Exabeam Reviews

I have been using Exabeam Fusion SIEM on the myDesktop version.

Exabeam Fusion SIEM has a good performance and more advantages than traditional solutions.

Updating the new release of Exabeam Fusion SIEM takes time and slows our performance.

Exabeam Fusion SIEM's login could be better. Also, its performance could be improved by reducing the response time.

I have been using Exabeam Fusion SIEM for more than a year.

Exabeam Fusion SIEM has perfect stability, with no performance drops or crashes. I rate Exabeam Fusion SIEM a nine out of ten for stability.

Exabeam Fusion SIEM is quite a scalable product. I rate Exabeam Fusion SIEM an eight out of ten for scalability. Approximately fifty to seventy users, including IT specialists, network engineers, and system engineers, currently use Exabeam Fusion SIEM in our organization.

Exabeam Fusion SIEM's technical support is very good, and I rate Exabeam Fusion SIEM an eight out of ten for technical support.

Positive

Since I have the guides and tutorials on installing Exabeam Fusion SIEM for a virtual environment, the initial setup was easy for me.

If you are new to Exabeam Fusion SIEM and reading the resource for the first time, it may take hours. However, since I have read every installation detail and am ready with every resource and material, it now takes me less than an hour.

We use Exabeam Fusion SIEM for the customers of financial institutions, and their feedback is good. Hence, we do have an ROI with the solution.

Exabeam Fusion SIEM's pricing is reasonable. I rate Exabeam Fusion SIEM a seven out of ten for pricing. Exabeam Fusion SIEM's pricing is reasonable. I rate Exabeam Fusion SIEM a seven out of ten for pricing. There are no extra expenses in addition to the licensing cost.

I am using the latest version of Exabeam Fusion SIEM. Two people, including one from a technical background and another from a network background, are needed for the maintenance of Exabeam Fusion SIEM.

Overall, I rate Exabeam Fusion SIEM a nine out of ten.

We use Exabeam to analyze timelines, understand the nature of the user entity or asset, and deduce activities performed in a timeline format. It is also used to trigger security rules related to security operations and investigation.

Our team has identified many identity-based threats. This has led to a significant increase in detecting these identity-based alerts.

The ThreatHunter in Advanced Analytics is the most valuable. It helps analyze compromised assets and provides analysis for any entity within my client's environment. 

Additional benefits include geolocation and tags, as well as rules, which are referred to as reasons in XBee. These are triggering rules and key identifier activities used extensively.

Exabeam needs to improve its adaptive nature towards rules and its capability to understand the entire client environment faster. 

It should accurately differentiate between an asset, its user, a host, or a service account, and structure its baseline activity precisely. Despite being a UEBA tool, it needs to speed up the entire process. 

Integrating AI could help Exabeam to effectively stay ahead in the competition. Improved adaptability in baselining scores and triggering rules would reduce false positives, ultimately enhancing security posture.

I have been working with Exabeam for over three and a half years.

Exabeam faces stability issues when applying patches, resulting in downtime for the console for twenty to thirty minutes, which is critical for SOC monitoring. This lack of backup significantly impacts our operations.

I would rate Exabeam's scalability as eight out of ten. It struggles with covering the entire environment if proper tags and hierarchy are not defined, which can present data only in a timeline format. It should present data in a more recognizable manner, like a graph, to improve usability.

I have not personally reached out to Exabeam's technical support. Typically, engineers in my organization handle interactions with customer service.

Neutral

Before Exabeam, we used a different solution, although I cannot recall its name. 

We switched due to Exabeam's promising interface, which bases rules on the behavior of entities rather than just matching against a repository of cyber threats. Exabeam introduced behavioral analysis over suspicious activities.

I'd rate the solution six out of ten.

The solution is primarily for the Saudi Arabian government. They want to deploy Exabeam to about 15,000 users. It's for cybersecurity, for protection reasons, within the government environment.

The government has needed some security features to protect the assets and to protect everything within the environment. This solution offers them the level of protection that they need.

The solution has great technology. 

It's a very user-friendly product and it's a very comprehensive technology.

The security on offer is very good. 

Cost-wise, compared to other technology, it's affordable.

The solution has a lot of great premium features on offer. 

We still have questions surrounding hardware deployment. 

I've been using the solution for about one year.

The stability seems to be quite good. We haven't installed it yet, however.

From what I can see, the solution has the capability to scale. that shouldn't be an issue for a company. It looks like it will expand quite well.

I haven't been in touch with technical support. The solution hasn't been implemented yet. I've mostly been acquiring information via third parties. 

I tried to send an email, however, no one has replied. I still have outstanding questions about how to select a security management platform, how to select entity analytics, how to select the cloud connectors et cetera, in physical and virtual modes.

It doesn't look like anyone is really supporting the solution in our region. As consultants, it's hard for us to say if this will end up being a problem for clients down the line. We'd like to get their input on the proposal and design, however, there doesn't seem to be anyone to discuss these issues with.

This solution has not been installed yet. Right now, we are in distributing stage. We are trying to assess the requirements and to decide accordingly the proper way forward. We're still figuring out the hardware, for example, and still have questions that need to be addressed. 

I've examined the cost and have found it to be rather reasonable. It's not overly expensive for what it offers.

Currently, I'm doing a deep evaluation of this product. I'm making a scoring system and comparing tit o other technologies. This seems to be the best option, however. It seems to be ticking all of the boxes.

We're just a consultant. We give advice to clients and present them with what we think are the best options. I'm not an integrator or user. Our clients rely on our insights and reports.

This solution will potentially be used on a governmental project. We need to have the full set of features. The government is very concerned about protection. We are trying to deploy the data lead, cloud connector, advanced analytics, entity analytics, recounting incident response, case manager and the full package, the full system, in order to collect information and properly detect and respond.

