Try our new research platform with insights from 80,000+ expert users
reviewer1454544 - PeerSpot reviewer
COO at a computer software company with 11-50 employees
Reseller
Easy to use, good integration with AWS, and the incident response functionality works well
Pros and Cons
  • "The way it can connect with AWS is very useful, and the integrations are pretty good."
  • "Adding to the number of certifications that they have, for example, ISO 27001, would be helpful."

What is our primary use case?

We are a solution provider that does a lot of work in the cybersecurity space. Exabeam is one of the SIEM products that we implement for our clients.

What is most valuable?

The solution is easy to use and on a whole, it is pretty valuable.

The way it can connect with AWS is very useful, and the integrations are pretty good.

The incident response functionality is good.

What needs improvement?

Adding to the number of certifications that they have, for example, ISO 27001, would be helpful. Currently, they only have SOC 2.

For how long have I used the solution?

I have been working with Exabeam for the past two to three years.

Buyer's Guide
Exabeam
December 2024
Learn what your peers think about Exabeam. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.

What do I think about the stability of the solution?

Exabeam is a stable solution.

What do I think about the scalability of the solution?

This product is very easy to scale.

How are customer service and support?

I have been in contact with technical support and they're really great. There's always an engineer assigned to each case.

Which solution did I use previously and why did I switch?

The other SIEM solutions that we work with are Securonix and LogPoint.

How was the initial setup?

The initial setup is pretty straightforward. Depending on the size, it usually takes about six days for implementation time.

What's my experience with pricing, setup cost, and licensing?

They have a great model for pricing that can be based either on user count or gigabits per day. The pricing is pretty flexible, as well.

What other advice do I have?

The suitability of this product is dependent on the individual use case, but generally, it fits most clients.

Overall, this is a fantastic tool and it is one of the best SIEMs that I've come across.

I would rate this solution an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
JohnTamakloe - PeerSpot reviewer
Solutions Architect at a tech services company with 51-200 employees
Real User
Top 5
Has efficient AI capabilities for threat intelligence and a helpful technical support team
Pros and Cons
  • "The platform is not extremely expensive compared to its direct competitors; I would rate its pricing around six out of ten."
  • "One area for the solution's improvement is integration capabilities, particularly out-of-the-box integration which sometimes requires additional professional services."

What is our primary use case?

We use the product for security information and event management, user entity and behavior analytics, compliance, and anomaly detection.

What is most valuable?

The platform's most beneficial features include the correlation engine, behavior analytics, and integration capabilities.

What needs improvement?

One area for the solution's improvement is integration capabilities, particularly out-of-the-box integration which sometimes requires additional professional services.

I would like to see more capabilities in the Security Orchestration Automation and Response (SOAR) aspect. 

For how long have I used the solution?

We have been using Exabeam for almost a year. We are using the cloud version, specifically as a SaaS solution.

What do I think about the stability of the solution?

I rate the product stability a nine. 

What do I think about the scalability of the solution?

We have more than 2,000 end users working with Exabeam. We plan to expand the number of users and devices. I rate the scalability a nine.

How are customer service and support?

The technical support team is helpful. 

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

We previously used SolarWinds and IBM products, including QRadar. We switched to Exabeam because it offers inbuilt capabilities like threat intelligence and case management. 

How was the initial setup?

The deployment was relatively straightforward due to our prior knowledge of similar solutions, though only partially with challenges. It took between two weeks and one month to complete.

What about the implementation team?

We handle maintenance ourselves, as it is managed through the cloud with automatic updates.

What was our ROI?

Exabeam has helped reduce costs by consolidating monitoring tools, potentially leading to a 15-20% reduction in operational expenses.

What's my experience with pricing, setup cost, and licensing?

The platform is not extremely expensive compared to its direct competitors; I would rate its pricing around six out of ten.

What other advice do I have?

The product's integration with other vendors' solutions is better than some alternatives but not the best overall.

Its AI capabilities enhance threat intelligence and analytics, providing better visibility and correlation of incidents.

I recommend it to others and rate it an eight out of ten. 

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
Flag as inappropriate
PeerSpot user
Buyer's Guide
Exabeam
December 2024
Learn what your peers think about Exabeam. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Strategic Account Specialist at FITS Consulting
Real User
User-friendly and affordable with good security on offer
Pros and Cons
  • "It's a very user-friendly product and it's a very comprehensive technology."
  • "We still have questions surrounding hardware deployment."

