Adam Geller

Exabeam, the security analytics and automation company, announced a partnership with Snowflake, the Data Cloud company, to augment Snowflake data lakes with Exabeam security analytics and automation. The partnership enables organizations to identify risks and respond swiftly to incidents across their entire business ecosystem. The COVID-19 pandemic has accelerated digital transformation, expediting the move to the cloud and increasing demand for improved productivity and efficacy through automation. Organizations can now quickly move data and security to the cloud by migrating to Snowflake Data Cloud and Exabeam SaaS Cloud. Automating workflow Security teams can quickly detect, investigate and respond to complex threats with the help of analytics and automation skillsBy adding the analytics and automation capabilities of Exabeam to the data stored within Snowflake, security teams can quickly and efficiently detect, investigate and respond to complex threats. The combination of both solutions advances an organization’s security posture by automating the entire workflow from data collection through response, enabling fast and consistent outcomes. Cloud-based security analytics “With demand for cloud technology surging amid the shift to remote working, we proudly welcome Snowflake to our partner network,” said Adam Geller, Chief Product Officer, Exabeam. “Using the combination of the Exabeam Cloud Connector for Snowflake with Exabeam Advanced Analytics, joint customers can easily apply intelligence and automation capabilities to their data stored within Snowflake's platform. This addresses the increasing market need for cloud-based security analytics on third-party logs sent to Snowflake.” Identifying cyberthreats “Security data continues to grow in size and complexity, and a fragmented architecture keeps many organizations struggling to mobilize it for protecting the enterprise,” said Omer Singer, Head of Cybersecurity Strategy at Snowflake. “Snowflake’s unique architecture eliminates data silos, providing organizations a single scalable and cost-effective platform for all their data, while Exabeam’s security analytics adds intelligence and automation to strengthen an organization’s ability to identify and respond to cyberthreats across subsidiaries, geographies, and public cloud providers.” Case study In 2020, several large-scale corporate data breaches centered around compromised credentials of cloud-based data stores. In one example, more than 5 million guests of Marriott hotels were impacted when cybercriminals stole the login credentials of Marriott employees, likely through phishing or credential stuffing. The information was then used to siphon personal customer details such as birth dates, contact information, as well as hotel and airline loyalty program accounts. Technical integration Exabeam provides real-time mapping of logs stored within Snowflake and attributes all activity and behavior to users and devices Combining Exabeam’s security analytics with Snowflake’s data platform can provide protection against credential-based attacks, including insider threats. The technical integration between the Exabeam SaaS Cloud and Snowflake Data Cloud is done through the new Exabeam Cloud Connector for Snowflake, which allows for easy ingestion of data stored in Snowflake. Exabeam provides continuous, real-time mapping of logs stored within Snowflake and attributes all activity and behavior to users and devices. This attribution, with additional data and context, provides visibility into abnormal or risky activity to detect malicious insiders or attacks involving compromised credentials. As a new addition to the 40-plus existing Exabeam Cloud Connectors, the Cloud Connector for Snowflake also allows for monitoring of Snowflake audit logs in Exabeam Advanced Analytics to detect anomalous account behaviors within the application itself. Assisting security operations “The proliferation of data is central to all businesses, and so is the need to guard against malicious attacks – especially now, as enterprises rely so heavily on data clouds like Snowflake,” added Chris Stewart, Senior Director, Business Development for Exabeam.  “This partnership advances our mission to assist security operations teams in quickly detecting, investigating, and responding to incidents throughout the enterprise.”

