Exabeam Security Operations Portfolio Licenses
Exabeam Security Operations Portfolio License Types
The following product licenses are available with the Exabeam Security Operations Platform:
Exabeam Security Log Management
Exabeam Security Log Management is the industry’s most advanced cloud-native solution for log ingestion, parsing, storage, and search. Built to support security use cases, Exabeam Security Log Management is the entry point for your organization, providing a lightning fast, modern search and dashboard experience across multi-year data.
Exabeam SIEM
Exabeam SIEM extends the cloud-scale capabilities of Exabeam Security Log Management with advanced features for threat detection, investigation and response (TDIR). In addition to its massively scalable ingestion, storage and intelligent search capabilities across petabytes of hot, warm, or cold data in seconds, Exabeam SIEM includes Threat Center and 100s of pre-packaged correlations. If more storage, longer storage time, or additional processing power is needed, Exabeam SIEM easily scales to meet your needs.
Exabeam Fusion
Exabeam Fusion is a comprehensive offering that marries SIEM and security investigation capabilities with advanced threat detection. With Exabeam Fusion, user and entity behavior analytics feed into your automated incident triage, investigation, and response workflows.
Exabeam Security Investigation
Similar to Exabeam Security Analytics, Exabeam Security Investigation augments a SIEM or data lake solution with the industry’s most powerful UEBA and automation and adds additional investigation capabilities. Exabeam Security Investigation provides over 1,900 UEBA rules and behavioral models to automatically baseline normal behavior of users and devices with histograms to detect, prioritize and respond to anomalies based on risk as well as prioritizes third party alerts using machine learning.
Exabeam Security Analytics
Exabeam Security Analytics enables organizations to quickly perform threat detection and analysis on existing data streams and data lake/repositories with built-in log ingestion and parsing. Threat detection is powered by user and behavioral entity analytics, correlation rules, and threat intelligence, and augmented by alerting and case/incident management.
Features by Exabeam Security Operations Portfolio License Type
The Exabeam Security Operations Portfolio is a cloud-delivered solution that is licensed as term subscriptions with five different product licenses.
The following table displays the features supported by each license type. A dash (—) indicates a feature is not supported. Where a feature is supported, additional limitations may apply. For terms, see Exabeam Product Entitlement.
Feature | Exabeam Security Log Management | Exabeam SIEM | Exabeam Fusion | Exabeam Security Investigation | Exabeam Security Analytics |
|---|---|---|---|---|---|
Collectors | |||||
Collectors (cloud, site, context) | ✔ | ✔ | ✔ | ✔ | ✔ |
Security Management | |||||
— | — | ✔ | ✔ | — | |
✔ | ✔ | ✔ | ✔ (Limited search) | ✔ (Limited search) | |
Pre-built Correlation Rules | — | ✔ | ✔ | ✔ | ✔ |
✔ | ✔ | ✔ | ✔ | ✔ | |
✔ | ✔ | ✔ | ✔ | ✔ | |
TDIR | |||||
Advanced Analytics (SaaS) | — | — | ✔ | ✔ | ✔ |
Advanced Analytics retention of logs, events, sessions | — | — | (Measured in days. See Exabeam Product Entitlement for details.) | ||
— | — | — | — | ✔ | |
— | ✔ | ✔ | ✔ | — | |
Case Manager (SaaS) | — | — | — | — | ✔ |
✔ | ✔ | ✔ | ✔ (Pre-built dashboards only; No customization) | ✔ (Pre-built dashboards only; No customization) | |
| — | ✔ | — | — | — |
| — | — | ✔ | ✔ | ✔ |
| — | — | ✔ | ✔ | ✔ |
| ✔ | ✔ | ✔ | — | — |
| ✔ | ✔ | ✔ | ✔ | ✔ |
Incident Responder (includes Action Editor, Case Manager, and Alert Triage) | See Add Ons. | ||||
✔ | ✔ | ✔ | ✔ (Unlimited anomalies; limited third-party events per search) | (Unlimited anomalies; limited third-party events per search) | |
— | ✔ | ✔ | ✔ | — | |
Platform Insights | |||||
✔ | ✔ | ✔ | ✔ | ✔ | |
✔ | ✔ | ✔ | ✔ | ✔ | |
Add Ons | |||||
Exabeam Security Log Management Extension Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules | ✔ | — | — | — | — |
Exabeam SIEM Extension Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules | — | ✔ | — | — | — |
Exabeam Fusion Extension Extension of product capabilities beyond default retention: search, report, dashboard, correlation rules | — | — | ✔ | — | — |
Long-term Search Long-term, easily accessible log storage with search and export capabilities | ✔ | ✔ | ✔ | — | — |
Long-term Storage Long-term, easily accessible log storage with limited search capabilities | ✔ | ✔ | ✔ | — | — |
Exabeam Ingester for CrowdStrike Collects filtered CrowdStrike Falcon Data Replicator (FDR) content | ✔ | ✔ | ✔ | ✔ | ✔ |
Dynamic Alert Prioritization | — | — | ✔ | ✔ | — |
— | — | ✔ | ✔ | — | |
— | — | ✔ | ✔ | — | |
The entitlements for Exabeam products, SaaS, and Technical Support offerings are limited to those described in Exabeam Product Entitlement. In the event of a conflict between the documentation, including this page, and the Product Entitlement Document, the Product Entitlement Document shall prevail.