Exabeam partners with Vectra AI to boost cloud threat defence
Exabeam has announced a partnership with Vectra AI to integrate the Exabeam New-Scale Security Operations Platform with the Vectra AI Platform.
The collaboration aims to address the challenges faced by security teams in identifying advanced threats, particularly those that move laterally across cloud environments. Many existing solutions, originally developed for on-premises systems, struggle to detect these attacks, resulting in delayed responses and increased manual workloads for analysts.
The integration combines Exabeam's SIEM, user and entity behaviour analytics (UEBA), and automated workflows with Vectra AI's network detection and response (NDR) capability. According to Exabeam, this unified solution will centralise visibility, accelerate threat detection, and streamline investigation processes across cloud-based environments.
Vectra AI's platform provides visibility into lateral threat movement by monitoring activity both east-west and north-south across a variety of network architectures, including data centres, campus facilities, remote workspaces, cloud, and operational technology (OT) environments. By incorporating Vectra AI's analytics into the Exabeam infrastructure, the two companies aim to give security teams improved detection and response capabilities.
Steve Wilson, Chief AI and Product Officer at Exabeam, said, "Teaming up with Vectra AI, isn't just a partnership, it's a power move. We need to shift the balance in cybersecurity, putting defenders back in control. With their cloud threat intel and our AI-driven platform, we're exposing the threats others miss and flipping the script on what modern threat detection looks like."
The integration is designed to provide a number of practical benefits. Accelerated threat detection is achieved by consolidating security data from various sources and automating processes throughout the security operations centre (SOC) stack. This allows analysts to identify and respond to incidents faster and with greater accuracy.
Enhanced visibility is another feature, with the combined platform able to detect network-based risks throughout cloud infrastructures by leveraging behavioural analytics. This helps security teams spot lateral movement, insider threats, and post-compromise activities that traditional tools might overlook.
Streamlined operations are facilitated by out-of-the-box integration features. These include prebuilt mappings, a preconfigured Vectra AI dashboard tile, and webhook collectors, all of which are intended to speed up deployment and reduce ongoing operational complexity for SOC teams.
Jeff Reed, Chief Product Officer at Vectra AI, said, "Security teams today need visibility to stay ahead of advanced threats, especially as attacks become more complex and move across hybrid and cloud environments. By integrating Vectra AI's advanced NDR with Exabeam's powerful SIEM and automation capabilities, we're empowering teams with a unified, intelligent platform to quickly identify, investigate, and stop threats before they escalate. This partnership is a major step forward in modernising security operations for the AI-driven threat landscape."
The partnership is built on the understanding that today's threat landscape is increasingly shaped by cloud adoption and remote work, where attack vectors are more diverse and attacks often bypass traditional network boundaries. By providing centralised and integrated defence tools, Exabeam and Vectra AI aim to help organisations keep pace with these developments and reduce the burden on security staff.
Analysts using the integrated platform are expected to benefit from simplified incident investigations, less manual effort, and improved overall security outcomes. The new solution is positioned as addressing a market demand for unified threat detection and response that adapts to both legacy systems and modern, cloud-native environments.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
Techday NZ
22-05-2025
- Techday NZ
Survey reveals gap between threat intelligence & execution
A new survey has highlighted a disconnect between the importance organisations place on threat intelligence and their ability to implement it effectively. The research, conducted by Cyware, collected responses from 100 cybersecurity executives and professionals working across enterprises, government agencies, and service providers. Nearly all respondents (92%) described operationalising threat intelligence as either "absolutely crucial" or "very important" in their organisations' efforts to combat cyber threats. Despite this consensus, only 13% of those surveyed reported satisfaction with their automation between cyber threat intelligence (CTI) and security operations (SecOps) tools. The survey also found that nearly 40% of participants experienced difficulty coordinating data between critical security systems such as Threat Intelligence Platforms (TIPs), Security Information and Event Management (SIEM) tools, and vulnerability management platforms. Speaking on the findings, Anuj Goel, Co-founder and Chief Executive Officer of Cyware, stated: "The RSAC survey data reveals a serious gap between that belief and the operational reality. Threat intelligence isn't just about collecting data - it's about connecting people, processes, and platforms to act on it. These findings reinforce the need for more unified, automated, and collaborative approaches to security operations." Internal collaboration and automation maturity were flagged as key areas where organisations fall short. Although almost all those surveyed regard threat intelligence sharing as fundamental, only a small proportion felt their automation systems worked well in practice. Artificial intelligence (AI) is seen as a promising area for improving threat intelligence processes, with 78% of respondents believing AI will enhance threat intel sharing within their organisations. However, only 43% reported that AI has already made a meaningful