Analyst at a government with 1,001-5,000 employees
Real User
Top 20
2025-03-14T08:01:52Z
Mar 14, 2025
We only use Exabeam ( /products/exabeam-reviews ) for Advanced Analytics ( /categories/predictive-analytics ). We don't do all those other aspects like ticketing plugins. We just use it for the integration purposes, which are kind of basic. We send alerts via the dashboard for our SOC to identify risky users.
We use Exabeam to analyze timelines, understand the nature of the user entity or asset, and deduce activities performed in a timeline format. It is also used to trigger security rules related to security operations and investigation.
Graduate Student at a tech services company with 1-10 employees
Real User
Top 20
2024-10-01T07:08:00Z
Oct 1, 2024
We used Exabeam as a log aggregation platform. We had a SIEM platform, Exabeam, that was ingesting logs from various vendors hosting EDR solutions on behalf of our clients. Exabeam allowed us to parse logs from sources like CrowdStrike, Palo Alto, or Windows logs, all into one platform.
Software Engineer Intern at a tech services company with 11-50 employees
Real User
Top 5
2024-08-27T17:27:00Z
Aug 27, 2024
We struggled a bit with Exabeam initially, particularly with data ingestion, since it was at the early stage of our project. We experienced some downtime with the Data Lake when it was integrated with Exabeam. Regarding IOC searches, which involve looking for malicious files or IP addresses, Data Lake provided good results when it was operational. Several instances of downtime affected our ability to perform these searches effectively.
So my use of Exabeam was primarily focused on ingesting logs from multiple web services. The current product is designed for our organization, which involves managing multiple web services and microservices deployed on different servers. Previously, before utilizing Exabeam, we had to manually log into each server and search for the existing logs. Tracking all the logs for various web services, whether in production or in other environments like pre-production, was a challenging task. To address this, we incorporated Exabeam agents, both collector agents for Windows servers and Linux servers. This allowed us to collect all the logs on a single platform. If we needed specific logs for a particular service, we could directly access them on the Exabeam Cloud. The problem I was facing was with the user interface (UI) when trying to identify the exact services and server names.
The solution is primarily for the Saudi Arabian government. They want to deploy Exabeam to about 15,000 users. It's for cybersecurity, for protection reasons, within the government environment.
IT Specialist at a tech services company with 51-200 employees
Real User
2019-12-09T10:58:00Z
Dec 9, 2019
I'm an IT specialist and we are resellers of Exabeam. We have it deployed as an on-premise demo test cluster for customer POC. We use it mainly for management and for CM use cases to enable an overview of security events as well as user analytics.
Exabeam Fusion is a cloud-delivered solution that that enables you to:-Leverage turnkey threat detection, investigation, and response-Collect, search and enhance data from anywhere-Detect threats missed by other tools, using market-leading behavior analytics-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages-Enhance productivity and reduce response times with automation-Meet regulatory compliance and audit requirements with ease
We only use Exabeam ( /products/exabeam-reviews ) for Advanced Analytics ( /categories/predictive-analytics ). We don't do all those other aspects like ticketing plugins. We just use it for the integration purposes, which are kind of basic. We send alerts via the dashboard for our SOC to identify risky users.
We use Exabeam to analyze timelines, understand the nature of the user entity or asset, and deduce activities performed in a timeline format. It is also used to trigger security rules related to security operations and investigation.
We used Exabeam as a log aggregation platform. We had a SIEM platform, Exabeam, that was ingesting logs from various vendors hosting EDR solutions on behalf of our clients. Exabeam allowed us to parse logs from sources like CrowdStrike, Palo Alto, or Windows logs, all into one platform.
We struggled a bit with Exabeam initially, particularly with data ingestion, since it was at the early stage of our project. We experienced some downtime with the Data Lake when it was integrated with Exabeam. Regarding IOC searches, which involve looking for malicious files or IP addresses, Data Lake provided good results when it was operational. Several instances of downtime affected our ability to perform these searches effectively.
We use the product for security information and event management, user entity and behavior analytics, compliance, and anomaly detection.
We use the solution to investigate incidents and create rules for use cases.
So my use of Exabeam was primarily focused on ingesting logs from multiple web services. The current product is designed for our organization, which involves managing multiple web services and microservices deployed on different servers. Previously, before utilizing Exabeam, we had to manually log into each server and search for the existing logs. Tracking all the logs for various web services, whether in production or in other environments like pre-production, was a challenging task. To address this, we incorporated Exabeam agents, both collector agents for Windows servers and Linux servers. This allowed us to collect all the logs on a single platform. If we needed specific logs for a particular service, we could directly access them on the Exabeam Cloud. The problem I was facing was with the user interface (UI) when trying to identify the exact services and server names.
I have been using Exabeam Fusion SIEM on the myDesktop version.
The solution is primarily for the Saudi Arabian government. They want to deploy Exabeam to about 15,000 users. It's for cybersecurity, for protection reasons, within the government environment.
We are a solution provider that does a lot of work in the cybersecurity space. Exabeam is one of the SIEM products that we implement for our clients.
We install this solution for our customers. We don't necessarily use the solution ourselves.
I run a consulting organization and I also do a lot of enterprise architecture and solution architecture for security services.
I'm an IT specialist and we are resellers of Exabeam. We have it deployed as an on-premise demo test cluster for customer POC. We use it mainly for management and for CM use cases to enable an overview of security events as well as user analytics.