TrustRadius: an HG Insights company

Exabeam Fusion

Score4.2 out of 10

13 Reviews and Ratings

Get a Demo

What is Exabeam Fusion?

Exabeam headquartered in San Mateo, Exabeam Fusion, a SIEM + XDR. The vendor states the modular Exabeam platform allows analysts to collect unlimited log data, use behavioral analytics to detect attacks, and automate incident response. The Exabeam platform can be deployed on-premise or from the cloud. Exabeam can also integrate information from the Exabeam Threat Intelligence Service, or into a third-party SIEM.

Categories & Use Cases

Reviews

What users are saying about Exabeam Fusion.
View all reviews

Finally a SIMPLE and EASY to use SIEM/SOAR solution :) One you will ENJOY using (really!!)

Incentivized
Verified User
Manager in Information Technology (501-1000 employees employees)

Use Cases and Deployment Scope

It is our SIEM and SOAR tool. We use it for all investigations. We use it for log retention and complance reporting. We use it for all alerting and InfoSec ticketing. With its simplicisty our help desk uses it to diagnose issues with user assets quickly and easly with very little training.

Pros

  • Simple graphical interface
  • Plan text searching, no need to know another coding language
  • Very very fast response
  • All saved logs up to 7 years instantly searchable
  • Not cold or frozen buckets for years old logs

Cons

  • More and better drop-down menus, some items in threat hunter require you know subsets.
  • Less dashboards, combine AA and DL without having separate logins.
  • More complete playbooks are already built out. You have the structure set up for templates like malware and phishing, go further and completely build them out from start to finish, most companies would just use them and not personalize their configurations.
  • Quarterly health checkup diagnostics of systems sent out to users.

Return on Investment

  • The simple automated response has allowed us to respond to thousands of more alerts a day.
  • From a phishing perspective, Exabeam can recognize a threat and automatically remove it from all mailboxes effected before an analyst can see it on a dashboard.
  • With the cloud deployment, Exabeam handles almost all admin duties for the tool themselves versus us having to spend 10 to 20 hours a month just keeping our old cloud-based SIEM healthy and up to date.

Usability

Exabeam is a customisable SIEM solution with advanced functionality that does not cost a fortune

Incentivized
Verified User
Engineer in Engineering (501-1000 employees employees)

Use Cases and Deployment Scope

We have been using the Exabeam suite as our SIEM solution to collect logs from different systems into a centralised location which can then be used for forensics purposes later on as well as real-time alerting on sensitive assets. Furthermore, the inbuilt case management has been the solution our analysts use to review and triage alerts as well as initiate playbooks.

Pros

  • Fast search times, unlike other competing solutions.
  • The ability for engineers to obtain access to the command line interface for troubleshooting, at least for on-premise deployments.
  • License is suitable for organisations with lots of logs to ingest.
  • Hardware required for on premise deployments is well supported.

Cons

  • Improvements on top of Lucene/KQL to add more search functions.
  • Stability of the overall deployment.
  • Ability to run version upgrades quicker and without data ingestion problems afterward.
  • More documentation and examples about the API functionality available.

Return on Investment

  • Reduced time to triage alerts.
  • Reduced number of alerts which need escalation to senior tiers.
  • The ability for analysts to quickly run playbooks for additional information and enrichment.
  • Ability to retain data for longer periods for forensics purposes.
  • Improved search performance compared with other SIEM solutions.

Usability