IT Brief New Zealand - Technology news for CIOs & IT decision-makers
Story image

Exabeam unveils industry-first 'Investigation Timelines' tool

Tue, 14th May 2024

Exabeam, a global provider of AI-driven security operations, has unveiled a new capability for its Security Operations Platform: Investigation Timelines. An industry-first tool, Investigation Timelines allows for immediate chronological event visualisations for all search results or filters, aiming to aid security teams in a climate of increasing threats and a shortage of necessary skills.

Investigation Timelines are meant to simplify security analysis. This innovative technology makes a significant stride towards integrating cross-platform workflows, allowing teams to understand exactly what is taking place in their environments. Chief Product Officer at Exabeam, Steve Wilson, explained, "Security operations personnel are struggling to keep pace with cyberthreats, including those increasingly fuelled by AI. They've been asking for the ability to automate analysis workflows and streamline the examination of incidents, and we're delivering the ability to timeline anything to help significantly decrease response times." Wilson continues to refer to the timelines as a 'strategic ally', as they help analysts comprehend the chronological sequence of events before, during, and after an attack.

Investigation Timelines are an evolution of Exabeam's Smart Timelines and give analysts the power to timeline any entity, artefact, or field within the Search experience. This means that analysts can now build timelines not just for users and hosts but also for applications and processes. The capability also allows analysts to group any of these details, offering more granular visibility and simplifying the overall investigation experience.

Lindbergh Caldeira, Cyber Security Operations Manager at SA Power Networks, stated, "Investigation Timelines expand the scope of what analysts can see and essentially bring Exabeam's well-known Smart Timelines into Exabeam Search so that they no longer have to pivot between views during investigations. The new timelines greatly speed up threat hunting by giving far more context inside Search which will make it even easier to explain what happened around any suspicious activities."

Investigation Timelines seek to resolve constant issues faced by security analysts and threat hunters. By integrating threat investigation abilities within the Exabeam Search application, users can benefit from a more streamlined investigation workflow, significantly boosting productivity. The integrated threat investigation capability rectifies fragmented investigations most products present. It decreases inconsistent investigations by providing a uniform experience for analysts of all skill levels. The enhanced search and filter options within the timeline view can now deduce the risk levels of events and link detections to the triggering ones automatically, reducing manual analysis and research. Moreover, the tool addresses the inadequate investigation facilities of traditional SIEM and log management tools. Lastly, it is designed to transform the way security teams manage threat detection, investigation, and response (TDIR).

Investigation Timelines will be generally available in Q2 2024, paving the way for Exabeam's goal to assist organisations in securing themselves against cyber threats and defeating adversaries.

Follow us on:
Follow us on LinkedIn Follow us on X
Share on:
Share on LinkedIn Share on X