What is our primary use case?

The solution is primarily for the Saudi Arabian government. They want to deploy Exabeam to about 15,000 users. It's for cybersecurity, for protection reasons, within the government environment.

How has it helped my organization?

The government has needed some security features to protect the assets and to protect everything within the environment. This solution offers them the level of protection that they need.

What is most valuable?

The solution has great technology. 

It's a very user-friendly product and it's a very comprehensive technology.

The security on offer is very good. 

Cost-wise, compared to other technology, it's affordable.

The solution has a lot of great premium features on offer. 

What needs improvement?

We still have questions surrounding hardware deployment. 

For how long have I used the solution?

I've been using the solution for about one year.

What do I think about the stability of the solution?

The stability seems to be quite good. We haven't installed it yet, however.

What do I think about the scalability of the solution?

From what I can see, the solution has the capability to scale. that shouldn't be an issue for a company. It looks like it will expand quite well.

How are customer service and technical support?

I haven't been in touch with technical support. The solution hasn't been implemented yet. I've mostly been acquiring information via third parties. 

I tried to send an email, however, no one has replied. I still have outstanding questions about how to select a security management platform, how to select entity analytics, how to select the cloud connectors et cetera, in physical and virtual modes.

It doesn't look like anyone is really supporting the solution in our region. As consultants, it's hard for us to say if this will end up being a problem for clients down the line. We'd like to get their input on the proposal and design, however, there doesn't seem to be anyone to discuss these issues with.

How was the initial setup?

This solution has not been installed yet. Right now, we are in distributing stage. We are trying to assess the requirements and to decide accordingly the proper way forward. We're still figuring out the hardware, for example, and still have questions that need to be addressed. 

What's my experience with pricing, setup cost, and licensing?

I've examined the cost and have found it to be rather reasonable. It's not overly expensive for what it offers.

Which other solutions did I evaluate?

Currently, I'm doing a deep evaluation of this product. I'm making a scoring system and comparing tit o other technologies. This seems to be the best option, however. It seems to be ticking all of the boxes.

What other advice do I have?

We're just a consultant. We give advice to clients and present them with what we think are the best options. I'm not an integrator or user. Our clients rely on our insights and reports.

This solution will potentially be used on a governmental project. We need to have the full set of features. The government is very concerned about protection. We are trying to deploy the data lead, cloud connector, advanced analytics, entity analytics, recounting incident response, case manager and the full package, the full system, in order to collect information and properly detect and respond.

While the scoring is very high so far, I still need to determine the hardware requirements. From what I can see so far, I would rate the solution at an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer2562423 - PeerSpot reviewer
Graduate Student at a tech services company with 1-10 employees
Real User
Top 20
Clean UI with robust identity management abut needs better API interaction
Pros and Cons
  • "The UI was very clean."
  • "One area that needs improvement is interacting with Exabeam's API. There was a headache regarding the API; the documentation wasn't clear, and the syntax wasn't very precise."

What is our primary use case?

We used Exabeam as a log aggregation platform. We had a SIEM platform, Exabeam, that was ingesting logs from various vendors hosting EDR solutions on behalf of our clients. Exabeam allowed us to parse logs from sources like CrowdStrike, Palo Alto, or Windows logs, all into one platform.

What is most valuable?

The UI was very clean. Its identity and access management were robust. We had many colleagues interacting with it, and when I was adding parsing rules or configuring other changes, I could propagate those changes in real-time very fast.

What needs improvement?

One area that needs improvement is interacting with Exabeam's API. There was a headache regarding the API; the documentation wasn't clear, and the syntax wasn't very precise. This situation arose when we needed to retrieve a list of public IPs to block, and it required interacting with Exabeam's API on the cloud platform.

For how long have I used the solution?

I worked with Exabeam for about three months during an internship engagement at Grant Thornton. The last time I used it was more than a year ago.

What do I think about the stability of the solution?

The solution is stable.

What do I think about the scalability of the solution?

There was a fair bit of latency when accessing it via a web browser. The platform seems to be very application intensive, which led to some pet peeves regarding latency.

How are customer service and support?

The customer support was quite good. They had a solid customer support platform, and their responses were always very instantaneous. Early in my internship, we needed access to the platform to start learning, and Exabeam’s customer support quickly provided us with accounts with lower privileges.

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

In my own setup, I use the Elk Stack: Elasticsearch, Logstash, and Kibana, which I am more accustomed to.