Exabeam, the Smarter SIEM™ company, announced the appointment of industry veteran and former Gartner analyst Gorka Sadowski to chief strategy officer. Exabeam has grown rapidly over the past six years as it has executed on its vision for enhancing security teams with analytics and automation. As the types of attacks and number of attackers proliferate, strategic clarity becomes increasingly important to meet future demands, both for Exabeam and its customers. Sadowski’s guidance will be especially important at a time when so many security organizations are under-staffed and feeling overwhelmed by the number of security events they have to investigate. Sustaining corporate strategic initiatives In his role, Sadowski will be responsible for developing, executing and sustaining corporate strategic initiatives In his role, Sadowski will be responsible for developing, executing and sustaining corporate strategic initiatives. He will also serve as a sounding board for the Exabeam product roadmap and vision to drive growth. Reporting directly to CEO Nir Polak, he’ll work with professionals across the organization on cross-functional initiatives and educate prospective customers, partners, analysts and media on the value of analytics and automation in a security program. Throughout Sadowski’s 30-year cybersecurity career, he has held roles spanning marketing, business development, strategy and sales and gained a deep understanding of the trends and risks of the industry. Before joining the Exabeam team, he served as a senior director and analyst at Gartner, focused on security operations for the IT industry. Managed detection and response At the analyst firm, he was responsible for consulting with clients and working with a wide variety of security vendors to drive coverage for SIEM, SOC futures and trends, and managed detection and response (MDR). He authored and co-authored Gartner’s Magic Quadrant and Critical Capabilities research on SIEM. Prior to joining Gartner, Sadowski also served as the director of business development at Splunk, where he was responsible for building the security ecosystem from strategy to execution. He was also responsible for creating and implementing Splunk’s Partner Pavilion at Splunk, where he was first introduced to Exabeam. Security analytics space Before his tenure at Splunk, he established presence for LogLogic in Southern Europe, ran security go-to-market activities At this event, he saw Exabeam emerge as the most promising organization in the security analytics space. Before his tenure at Splunk, he established presence for LogLogic in Southern Europe, ran security go-to-market activities, including security consulting, delivery and service packaging, for Unisys in France, and launched the first partner-led intrusion detection and prevention system (IDPS) in the industry as head of NetScreen’s emerging technology efforts. “The security industry is further aligning to the concept of the customer journey with an iterative and continuous improvement model -- a journey that Exabeam has been on for quite some time,” said Polak. “We are excited to welcome Gorka to the team, as he thoroughly understands what security analysts and leaders need in this competitive market. He has watched us skyrocket from a supplemental technology adding intelligence to vendors like Splunk to also being a SIEM market leader in our own right, and we look forward to the knowledge he will bring to accelerate our growth and industry disruption further.” Prevention and detection and response – Balance approach With investments shifting from preventative measures to a more balanced approach between prevention and detection and response, Sadowski’s expertise will drive Exabeam’s strategy to further align with the needs of the market. Sadowski will work closely with Chief Product Officer Adam Geller to improve how analysts detect and respond to advanced threats such as insider threats and credential-based attacks, with technologies such as the Exabeam Cloud Platform and Exabeam Advanced Analytics. Network security industry “Rarely have I seen such a combination of strategic acumen and execution capabilities in the network security industry. After observing and knowing Exabeam over the years, I am overjoyed to join the company,” Sadowski said. “As the cyberthreat landscape becomes more complex in our distributed but connected world, it is more crucial than ever before to arm security teams with the right tools they need to win the war against cyber adversaries. I look forward to working closely with Nir and the rest of the leadership team to identify key corporate initiatives to further establish Exabeam as the go-to leader in the market.”

During the Black Hat USA 2020 Virtual Event, Exabeam, the Smarter SIEM™ company, announced that customers can now license its cloud SIEM technology by use case, beginning with licensable use cases for expedited insider threat and compromised credential detection. In addition, to simplify the process of acquiring and installing critical security content, the company is unveiling the new Exabeam Content Library, an easy-to-use security content repository to help organizations deploy advanced use cases more efficiently. Exabeam use case content increases threat visibility and enables security operations center (SOC) teams to extract more value from their SIEM. According to the ‘Exabeam 2020 State of the SOC Report,’ security managers and analysts rated their ability to create content the lowest among all hard skills, yet creating rules and models to detect advanced threats, like lateral movement and credential switching, is critical to their security maturity. By providing a simple way to acquire the content needed to detect and remediate these critical security use cases, Exabeam is speeding the time to maturity for organizations. Security business needs “Security use cases for a SIEM tool should be a priority in the CISO’s tool box, and should not only cater to basic security hygiene, for which best practices exist, but also cater to the business needs of the organization,” wrote Gorka Sadowski, senior director analyst at Gartner in a Gartner report. The Content Library is an online repository