Skip to main content

Exabeam Security Operations PlatformExabeam Security Operations Platform Administration Guide

Exabeam Security Operations Portfolio Licenses

Exabeam Security Operations Portfolio License Types

The following product licenses are available with the Exabeam Security Operations Platform:

Exabeam Security Log Management

Exabeam Security Log Management is the industry’s most advanced cloud-native solution for log ingestion, parsing, storage, and search. Built to support security use cases, Exabeam Security Log Management is the entry point for your organization, providing a lightning fast, modern search and dashboard experience across multi-year data.

Exabeam SIEM

Exabeam SIEM extends the cloud-scale capabilities of Exabeam Security Log Management with advanced features for threat detection, investigation and response (TDIR). In addition to its massively scalable ingestion, storage and intelligent search capabilities across petabytes of hot, warm, or cold data in seconds, Exabeam SIEM includes Threat Center and 100s of pre-packaged correlations. If more storage, longer storage time, or additional processing power is needed, Exabeam SIEM easily scales to meet your needs.

Exabeam Fusion

Exabeam Fusion is a comprehensive offering that marries SIEM and security investigation capabilities with advanced threat detection. With Exabeam Fusion, user and entity behavior analytics feed into your automated incident triage, investigation, and response workflows.

Exabeam Security Investigation

Similar to Exabeam Security Analytics, Exabeam Security Investigation augments a SIEM or data lake solution with the industry’s most powerful UEBA and automation and adds additional investigation capabilities. Exabeam Security Investigation provides over 1,900 UEBA rules and behavioral models to automatically baseline normal behavior of users and devices with histograms to detect, prioritize and respond to anomalies based on risk as well as prioritizes third party alerts using machine learning.

Exabeam Security Analytics

Exabeam Security Analytics enables organizations to quickly perform threat detection and analysis on existing data streams and data lake/repositories with built-in log ingestion and parsing. Threat detection is powered by user and behavioral entity analytics, correlation rules, and threat intelligence, and augmented by alerting and case/incident management.

Features by Exabeam Security Operations Portfolio License Type

The Exabeam Security Operations Portfolio is a cloud-delivered solution that is licensed as term subscriptions with five different product licenses.

The following table displays the features supported by each license type. A dash (—) indicates a feature is not supported. Where a feature is supported, additional limitations may apply. For terms, see Exabeam Product Entitlement.

Feature

Exabeam Security Log Management

Exabeam SIEM

Exabeam Fusion

Exabeam Security Investigation

Exabeam Security Analytics

Collectors

Collectors (cloud, site, context collectors; legacy cloud connectors are also available on-demand)

Security Management

Action Editor

Correlation Rules

(Limited search)

(Limited search)

Pre-built Correlation Rules

Log Stream

Context Management

TDIR

Advanced Analytics (SaaS)

Advanced Analytics retention of logs, events, sessions

(Measured in days. See Exabeam Product Entitlement for details.)

Alert Triage

Automation Management

Case Manager (SaaS)

Dashboards

(Pre-built dashboards only; No customization)

(Pre-built dashboards only; No customization)

Pre-Built Dashboards

  • Threat Center Dashboards

  • Anomaly and Risk Dashboards

  • Case Manager Dashboards

  • Compliance and Event Store Dashboards

  • Correlation Rules Dashboards

Incident Responder (includes Action Editor, Case Manager, and Alert Triage)

See Add Ons.

Search

(Unlimited anomalies; limited third-party events per search)

(Unlimited anomalies; limited third-party events per search)

Threat Center

Platform Insights

Outcomes Navigator

Service Health and Consumption

Add Ons

Exabeam Security Log Management Extension

Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules

Exabeam SIEM Extension

Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules

Exabeam Fusion Extension

Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules

Long-term Search

Long-term, easily accessible log storage with search and export capabilities

Long-term Storage

Long-term, easily accessible log storage with limited search capabilities

Exabeam Ingester for CrowdStrike

Collects filtered CrowdStrike Falcon Data Replicator (FDR) content

Dynamic Alert Prioritization

Incident Responder

Action Editor

The entitlements for Exabeam products, SaaS, and Technical Support offerings are limited to those described in Exabeam Product Entitlement. In the event of a conflict between the documentation, including this page, and the Product Entitlement Document, the Product Entitlement Document shall prevail.