Alienvault USM Anywhere Logo
Skip to content

Castra Manages Your Exabeam Fusion SIEM


The History of Castra and Exabeam

Castra has been successfully using Exabeam for several years, for both our clients and ourselves. In fact, in 2018 we swapped our SIEM 1.0 platform for Exabeam for better visibility, analytics, workflow and overall risk management.

You’re in the best hands possible. Since 2012, Castra has deployed SIEM in over 2,000 organizations globally. Our SOC is second to none and is filled with well trained, US-Based, diligent Analysts who are all Exabeam experts with several years of Security Operations experience. Our glass box approach coupled with a near 100% renewal rate is why we recently won Exabeam’s MSSP Partner of the Year, and Technical Person of the Year Awards.

Castra's Favorite Things About Exabeam

  • Data Lake, Advanced Analytics, Case Manager, Entity Analytics, Cloud Connectors - the perfect bundle
  • Excellent data usage model. Starts at 50GB/day and can easily scale to 5TB/day and higher
  • Machine Learning, granting the ability to model account and/or asset behavior
  • UEBA (User Entity Behavior Analytics) is superior to any human written SIEM 1.0 correlation rule
  • Ability to craft custom rules and custom models
  • Easy to extract smart timelines for investigations
  • Long term intuitive, active searching
  • Strong Dashboard, visualization and reporting capabilities
  • Robust, automated incident response ability

Exabeam Fusion SIEM Architecture

Providing all of the Exabeam Fusion SIEM solutions as a cloud service, SaaS Cloud.Offerings include:

  • Exabeam Data Lake
  • Exabeam Cloud Connectors
  • Exabeam Cloud Archive
  • Exabeam Advanced Analytics
  • Exabeam Entity Analytics
  • Exabeam Threat Hunter
  • Exabeam Case Manager
  • Exabeam Incident Responder(SOAR) (Security Orchestration Automated Response)
  • Exabeam Frozen Data Lake



Managed Detection and Response Services for Exabeam include:

      • Expert assistance on new service deployment from Security Operations Team
      • Designated Primary Security Analyst and 24x7 SOC
      • Documented Incident Response Plan
      • Training and enhancing Exabeam’s Machine Learning
      • Proactive tuning, customer notification and orchestrated response post incident detection
      • Advanced alarm and orchestration response
      • Intensive analysis of customer needs and network environment
      • Anomali Threatstream integration - best-in-class threat intelligence platform (TIPS
      • Custom behavioral modeling and detection rules for improved alarming
      • Custom notifications for alarm outputs
      • Compliance-Based Dashboards
      • Custom Reporting
      • Scheduled teleconferences with Security Operations Team covering:
      • Alarm review and noise reduction
      • Capacity planning
      • Risk posture adjustments
      • 24×7 health monitoring by Security Operations Team
      • Cloud-based platform continuously monitors:
      • Hardware and software stats
      • Event flow rates
      • Capacity and performance information
      • Proactive tuning and customer notification upon problem detection
    illustrated graph on hexagons

    Exabeam MDR Case Studies

    Vensure HR Case Study

    6 Tiers of MDR Service Fit Your Organization’s Needs



    1-1000 Users

    • 24/7 Proactive Threat Detection
    • 24/7 SOC2 Type II Security Operation Center
    • Custom Notifications, Dashboards and Reports
    Learn More


    1-1000 Users

    • EDR/XDR Licensing
    • 24/7 Security Operations Center
    • Primary Security Analyst
    • 24/7 Premium Alarm Monitoring & Response
    • Custom Reporting and Dashboards
    Learn More


    1-5000 Users

    • EDR/XDR License
    • Customize Threat Detection
    • 24/7 Alarm Monitoring & Response
    Learn More

    MXDR Pro

    1-5000 Users

    • EDR/XDR License
    • Anomali ThreatStream License
    • Threat Hunting Pro
    • Customized Threat Detection
    Learn More

    MXDR Enterprise

    5000+ Users

    • EDR/XDR License
    • Anomali ThreatStream License
    • Threat Hunting Pro
    • Customized Threat Detection
    Learn More

    Request a Demo