Exabeam-triggered events across their data repository, pairing behavior-based TTP detection with known IoCs to enhance threat hunting.

How it works

Exabeam Security Analytics transforms legacy capabilities to take on complex threats like credential-based attacks. Exabeam Security Analytics includes prescriptive use case content that delivers coverage on specific threat types (e.g. ransomware, phishing, malware, compromised credentials). To provide a better understanding of your security posture, the Security Analytics Outcomes Navigator analyzes your use case coverage and offers data source, and parsing configuration changes to close any gaps.