Please share with the community what you think needs improvement with Exabeam Fusion SIEM.
What are its weaknesses? What would you like to see changed in a future version?
We still have questions surrounding hardware deployment.
Adding to the number of certifications that they have, for example, ISO 27001, would be helpful. Currently, they only have SOC 2.
It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis. They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.
The product is good but the organzation is rigid and not flexible in the way they operate. Their response time is very bad. They obviously have a small team and not enough staff. They have their own priorities, it seems but the customer should be their first priority. The company really needs to improve their commitment to their customers.
The product could be improved by implementing cost use cases. I believe if it were more flexible it would be a better product. For additional features, I'd like to see more visibility in the networking.
We all know it's really hard to get good pricing and cost information.
Please share what you can so you can help your peers.
Hi dear community members,
There's a lot of SIEM solutions. SIEMs are not something you just install and wait for great things to happen, right?
What questions should someone ask before purchasing a SIEM?
Help your peers ask the right questions so that they'll make the best decision.