What other advice do I have?

I'd rate the solution six out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
AYOUB ECH-CHKAF - PeerSpot reviewer
Security Operations Center Analyst (L2 at Thales
Real User
Top 5Leaderboard
An easy-to-use solution, but its data lake features could be simple to understand
Pros and Cons
  • "The solution's initial setup process is easy."
  • "They should provide detailed information about detecting phishing emails."

What is our primary use case?

We use the solution to investigate incidents and create rules for use cases.

How has it helped my organization?

The solution provides an easy-to-use platform to create rules for use cases.

What needs improvement?

The solution's data lake features could be easier to understand for end users. They should also provide detailed information about detecting phishing emails and integrating another platform for development.

What do I think about the stability of the solution?

I rate the solution's stability a seven out of ten.

What do I think about the scalability of the solution?

I rate the solution's scalability a six out of ten.

How are customer service and support?

The solution's technical support team is good.

How was the initial setup?

The solution's initial setup process is easy.

What was our ROI?

I rate the solution's ROI a seven out of ten.

What's my experience with pricing, setup cost, and licensing?

The solution is expensive.

What other advice do I have?

I advise others to use the solution for its analytical features. I rate it a six out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
reviewer1383993 - PeerSpot reviewer
Senior Solutions Architect at a tech services company with 1,001-5,000 employees
Reseller
Good tech support and pretty stable but is by no means a complete solution
Pros and Cons
  • "I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful."
  • "They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however."

What is our primary use case?

We install this solution for our customers. We don't necessarily use the solution ourselves.

What is most valuable?

I have customers that like the EUBA functionality of it. The solution has the ability to build a session, basically. It pulls a lot of information together, for example, everything a user does in a specific timeframe. It's quite helpful.

What needs improvement?

It's not a complete solution. It really focuses on user behavioral analytics, which is a big part of the product. It doesn't support flow analysis. Not everything is left in logs, to be conveniently reviewed. However, if they had flow analysis, it's possible you can catch a lot of hackers looking at the behavior and network flow. Things need to be cross-correlated with logs. They need real-time flow analysis.

They need to focus on more of the MITRE ATT&CK Framework and coverage. They claim they cover about 70 to 80%. I'm not sure if it's really quite that much, however.

For how long have I used the solution?

I've been using the solution for about a year now.

What do I think about the stability of the solution?

The solution is pretty stable. It's mostly reliable in that we don't really deal with bugs and glitches. 

It's built on SADUP, which is pretty stable. It's a fair to stand up, but they've got that all worked out. You don't have to struggle with getting your Alt stack stood up. They do that for you. 

How are customer service and technical support?

We have reached out to technical support in the past, and it's quite good. We've found them to be very good and very supportive. We're satisfied with the level of support we get from the company.

What about the implementation team?

We handle the implementation ourselves on behalf of our clients.

What other advice do I have?

We're a technology reseller. We're the largest IBM reseller in the world.

We're using the current version of the solution.

I would suggest that other companies looking at implementing the solution to first consider the full breadth of their requirements. It's not a solution with wide-ranging features and capabilities. That said, it does do a lot. They're very good at the user behavioral analytics. If UEBA is a company's main concern, and if they're concerned about insiders, which people should be, it's quite good. It's a strong product for that type of functionality. It doesn't have a lot of breadth beyond that. 

I would rate the solution seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
it_user900120 - PeerSpot reviewer
IT Specialist at a tech services company with 51-200 employees
Real User
Advanced analytics has a great overview of user behavior
Pros and Cons
  • "The advanced analytics has a really great overview of user behavior."
  • "I believe if it were more flexible it would be a better product."

What is our primary use case?

I'm an IT specialist and we are resellers of Exabeam. We have it deployed as an on-premise demo test cluster for customer POC. We use it mainly for management and for CM use cases to enable an overview of security events as well as user analytics. 

What is most valuable?

With E8, the advanced analytics has a really great overview of user behavior. I like the timeline feature the most.

What needs improvement?

The product could be improved by implementing cost use cases. I believe if it were more flexible it would be a better product. 

For additional features, I'd like to see more visibility in the networking.

For how long have I used the solution?

We've been using the latest version of this product for the past six months. 

What do I think about the stability of the solution?

It's a stable product, no problems. 

What do I think about the scalability of the solution?