of knowledge and content that organizations can use to roll out new use cases. The initial release allows customers to quickly map data sources to security use cases and to download the necessary parsers. Exabeam is also announcing new, easy-to-implement content and tools to help customers maintain security as they adapt to a remote workforce. Investigate data exfiltration Exabeam is further enabling security teams to rapidly obtain value by detecting insider threats" Exabeam Cloud Connector for Code42 allows security teams to quickly detect and investigate data exfiltration by departing and remote employees, as well as the leak of high value data during a merger or acquisition. This announcement follows the previous release of the Exabeam Cloud Connector for Zoom. The ability for Exabeam solutions to easily plug into existing security environments enhances SOC team speed and efficacy. “New research shows that one-third of organizations have been hit with successful cyberattacks since the forced move to work from home. As security teams rush to respond to the pandemic and the increase in threats, it is critical that they find cost-effective ways to strengthen and mature their security posture,” commented Adam Geller, chief product officer, Exabeam. “In announcing these innovations, Exabeam is further enabling security teams to rapidly obtain value by detecting insider threats and compromised credentials and improving their security posture for remote employees.” Turnkey Playbooks “Unlike other SIEM vendors, Exabeam has allowed us to quickly add analytics to detect and investigate insider threats without having to replace our existing log management investment,” explained Director Damien Manuel, Cyber Security Research and Innovation Center at Deakin University. “That’s a critical capability in the context of constantly evolving risks and potential vulnerabilities, and it gives us a smarter strategy to protect our organization, employees, customers and data.” Exabeam has also released the first of its previously announced Turnkey Playbooks, automated solutions for common security investigations that do not require third-party licenses or configuration. The new Turnkey Playbook for Threat Intelligence automatically identifies malicious domains, IP addresses, URLs, files, and email addresses with no additional configuration or third-party threat intelligence licenses required.

Exabeam, the Smarter SIEM company, announced the appointment of former Palo Alto Networks executive Adam Geller to Chief Product Officer. In his role, Geller will be responsible for aligning the product and engineering departments to drive strategy and innovation to Exabeam’s portfolio and will report directly to CEO Nir Polak. Throughout Geller’s 20-year career in the information security industry, he has led product teams to build and deliver cutting-edge security offerings. Before joining the Exabeam team, he served as Senior Vice President of Cloud Delivered Security, Product and Engineering at Palo Alto Networks. Cloud access security broker During his tenure at the network security firm, he led the cloud transformation of the company by launching the VM-Series next-generation firewalls across multiple public and private clouds, growing cloud access security broker (CASB) and new data loss prevention (DLP) capabilities for SaaS security, and driving the expansion into securing public cloud infrastructure with the acquisitions of Evident and RedLock. Geller’s expertise will serve to build out Exabeam’s entire cloud portfolio, including the Exabeam Cloud Platform  Most recently, he developed and ran Palo Alto Networks’ SASE (Prisma Access and SD-WAN), which runs as a global cloud service in both Amazon Web Services and Google Cloud Platform. Prior to Palo Alto Networks, Geller led the development of NTT Ltd.’s next-generation managed security services platform and worked with cyber security and technology companies Symantec and Verisign. Cloud-based security tools With more organizations adopting cloud-based security tools to adapt to the increase in targeted cyber threats and remote work environments, Geller’s expertise will serve to build out Exabeam’s entire cloud portfolio, including the Exabeam Cloud Platform (ECP) launched earlier this year. Since the debut, Exabeam’s cloud services have become highly sought after by enterprises around the world. More than half of the company’s sales in 2020 have been from cloud services. The momentum has been built on consistent improvements to Exabeam’s cloud-first product and partner strategy, including the ECP, Exabeam SaaS Cloud Essential for SMEs and an enhanced partner program accessible via the cloud for MSSPs and managed detection and response (MDR) providers. Geller will continue this momentum in conjunction with the company’s technology partners. Rapidly growing SaaS practice His experience and discipline will ensure we continue our trajectory to become the overall SIEM market leader" “A strong product with an equally advanced partner ecosystem play is key for any SIEM solution, and Geller will be responsible for ensuring alignment for our continued success,” said Polak. “We are excited to welcome him to the team, as he thoroughly understands what is needed in today’s growing market and has a proven track record of leading product teams at scale. His experience and discipline will ensure we continue our trajectory to become the overall SIEM market leader, and his cloud expertise will help drive our already rapidly growing SaaS practice.”   Security management solutions “I am looking forward to leading the direction of Exabeam’s security management solutions, which have already made a significant impact in the SIEM market to date,” said Geller. "As cyber threats continue to evolve, it is more critical than ever to help our clients predict security incidents and enforce response postures on-premise and in the cloud. With more teams working remotely, the shift to meeting and collaborating online in a cloud-based work environment is a learning curve for most security organizations. I look forward to creating solutions that will make it possible for them to best protect their businesses in today’s new world.”