impact, pointing to difficulties in implementing AI solutions and integrating them into existing security processes. The Cyware survey also drew attention to the timeliness of threat intelligence sharing. Only 17% of teams said they disseminate threat intelligence among key roles — such as SecOps, incident response, and vulnerability management - in real time, while another 25% do so on a daily basis. At the same time, 22% indicated that information is shared infrequently or not at all, raising questions about internal communication and responsiveness to emerging threats. External collaboration with industry peers for the purpose of improving threat intelligence is another area identified for additional growth. According to the survey, while 57% of respondents claimed that their organisation collaborates with other companies in their sector, a significant 30% were unsure if this kind of peer cooperation even exists at their workplace. Automation challenges remain evident, with more than half (56%) of survey participants reporting significant or moderate obstacles in automating workflows across CTI and SecOps teams. This suggests that technical, procedural, or organisational hurdles are hampering efforts to scale effective threat intelligence practices. Additionally, participation in Information Sharing and Analysis Centres (ISACs) or similar organisations is relatively low. Only 18% confirmed their organisation is involved with such groups, while 45% were unaware of any such participation. The lack of engagement or awareness about ISACs could be limiting access to valuable, sector-specific threat information, potentially reinforcing the existing silos within the threat intelligence community. The survey's findings align with a broader trend: as cyber threats evolve and become more complex, organisations face mounting pressure to bridge the gap between recognising the importance of threat intelligence and actually executing it through internal collaboration, real-time sharing, automation, and peer engagement.
Techday NZ
21-05-2025
- Techday NZ
Exabeam partners with Vectra AI to boost cloud threat defence
Exabeam has announced a partnership with Vectra AI to integrate the Exabeam New-Scale Security Operations Platform with the Vectra AI Platform. The collaboration aims to address the challenges faced by security teams in identifying advanced threats, particularly those that move laterally across cloud environments. Many existing solutions, originally developed for on-premises systems, struggle to detect these attacks, resulting in delayed responses and increased manual workloads for analysts. The integration combines Exabeam's SIEM, user and entity behaviour analytics (UEBA), and automated workflows with Vectra AI's network detection and response (NDR) capability. According to Exabeam, this unified solution will centralise visibility, accelerate threat detection, and streamline investigation processes across cloud-based environments. Vectra AI's platform provides visibility into lateral threat movement by monitoring activity both east-west and north-south across a variety of network architectures, including data centres, campus facilities, remote workspaces, cloud, and operational technology (OT) environments. By incorporating Vectra AI's analytics into the Exabeam infrastructure, the two companies aim to give security teams improved detection and response capabilities. Steve Wilson, Chief AI and Product Officer at Exabeam, said, "Teaming up with Vectra AI, isn't just a partnership, it's a power move. We need to shift the balance in cybersecurity, putting defenders back in control. With their cloud threat intel and our AI-driven platform, we're exposing the threats others miss and flipping the script on what modern threat detection looks like." The integration is designed to provide a number of practical benefits. Accelerated threat detection is achieved by consolidating security data from various sources and automating processes throughout the security operations centre (SOC) stack. This allows analysts to identify and respond to incidents faster and with greater accuracy. Enhanced visibility is another feature, with the combined platform able to detect network-based risks throughout cloud infrastructures by leveraging behavioural analytics. This helps security teams spot lateral movement, insider threats, and post-compromise activities that traditional tools might overlook. Streamlined operations are facilitated by out-of-the-box integration features. These include prebuilt mappings, a preconfigured Vectra AI dashboard tile, and webhook collectors, all of which are intended to speed up deployment and reduce ongoing operational complexity for SOC teams. Jeff Reed, Chief Product Officer at Vectra AI, said, "Security teams today need visibility to stay ahead of advanced threats, especially as attacks become more complex and move across hybrid and cloud environments. By integrating Vectra AI's advanced NDR with Exabeam's powerful SIEM and automation capabilities, we're empowering teams with a unified, intelligent platform to quickly identify, investigate, and stop threats before they escalate. This partnership is a major step forward in modernising security operations for the AI-driven threat landscape." The partnership is built on the understanding that today's threat landscape is increasingly shaped by cloud adoption and remote work, where attack vectors are more diverse and attacks often bypass traditional network boundaries. By providing centralised and integrated defence tools, Exabeam and Vectra AI aim to help organisations keep pace with these developments and reduce the burden on security staff. Analysts using the integrated platform are expected to benefit from simplified incident investigations, less manual effort, and improved overall security outcomes. The new solution is positioned as addressing a market demand for unified threat detection and response that adapts to both legacy systems and modern, cloud-native environments.
