Security Operations Platform with Threat Center and Copilot

Security Operations Platform with Threat Center and Copilot - Image by Vilius Kukanauskas on Pixabay

Share post

Exabeam's Security Operations Platform gets two new key cybersecurity features: Threat Center and Copilot. The solution combines threat management, investigation tools and automation with a generative AI model.

Threat Center is the first combination in the market to provide a unified threat detection, investigation and response (TDIR) workbench that simplifies and centralizes security analyst workflows. The Copilot feature uses generative AI to help analysts quickly understand active threats and provide best practices for rapid response. These innovations significantly shorten security analysts' learning curve and accelerate their productivity in the SOC. The new features will be available from March 2024.

Details from Threat Center and Exabeam Copilot

Threat Center brings together threat management, investigation tools, and automation to investigate and respond to threats faster and more efficiently. Powered by an advanced security-trained generative AI model, Exabeam Copilot improves security analyst research. Using Threat Center with Exabeam Copilot, analysts can

  • Detect when multiple alerts are related to a single threat and uncover everything that is happening.
  • Perform complex, powerful searches in simple, natural language.
  • Understand a threat and respond appropriately using generative AI explanations for clear communication across organizations.
  • Automate routine tasks, uncover hidden threats and significantly reduce response times.
  • Prioritize alerts and cases with contextual risk ranking.
  • Reduce the number of alarms to investigate by grouping detections related to related entities and events.
  • Optimize SOC team collaboration through peer engagement, case escalation, and shared notes.
  • Visualize evidence with interactive threat timelines and instant access to relative data - including behavioral models, users and endpoints.
  • Create automation rules that are critical to SOC workflows, such as: E.g. escalating specific alarms to cases or queues via APIs or webhooks.
  • Use pre-built playbooks that can be viewed, disabled, or cloned for easy customization.

More security for Microsoft Sentinel users

In addition to the new features, Exabeam announced that customers can now add Exabeam's TDIR capabilities to Microsoft Sentinel. This allows Sentinel users to see new threats with more comprehensive insights and automate workflows, as well as ingest data from a wide range of security products and accelerate the TDIR capabilities of their SIEM deployment. The Collector for Microsoft Sentinel joins the list of supported SIEM products such as Splunk and IBM QRadar.

“We built Threat Center with Exabeam Copilot to provide security analysts with a simple, centralized interface to run their core TDIR functions, automate routine tasks, and accelerate investigations for analysts of all skill levels,” said Steve Wilson, Chief Product Officer at Exam beam.

“These new capabilities increase the value of our AI-driven security operations platform and take analyst productivity, efficiency and effectiveness to new levels. Threat Center helps security analysts address one of the biggest challenges we've heard from them - dealing with too many fragmented interfaces in their environments. By combining Threat Center with Exabeam Copilot, we not only improve security analysts’ workflows, but also make their jobs easier.”

More at


About Exabeam

Exabeam stands for Smarter SIEM ™. Exabeam enables companies to more efficiently detect, investigate, and respond to cyberattacks so their security and insider threat teams can operate more efficiently. Security organizations no longer have to live with inflated prices, missed distributed attacks and unknown threats or manual investigations and countermeasures. With the Exabeam Security Management Platform, security analysts can collect unlimited log data, use behavioral analysis to detect attacks and automate the response to incidents, both on site and in the cloud. Exabeam Smart Timelines, sequences of user and entity behavior created through machine learning, further reduce the time and specialization required to identify attacker tactics, techniques and procedures. Exabeam is privately funded by Aspect Ventures, Cisco Investments, Icon Ventures, Lightspeed Venture Partners, Norwest Venture Partners, Sapphire Ventures and well-known security investor Shlomo Kramer. More information is available at Follow Exabeam on Facebook, Twitter, YouTube or LinkedIn.


Matching articles on the topic

Security Operations Platform with Threat Center and Copilot

Exabeam's Security Operations Platform gets two new key cybersecurity features: Threat Center and Copilot. The solution combines threat management and investigation tools ➡ Read more

IT security: Workstations are unoccupied for months  

Skills shortage as a cybersecurity vulnerability? According to a study by Kaspersky, half (49 percent) of the companies surveyed in Europe require over one ➡ Read more

CRITICISM: OT and IoT network anomalies are ubiquitous 

A new report shows that network anomalies and attacks are the most common threats to OT and IoT environments, especially in the area of ​​critical infrastructure. ➡ Read more

Dangerous misconception: “We have no IT vulnerabilities”

“We have taken good precautions and I believe that we are well protected.” This often-uttered sentence creates a false sense of security ➡ Read more

New danger: AI DarkGemini fulfills hackers' wishes

In addition to Google's AI Gemini, DarkGemini has now appeared and fulfills the wishes of cyber gangsters and malware writers. There are still first editions ➡ Read more

Protect dynamic attack surfaces in the cloud

More and more companies are moving digital assets to the cloud. As a result, the IT attack surface expands and becomes, ➡ Read more

Phishing: This is how employees avoid cyber criminals’ traps

In phishing attacks, even one wrong mouse click can cause millions in damage. To ensure that employees make the right decision if the worst comes to the worst, ➡ Read more

German companies: 4th place among global ransomware victims

Check Point's Threat Intelligence Research Division (CPR) has released its 2024 Annual Cyber ​​Security Report. This year's edition takes the ➡ Read more