The Silicon Review
Built by seasoned security and enterprise IT veterans, Exabeam is headquartered in San Mateo, California, USA, and operates globally, with operations in North America, EMEA, and Asia-Pacific.”
Hackers can impersonate employees to compromise business data. Insiders can “hide” behind their enterprise credentials to steal data or attack systems. Either way, their actual behavior gives them away. Exabeam’s behavior-based security intelligence uses advanced machine learning techniques to detect and assess risky activity on your network. The company recently extended that capability to the analysis of system processes, as solution for early detection of ransomware.
Exabeam was founded in 2013 with the goal of using a novel combination of machine learning, security research, and commercial credit fraud detection to find and respond to increasing cybercrime. The company’s first customer purchased its product in December 2014, and it has added over 35 of the Fortune 1000 already as customers. Further, Exabeam is monitoring another 60 F1000 organizations in pilots, with a total of 1.5 Million employee accounts being monitored for compromised credentials. The company opened UK and Germany offices in 2015, and opened offices in Singapore, Hong Kong, Japan, and Australia/New Zealand in January of this year.
The company is a leader in the User and Entity Behavior Analytics (UEBA) market, one of the fastest-growing segments within computer security. It was named a “Cool Vendor in Security Intelligence” by the analyst firm Gartner in 2015.
Exabeam positions itself as the security intelligence solution that provides the fastest time to value (typically within a day of installation) while also improving productivity of security operations. The latter is especially important since every large organization is struggling to hire the required number of security experts. Most of the others require a significant amount of collection technology to be installed, either on every PC, or else throughout the network. This means that it can take many months to implement a competitor, even for a pilot. In contrast, Exabeam works on existing log data and can be up and running and showing business value by the next morning.
The Exabeam Platform
The product from the company analyzes the millions of log records that every enterprise already collects, and then uses those to create a baseline of normal behavior for every employee and contractor on the network. The product then compares ongoing activity, for every user, to his or her normal baseline, to determine if the employee/contractor is behaving in unusual and risky ways. This is typically a signal of stolen account credentials (the common method of attack in most of the large breaches we read about) or malicious insider activity, and allows customers to detect, stop, and clean up attacks before they cause data loss.
The company’s clients are typically in the sectors that hold sensitive data and are targets for hackers: financial services, retail, healthcare, and manufacturing. It has some of the very largest financial services, retail, and healthcare providers in the US as clients. ADP (largest payroll processor) and Safeway (one of the largest grocery chains) are some of the publicly-named clients of Exabeam.
“Before Exabeam, our analysts took a lot of time to dig in and find security logs present in divergent locations and put a story together. With Exabeam, we actually get a story. Hulu is using Exabeam today, to not only detect suspicious user behavior but also to identify where our service accounts are being used, who had controlled them and what they were actually doing. After installing Exabeam, we have a much better control and insight in to the activity that our users and service accounts have across the organization. We have significantly reduced the amount of time taken for analysts to investigate incidents and show the management very explicitly what is happening on a day-to-day basis. What makes Exabeam different is that it actually uses analytics and behavior to identify problems. It is very easy to deploy and provides you with immediate results.” -Chris Hymes, Director of Information Security, Hulu
Looking at the Future
Today, Exabeam focuses on security intelligence related to SIEM. The future focus will be to continue to add new underlying data management systems as well as new applications for the company’s unique data model.
Meet the Mastermind
Nir Polak, CEO and Founder – Nir has 13 years’ experience in information security, including executive experience setting company strategy, driving execution, building new products and bringing them to market. While at Imperva, Nir set the company product strategy and launched and managed the worldwide services organization. Nir also held engineering positions at Adjungo Networks (acquired by Flash Networks) and Shopping.com (acquired by eBay). He has a Bachelor of Arts degree in computer sciences from The Interdisciplinary Center in Israel.