While the scoring is very high so far, I still need to determine the hardware requirements. From what I can see so far, I would rate the solution at an eight out of ten.

We are a solution provider that does a lot of work in the cybersecurity space. Exabeam is one of the SIEM products that we implement for our clients.

The solution is easy to use and on a whole, it is pretty valuable.

The way it can connect with AWS is very useful, and the integrations are pretty good.

The incident response functionality is good.

Adding to the number of certifications that they have, for example, ISO 27001, would be helpful. Currently, they only have SOC 2.

I have been working with Exabeam for the past two to three years.

Exabeam is a stable solution.

This product is very easy to scale.

I have been in contact with technical support and they're really great. There's always an engineer assigned to each case.

The other SIEM solutions that we work with are Securonix and LogPoint.

The initial setup is pretty straightforward. Depending on the size, it usually takes about six days for implementation time.

They have a great model for pricing that can be based either on user count or gigabits per day. The pricing is pretty flexible, as well.

The suitability of this product is dependent on the individual use case, but generally, it fits most clients.

Overall, this is a fantastic tool and it is one of the best SIEMs that I've come across.

I would rate this solution an eight out of ten.

We use the solution to investigate incidents and create rules for use cases.

The solution provides an easy-to-use platform to create rules for use cases.

The solution's data lake features could be easier to understand for end users. They should also provide detailed information about detecting phishing emails and integrating another platform for development.

I rate the solution's stability a seven out of ten.

I rate the solution's scalability a six out of ten.

The solution's technical support team is good.

The solution's initial setup process is easy.

I rate the solution's ROI a seven out of ten.

The solution is expensive.

I advise others to use the solution for its analytical features. I rate it a six out of ten.

We install this solution for our customers. We don't necessarily use the solution ourselves.

I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful.

It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis.

They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.

I've been using the solution for about a year now.

The solution is pretty stable. It's mostly reliable in that we don't really deal with bugs and glitches. 

It's built on SADUP, which is pretty stable. It's a fair to stand up, but they've got that all worked out. You don't have to struggle with getting your Alt stack stood up. They do that for you. 

We have reached out to technical support in the past, and it's quite good. We've found them to be very good and very supportive. We're satisfied with the level of support we get from the company.

We handle the implementation ourselves on behalf of our clients.

We're a technology reseller. We're the largest IBM reseller in the world.

We're using the current version of the solution.

I would suggest that other companies looking at implementing the solution to first consider the full breadth of their requirements. It's not a solution with wide-ranging features and capabilities. That said, it does do a lot. They're very good at the user behavioral analytics. If UEBA is a company's main concern, and if they're concerned about insiders, which people should be, it's quite good. It's a strong product for that type of functionality. It doesn't have a lot of breadth beyond that. 

I would rate the solution seven out of ten.

The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. 

It's good at security logging in our infrastructure but not really application logging. 

We have been using Exabeam for a few months. 

We had RSA earlier, we were a mature client, we had a big bang kind of start. Exabeam was really prepared there. We had some issues that we were able to sort out. They sent very experienced engineers to help us with the issues we had. Now we have a technical account manager. We are very pleased with it. Now, it looks much better but it's a large implementation. If you have a large implementation with lots of data you can expect a few issues and problems. If you start off with a small implementation then it would be a different story. We started off with loads and loads of data that we wanted to ingest. After a couple of months, things look a lot better. 

We did a POC with Splunk, IBM QRadar and Securonix and we came to the conclusion that Exabeam was the best option for us. Everybody knows that Splunk is the top product but it's very expensive. The price model is based on the volume of logs of data that you process in the system. It's very unpredictable and expensive compared to other products.

We reviewed four different vendors but before we did the evaluation, we took a deep look at our use cases to understand our requirements so we would know the expected use cases and requirements on the system. It's important to know what you want to use it for. For us, it was about security use cases. If you are a new customer, you should think of the use cases that you have. All of the vendors we evaluated were good but Exabeam has a very good price model. That's where they win when they compete with Splunk, for instance. With Exabeam, you're not restricted to the log volume. You can add as much as you like. The only limit is the hardware. At some point, you may need to extend the hardware. We have plans to increase usage.

I would rate it a seven out of ten. 

We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with. That's where they could try to improve their services. We had some issues. Some of it was due to our own load balancing problems that caused a few issues. But if they had had their expert guys on-site they would have found the error much earlier. They didn't have their best experts so I think we lost a big of implementation time. I would've expected more attention on their side. They created tickets but that wasn't the way to work. When you start a large implementation, they need to have their experts on-site as opposed to opening regular tickets. They need to be on-site to fix the issues. They sent very good technical experts after a few months and it only took them half a day to figure out the issues and after that, it worked very well. Our account manager is very senior and we are very pleased with him.

They've been very professional during the POC. We had ongoing commercial discussions. 

I run a consulting organization and I also do a lot of enterprise architecture and solution architecture for security services.

Valuable features are its timeline based analysis and that it's user friendly. Response from the platform itself is good which makes it easy to manage. The UI is also a good feature. 

The product is good but the organzation is rigid and not flexible in the way they operate. Their response time is very bad. They obviously have a small team and not enough staff. They have their own priorities, it seems but the customer should be their first priority. The company really needs to improve their commitment to their customers. 

I've been using the solution for about four years. 

Stability is fine. 

Scalability is fine. 

There are no issues with technical support. 

Initial setup is fairly straightforward. 

The pricing is reasonable

From a product perspective, it's a good product but the company needs to improve the way it functions. 

I would rate this solution an eight out of 10.