Exabeam and Cribl Partner on Scalable Threat Detection

Exabeam, a provider of intelligence and automation that powers security operations, and Cribl, a data engine for IT and security, recently announced an evolution of their strategic partnership designed to break the trade-off between cost and visibility.

Integration brings more capabilities to users as orgs work to optimize their data infrastructure

Through this integration, Exabeam’s New-Scale Security Operations Platform and Cribl Stream will combine to help organizations ingest and prioritize the correct data, optimize long-term storage costs, and retain the ability to search historical data on demand.

Exabeam Outcomes Navigator and Exabeam Nova Advisor Agent help customers identify the data sources that drive the most impactful security outcomes. As part of this partnership, Cribl will now route that high-fidelity data into the Exabeam New-Scale Platform, which will then be transformed into AI-driven detections and threat timelines to power investigations.

The partnership ensures that every log ingested supports business-critical use cases and MITRE ATT&CK coverage, eliminating painful trade-offs. Further, low-value data can be offloaded to more cost-effective storage while remaining searchable, allowing organizations to control storage costs and retain the ability to replay logs for historical investigations.

“One of the differentiated strengths of the New-Scale Platform is the AI we provide powered through the data we ingest,” said Steve Wilson, chief AI and product officer at Exabeam. “Working with Exabeam, Cribl helps our customers achieve two important goals, delivering the data to support strategic security outcomes, and controlling cost. This partnership gives security teams the clarity, control, and confidence to detect real threats faster and outpace adversaries with precision.”

Threat detection gets a boost with data management and behavioral context

Exabeam also provides behavioral context for detecting threats that other tools may miss. The advanced threat detection, investigation, and response (TDIR) capabilities of Exabeam, integrating with Cribl’s flexible data pipeline management, enable security teams to gain new efficiency and drive strategic outcomes.

Among the key benefits of the partnership are:

• Targeted data ingestion: Only ingests strategic, high-fidelity data for powering important security use cases.
• Accelerated platform adoption: Minimizes downtime and data migration hurdles when transitioning to the New-Scale Platform. 
• Flexible data routing: Routes data to and from any security tool without needing new agents or infrastructure.
• Long-term storage optimization: Enables customers to bring their own storage or leverage cloud-based, cost-effective storage options at reduced costs without sacrificing compliance or searchability.
• Historical search and replay: Retain the ability to run forensic investigations and compliance audits across months or years of archived data, at a lower cost than traditional SIEM storage.
• Data filtering: Eliminates low-value or noisy logs to boost SIEM performance, reduce cost, and reclaim analyst bandwidth.

“An effective threat detection, investigation, and response strategy starts with clean, high-value, AI-ready data because better data leads to better decisions, faster investigations, and stronger defenses,” said Vlad Melnik, Vice President, Global Alliances at Cribl. “By combining Cribl’s flexible data routing and shaping capabilities with behavioral analytics and automation from Exabeam, we’re enabling customers to streamline SIEM data ingestion, achieve their security goals more effectively, and fuel their AI-powered SIEM. It’s a smarter, more sustainable path to cyber resilience.”

Exabeam has been on a roll in 2025, establishing partnerships to boost security operations. Read more about the company’s partnership with Vectra AI on threat detection and SecOps.