Techday NZ
15-05-2025
- Techday NZ
AI impact on APAC cybersecurity teams divides leaders & analysts
Research by Exabeam has highlighted a significant disconnect between the perceived and actual impact of artificial intelligence (AI) on cybersecurity operations among executives and front-line analysts in the Asia Pacific and Japan (APJ) region. The Exabeam report, "From Hype to Help: How AI Is (Really) Transforming Cybersecurity in 2025," found that while there is broad adoption of AI tools, perceptions of their value in improving productivity differ sharply between security team leadership and security analysts charged with daily tool operation. Data from the survey reveals that 71% of executives in APJ believe AI has brought about substantial productivity gains for their security teams. In contrast, only 5% of security analysts—those directly operating AI technology—shared that view. This marked divergence is more than a simple difference of opinion and points to deeper issues with operational effectiveness and trust in AI-driven processes. Executives tend to cite AI's capacity to lower costs, streamline workflows, and strengthen strategic capability. However, front-line analysts report an alternative experience shaped by issues such as an ongoing stream of false positives, heightened alert fatigue, and an enduring need for human oversight, which challenge the effectiveness of AI tools in day-to-day security operations. The research suggests that for many organisations, the introduction of AI has not removed the burden of manual work for analysts, but has instead altered its nature or shifted it elsewhere within team processes. This dynamic may indicate that organisational leadership has overestimated both the maturity and reliability of current AI tools, while potentially underestimating the complexity involved in practical implementation across diverse security environments. "There's no shortage of AI hype in cybersecurity — but ask the people actually using the tools, and the story falls apart," said Steve Wilson, Chief AI and Product Officer at Exabeam. "Analysts are stuck managing tools that promise autonomy but constantly need tuning and supervision. Agentic AI flips that script — it doesn't wait for instructions, it takes action, cuts through the noise, and moves investigations forward without dragging teams down." The report does find consistent acknowledgement of AI delivering the most tangible impact in specific cybersecurity processes, particularly in threat detection, investigation, and response (TDIR). Within APJ, 46% of participating security teams stated AI has led to productivity improvements in these areas by automating repetitive analytical tasks, reducing the volume of alerts analysts need to review, and shortening the time required to gain meaningful insights from system data. AI-driven solutions were observed to have improved anomaly detection, provided faster mean time to detect (MTTD), and enabled more effective use of user behaviour analytics to identify potential threats. Despite these positive indicators, trust in the autonomy of AI remains limited. Only 23% of APJ security teams reported being confident in allowing AI to take action without human intervention. Many in the industry believe that successful performance must come before trust, with organisations not looking to fully delegate responsibility but hoping that AI can scale beyond the current limits of human analysis by consistently delivering accurate results and automating labour-intensive workflows. AI adoption is also leading to structural changes in the composition of security teams across the region. More than half the APJ organisations surveyed said they had restructured their teams in response to the introduction of AI solutions. Within this group, 31% have reduced their workforce due to automation, while 23% are hiring in specialised areas such as AI governance, automation oversight, and data protection. These structural adjustments reflect the emergence of a new operational model for security operations centres (SOCs), where the aim is for so-called agentic AI to support swifter decision-making, enhance the depth of investigative work, and allow human personnel to focus on higher-value tasks. The Exabeam report also highlights marked regional differences in both AI adoption and its perceived impact on productivity. Across the surveyed regions, organisations in India, the Middle East, Turkey, and Africa (IMETA) reported the most significant productivity gains linked to AI (81%), followed by those in the United Kingdom, Ireland, and Europe (UKIE) at 60%. APJ organisations reported an AI-driven productivity boost of 46%, which is slightly higher than the 44% reported by North American organisations. Findings from the research underline the need for closer alignment between leadership aspirations and operational execution as AI becomes further embedded in cybersecurity practices. Exabeam notes that organisations seeking to narrow the gap between strategic intent and practical outcomes should consider deploying agentic AI for its more proactive capabilities. Organisations are encouraged to involve security analysts in technology deployment decisions and focus on measurable outcomes over promotional claims. The research was conducted by Sapio Research for Exabeam during February and March 2025 through a global survey of 1,000 cybersecurity professionals from 17 countries, including participants from a range of sectors such as finance, manufacturing, healthcare, and government. The definition of AI within the survey was deliberately broad to encompass a range of tools including machine learning, generative AI, and agentic systems.
