Senior Solutions Architect at a tech services company with 1,001-5,000 employees
Reseller
2020-07-08T09:01:02Z
Jul 8, 2020
It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis. They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.
Co-Founder, Director - Technology & Consulting at a tech services company with 11-50 employees
Real User
2020-04-19T07:40:35Z
Apr 19, 2020
The product is good but the organzation is rigid and not flexible in the way they operate. Their response time is very bad. They obviously have a small team and not enough staff. They have their own priorities, it seems but the customer should be their first priority. The company really needs to improve their commitment to their customers.
IT Specialist at a tech services company with 51-200 employees
Real User
2019-12-09T10:58:00Z
Dec 9, 2019
The product could be improved by implementing cost use cases. I believe if it were more flexible it would be a better product. For additional features, I'd like to see more visibility in the networking.
Exabeam Fusion SIEM is a cloud-delivered solution that that enables you to:-Leverage turnkey threat detection, investigation, and response-Collect, search and enhance data from anywhere-Detect threats missed by other tools, using market-leading behavior analytics-Achieve successful SecOps outcomes with prescriptive, threat-centric use case packages-Enhance productivity and reduce response times with automation-Meet regulatory compliance and audit requirements with ease
We still have questions surrounding hardware deployment.
Adding to the number of certifications that they have, for example, ISO 27001, would be helpful. Currently, they only have SOC 2.
It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis. They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.
The product is good but the organzation is rigid and not flexible in the way they operate. Their response time is very bad. They obviously have a small team and not enough staff. They have their own priorities, it seems but the customer should be their first priority. The company really needs to improve their commitment to their customers.
The product could be improved by implementing cost use cases. I believe if it were more flexible it would be a better product. For additional features, I'd like to see more visibility in the networking.