Exabeam is expanding its partnership with Google Cloud in the development of generative artificial intelligence (AI) models in its cloud-native New-Scale SIEM product portfolio. As a Google Cloud partner, the collaborative development process on Google Cloud generative AI products will accelerate the design of AI-based security product enhancements for Exabeam.

By tapping into Google Cloud’s Vertex AI platform, Exabeam’s AI and ML capabilities are further evolving to simplify threat detection, investigation and response (TDIR) design and workflows for engineers, analysts, threat hunters, managers, and CISOs. Exabeam New-Scale SIEM is designed to allow customers to experience faster parsing and data onboarding, higher fidelity detections, investigation productivity gains, and a stronger overall security posture.

“We chose to build the Exabeam Security Operations Platform on Google Cloud, not only for its hyperscale and speed, but for its ability to support the type of technically advanced security products we build at Exabeam. Google Cloud’s current and future innovation in AI are the perfect complement to our security market-focused AI capabilities,” said Adam Geller, CEO, Exabeam. “We look forward to unveiling the generative AI advancements in New-Scale SIEM that are underway with Google Cloud to modernize security operations in new and previously unimaginable ways.”

Exabeam developed its user and entity behavior analytics (UEBA) by leveraging machine learning (ML), one of the earliest applications of AI in the security information and event management (SIEM) and security markets. Exabeam said it was one of the first to use AI to increase the accuracy and speed of threat detections and also automate investigations.

In order to counteract alert fatigue faced by security analysts industrywide, Exabeam leveraged ML early to cluster, add context to, and reduce the number of alerts with notable events or users to help improve security team productivity. Exabeam’s ML-based Smart Timelines are pre-built timelines designed to automatically reconstruct the events underlying a security incident.