Our company doesn't have a huge infrastructure behind the product at the moment, so it's difficult for me to comment about scalability, but I have seen customer references that state it scales really nicely. They are now working on the last big infrastructure and I know that inherently it scales well. The product is mostly for software security use cases, but in our company, only a handful of people use the product, perhaps three or four. In terms of our customers, I would estimate there to be between 10 and 15 users. It would mainly be infrastructure admin and security analysts using the solution.

How are customer service and technical support?

I haven't needed to make contact with technical support. 

Which solution did I use previously and why did I switch?

In production, we are actually still using QRadar in our own company simultaneously with Exabeam.

How was the initial setup?

Setting up the system was relatively easy - it took about a day. Adjusting the information was an ongoing process, so I can't really give a good estimate on that.

Which other solutions did I evaluate?

We evaluated LogRhythm and Splunk as possible options but in the end, we went with Exabeam - it was the right choice for us taking into account the needs of our customers and projected future needs.

What other advice do I have?

I would recommend the product. I don't have any warnings or anything negative to tell anyone, because there are really no problems with the solution. You can pretty much make it up as you go.

I would rate this product an eight out of 10. 

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Himanshu Shah - PeerSpot reviewer
Himanshu ShahPartner at Opticom Data Products
Top 10Reseller

We Opticom Data Products are also VAR for Exabeam products based out of Mumbai India. We also intend to install Exabeam in our office as to provide a platform for PoC to our clients and may also be great learning experience. There is enormous potential in India and have lots of inquiries for Exabeam solution. Pl. advise us for thhe same please. Himanshu shah Opticom Data Products, 98204 30649

reviewer1041465 - PeerSpot reviewer
Program Coordinator at a financial services firm with 10,001+ employees
Real User
Good at security logging in our infrastructure but be prepared for problems if you start with a large implementation
Pros and Cons
  • "The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it."
  • "We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with."

What is most valuable?

The user interface and the timelines they use are the most valuable features. The price model is very simple so that one can understand it easily and there are no surprises within it. 

It's good at security logging in our infrastructure but not really application logging. 

For how long have I used the solution?

We have been using Exabeam for a few months. 

How was the initial setup?

We had RSA earlier, we were a mature client, we had a big bang kind of start. Exabeam was really prepared there. We had some issues that we were able to sort out. They sent very experienced engineers to help us with the issues we had. Now we have a technical account manager. We are very pleased with it. Now, it looks much better but it's a large implementation. If you have a large implementation with lots of data you can expect a few issues and problems. If you start off with a small implementation then it would be a different story. We started off with loads and loads of data that we wanted to ingest. After a couple of months, things look a lot better. 

Which other solutions did I evaluate?

We did a POC with Splunk, IBM QRadar and Securonix and we came to the conclusion that Exabeam was the best option for us. Everybody knows that Splunk is the top product but it's very expensive. The price model is based on the volume of logs of data that you process in the system. It's very unpredictable and expensive compared to other products.

What other advice do I have?

We reviewed four different vendors but before we did the evaluation, we took a deep look at our use cases to understand our requirements so we would know the expected use cases and requirements on the system. It's important to know what you want to use it for. For us, it was about security use cases. If you are a new customer, you should think of the use cases that you have. All of the vendors we evaluated were good but Exabeam has a very good price model. That's where they win when they compete with Splunk, for instance. With Exabeam, you're not restricted to the log volume. You can add as much as you like. The only limit is the hardware. At some point, you may need to extend the hardware. We have plans to increase usage.

I would rate it a seven out of ten. 

We had a large volume right from the beginning and they weren't quite prepared for that. That's something that they should think about when it comes to customers that have a large volume to start off with. That's where they could try to improve their services. We had some issues. Some of it was due to our own load balancing problems that caused a few issues. But if they had had their expert guys on-site they would have found the error much earlier. They didn't have their best experts so I think we lost a big of implementation time. I would've expected more attention on their side. They created tickets but that wasn't the way to work. When you start a large implementation, they need to have their experts on-site as opposed to opening regular tickets. They need to be on-site to fix the issues. They sent very good technical experts after a few months and it only took them half a day to figure out the issues and after that, it worked very well. Our account manager is very senior and we are very pleased with him.

They've been very professional during the POC. We had ongoing commercial discussions. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Download our free Exabeam Report and get advice and tips from experienced pros sharing their opinions.
Updated: December 2024
Buyer's Guide
Download our free Exabeam Report and get advice and tips from experienced pros sharing their opinions.