<img height="1" width="1" style="display:none;" alt="" src="https://px.ads.linkedin.com/collect/?pid=2815180&amp;fmt=gif">
Alienvault USM Anywhere Logo
Skip to content

Castra Manages Your Exabeam SIEM


The History of Castra and Exabeam

Castra has been successfully using Exabeam Fusion SIEM for several years, for both our clients and ourselves. In fact, in 2018 we swapped our SIEM 1.0 platform for Exabeam for better visibility, analytics, workflow and overall risk management.

You’re in the best hands possible. Since 2012, Castra has deployed SIEM in over 2,000 organizations globally. Our SOC is second to none and is filled with well trained, US-Based, diligent Analysts who are all Exabeam experts with several years of Security Operations experience. Our glass box approach coupled with a near 100% renewal rate is why we recently won Exabeam’s MSSP Partner of the Year, and Technical Person of the Year Awards.

Watch our latest demo of Exabeam now.

Castra's Favorite Things About Exabeam

  • Data Lake, Advanced Analytics, Case Manager, Entity Analytics, Cloud Connectors - the perfect bundle
  • Excellent data usage model. Starts at 50GB/day and can easily scale to 5TB/day and higher
  • Machine Learning, granting the ability to model account and/or asset behavior
  • UEBA (User Entity Behavior Analytics) is superior to any human written SIEM 1.0 correlation rule
  • Ability to craft custom rules and custom models
  • Easy to extract smart timelines for investigations
  • Long term intuitive, active searching
  • Strong Dashboard, visualization and reporting capabilities
  • Robust, automated incident response ability

Exabeam Fusion SIEM Architecture

Providing all of the Exabeam Fusion SIEM solutions as a cloud service, SaaS Cloud.Offerings include:

  • Exabeam Data Lake
  • Exabeam Cloud Connectors
  • Exabeam Cloud Archive
  • Exabeam Advanced Analytics
  • Exabeam Entity Analytics
  • Exabeam Threat Hunter
  • Exabeam Case Manager
  • Exabeam Incident Responder(SOAR) (Security Orchestration Automated Response)
  • Exabeam Frozen Data Lake



Managed Detection and Response Services for Exabeam include:

      • Expert assistance on new service deployment from Security Operations Team
      • Designated Primary Security Analyst and 24x7 SOC
      • Documented Incident Response Plan
      • Training and enhancing Exabeam’s Machine Learning
      • Proactive tuning, customer notification and orchestrated response post incident detection
      • Advanced alarm and orchestration response
      • Intensive analysis of customer needs and network environment
      • Anomali Threatstream integration - best-in-class threat intelligence platform (TIPS
      • Custom behavioral modeling and detection rules for improved alarming
      • Custom notifications for alarm outputs
      • Compliance-Based Dashboards
      • Custom Reporting
      • Scheduled teleconferences with Security Operations Team covering:
      • Alarm review and noise reduction
      • Capacity planning
      • Risk posture adjustments
      • 24×7 health monitoring by Security Operations Team
      • Cloud-based platform continuously monitors:
      • Hardware and software stats
      • Event flow rates
      • Capacity and performance information
      • Proactive tuning and customer notification upon problem detection
    illustrated graph on hexagons

    Exabeam MDR Case Studies

    Vensure HR Case Study

    6 Tiers of MDR Service Fit Your Organization’s Needs



    1-1000 Users

    • 24/7 Proactive Threat Detection
    • 24/7 SOC2 Type II Security Operation Center
    • Custom Notifications, Dashboards and Reports
    Learn More


    1-1000 Users

    • EDR/XDR Licensing
    • 24/7 Security Operations Center
    • Primary Security Analyst
    • 24/7 Premium Alarm Monitoring & Response
    • Custom Reporting and Dashboards
    Learn More


    1-5000 Users

    • EDR/XDR License
    • Customize Threat Detection
    • 24/7 Alarm Monitoring & Response
    Learn More

    MXDR Enterprise

    5000+ Users

    • EDR/XDR License
    • Anomali ThreatStream License
    • Threat Hunting Pro
    • Customized Threat Detection
    Learn More

    Exabeam SIEM FAQs

    What is Exabeam SIEM?
    Exabeam is a security information and event management (SIEM) platform that helps organizations detect, investigate, and respond to cyber threats. It combines security data from various sources, including network and security devices like VPNs, cloud platforms like Google Cloud, and identity and access management (IAM) systems like Microsoft Active Directory, to provide a complete view of an organization's security posture. Castra is a leading Exabeam partner that manages your SIEM for you and improves your overall risk management and security. 
    How does Exabeam work?
    Exabeam uses machine learning and User and Entity Behavior Analytics (UEBA) technology to identify and alert on suspicious or malicious activity threatening your organization. It also provides a range of tools and features – that Castra can assist with – to help companies investigate and respond to security threats and incidents, including security orchestration, automation, and response (SOAR) capabilities, and reporting and visualization tools. 
    What is UEBA and how does it work in conjunction with Exabeam SIEM?
    User and Entity Behavior Analytics (UEBA) is a security tool that uses machine learning to analyze abnormal user behavior within an organization’s network to identify potential cyber and insider threats. Paired together with Exabeam SIEM, UEBA can analyze data from multiple sources, such as network logs and endpoint data, to identify and alert potential security threats. Exabeam SIEM then prioritizes these threats and enables organizations to respond to incidents quickly and effectively.  

    Request a Demo