Exabeam Fusion SIEM Review

Good tech support and pretty stable but is by no means a complete solution

What is our primary use case?

We install this solution for our customers. We don't necessarily use the solution ourselves.

What is most valuable?

I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful.

What needs improvement?

It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis.

They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.

For how long have I used the solution?

I've been using the solution for about a year now.

What do I think about the stability of the solution?

The solution is pretty stable. It's mostly reliable in that we don't really deal with bugs and glitches. 

It's built on SADUP, which is pretty stable. It's a fair to stand up, but they've got that all worked out. You don't have to struggle with getting your Alt stack stood up. They do that for you. 

How are customer service and technical support?

We have reached out to technical support in the past, and it's quite good. We've found them to be very good and very supportive. We're satisfied with the level of support we get from the company.

What about the implementation team?

We handle the implementation ourselves on behalf of our clients.

What other advice do I have?

We're a technology reseller. We're the largest IBM reseller in the world.

We're using the current version of the solution.

I would suggest that other companies looking at implementing the solution to first consider the full breadth of their requirements. It's not a solution with wide-ranging features and capabilities. That said, it does do a lot. They're very good at the user behavioral analytics. If UEBA is a company's main concern, and if they're concerned about insiders, which people should be, it's quite good. It's a strong product for that type of functionality. It doesn't have a lot of breadth beyond that. 

I would rate the solution seven out of ten.

**Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
More Exabeam Fusion SIEM reviews from users
...who compared it with IBM QRadar
Find out what your peers are saying about Exabeam, Splunk, Securonix Solutions and others in Security Information and Event Management (SIEM). Updated: July 2021.
521,817 professionals have used our research since 2012.
Add a Comment
ITCS user