Industry-first capability designed to slash investigation times and help security analysts and threat hunters quickly see what’s happening.
Global cybersecurity company Exabeam announced its Investigation Timelines™ within the Exabeam Search™ application at RSA Conference 2024 in California. The powerful new capability on the Exabeam Security Operations Platform™ is an industry first, Investigation Timelines break down silos and simplify investigations for security analysts with integrated cross-platform workflows. Designed to empower security teams amid growing threats and skills shortages, this innovative capability provides instant visualizations of chronological events for any search result or filter.
“Security operations personnel are struggling to keep pace with cyberthreats, including those increasingly fueled by AI. They’ve been asking for the ability to automate analysis workflows and streamline the examination of incidents, and we’re delivering the ability to timeline anything to help significantly decrease response times,” said Steve Wilson, Chief Product Officer at Exabeam. “Investigation Timelines are not just a technological advancement—they are a strategic ally and guide, helping analysts understand the chronological story of what took place before, during, and after an attack, piece together what really happened, and shut adversaries down.”
An evolution of Exabeam’s revolutionary Smart Timelines™, Investigation Timelines go much deeper and are designed to allow analysts to timeline any entity, artifact, or field within the Search experience. This means they can now build timelines not just for users and hosts but applications and processes too. In addition, analysts can build timelines that group any of these details together. The timelines offer more granular visibility and at the same time simplify the overall investigation experience.
“Investigation Timelines expand the scope of what analysts can see and essentially bring Exabeam’s well-known Smart Timelines into Exabeam Search so that they no longer have to pivot between views during investigations,” said Lindbergh Caldeira, Cyber Security Operations Manager, SA Power Networks. “The new timelines greatly speed up threat hunting by giving far more context inside Search which will make it even easier to explain what happened around any suspicious activities.”
Investigation Timelines is designed to help security analysts and threat hunters solve many of their key challenges:
Investigation Timelines is designed to transform the way security teams perform threat detection, investigation, and response (TDIR) and is expected to be generally available in Q2 2024.
Tune in to hear from Chris Brown, Vice President of Sales at CADDi, a leading manufacturing solutions provider. We delve into Chris’ role of expanding the reach of CADDi Drawer which uses advanced AI to centralize and analyze essential production data to help manufacturers improve efficiency and quality.