Exabeam SMP enhancements help orgs defend against threats to cloud-based data
Exabeam announced a major enhancement to the Exabeam Security Management Platform (SMP), enabling organizations to detect improper access of cloud storage objects and defend against threats to cloud-based data, such as attackers exfiltrating sensitive data or hosting malicious files.
By ingesting audit data from Amazon Simple Storage Services (Amazon S3), Microsoft Azure Blobs and Google Cloud Platform Cloud Storage buckets, Exabeam can distinguish malicious activity from normal behavior and allow security analysts to easily identify and follow attacks on cloud storage objects before they lead to a security breach.
“Exabeam enables us to extend security to our cloud-based data,” commented Richard Clark, VP, global technical security at cxLoyalty.
“By understanding normal activity for cloud storage objects, we can identify anomalies based on deviations from typical behavior and detect potential threats. This level of visibility will empower our security analysts to take the necessary steps to secure our cloud-based data.”
A recent Exabeam study revealed that 88% of security practitioners reported an accelerated move to the cloud in the face of the worldwide pandemic and remote work shift.
Recognizing an opportunity, cloud data storage is increasingly targeted by cybercriminals who exploit configuration errors to access sensitive data — an attack strategy that can remain undetected by the victim.
To prevent sensitive data, such as personal or customer details and API data, being exposed from compromised databases, organizations need visibility into their cloud storage object activity.
Exabeam now delivers enhanced visibility across cloud storage objects by monitoring and identifying malicious activity and behavioral anomalies from a single platform.
Exabeam Smart Timelines place security alerts in the context of the user or cloud storage object they are associated with, so analysts are able to conduct rapid incident investigation and prioritize security alerts. Placing events in context ensures organizations can easily follow attacks that span between users and cloud storage objects.
Behaviors that Exabeam can help identify and investigate that aren’t detected natively include but aren’t limited to:
- Users who create or attach policies denoting universal access
- A user’s first time or abnormal access to cloud storage objects within an organization
- Abnormal amounts of data being sent from buckets
- Enumeration of cloud storage objects
- Additional irregular cloud admin activity
“As more organizations recognize the benefits offered by the leading cloud storage providers, they also need to prioritize updating their security posture to address risk factors, such as configuration errors, that can put their data at risk,” said Adam Geller, chief product officer, Exabeam.
“By extending the capabilities of the Exabeam SMP, we are enabling organizations to detect user patterns across hybrid environments. This allows them to identify risk, mitigate its impact and maximize the value of these critical cloud services.”