With the growing abundance of data in the enterprise that comes from network devices, endpoint computers, servers and security products, security analysts need an easy way to store and extract insights from that data. Security data lakes enable analysts to access logs from relevant systems to detect suspicious user activity, while automating the connection to various types of logs and the processing of the data to simplify the overall approach.
Exabeam Data Lake, formerly Exabeam Log Manager, centralises all relevant logs to reduce the work of collecting logs from multiple systems. It is built on proven, open source, big data technology, providing unlimited security data collection, indexing, and search at a predictable price. Exabeam Data Lake not only supports better analytics, but also enables more comprehensive compliance reporting. New features of Exabeam Data Lake include:
- Customised User Interface: A customisation of the Kibana visualisation plugin tailored to meet the needs of security teams, which simplifies the visualisation creation process and enables security analysts to more easily craft custom reports and dashboards.
- Tighter bi-directional product integration: Optimised data ingestion between Data Lake and Exabeam Advanced Analytics supports a wide variety of threat detection use cases. This integration also improves the ability of Advanced Analytics to leverage its machine learning engine to enrich logs in Data Lake.
- New data sources: Data Lake now has a database collector which enables logs to be collected from remote Microsoft SQL Server and MySQL databases. This allows the Exabeam Security Intelligence Platform to deliver on additional compliance and database activity monitoring use cases.
- Improved user management: Role-based access control for all aspects of the Data Lake application and UI access to support data privacy initiatives and to implement separation of duties.
“Most large organisations have billions of security-related logs per day and security analysts need to be able to automatically and intelligently parse critical data,” said Sylvain Gil, co-founder and vice president of products. “Exabeam Data Lake allows security teams to organise their logs and enrich them with important contextual information. It adds much needed accuracy and efficiency into the exercise of detecting suspicious activity like insider threats, as well as performing incident investigation.”
