App Health
The following updates have been made to the Service Health and Consumption endpoints:
Access Control
You can now programmatically retrieve lists of users, roles, and API keys that are configured in your environment. The following new Access Control endpoints are available to view this information without the need to log in and navigate to the Settings options:
Health and Consumption
You can now programmatically retrieve license information for Long Term Search, Long Term Storage, and Correlation Rules, via Exabeam Public API. With the new public API you can:
Retrieve AI-Generated Threat Summaries
You can now retrieve AI-generated Copilot Threat Summaries for individual alerts via the Exabeam API. Submit an alert ID and optional context in the prompt to receive threat insights and recommended next steps. For more information, see the Threat Center endpoint.
Write Access for Cases and Alerts
You can now update Threat Center cases and alerts using the Exabeam API. This feature allows you to modify alert properties, including name, description, priority, and tags using the alert ID. For cases, you can update the stage, closure reason, queue, and assignee. These capabilities enhance your ability to monitor, automate assignments, and streamline investigations, improving the efficiency of your security operations. For more information, see Update alert details, Update case details, and Create a new case.
Extended Support for Site Collector Agents
You can now create additional collector agents using the Exabeam API. Types include Fortinet, File (Windows and Linux), Archive (Windows), Kafka, Qradar, and EStreamer. For more information, see Create a Site Collector agent.
New Region Support for Saudi Arabia
A new API gateway is now available in the Kingdom of Saudi Arabia (KSA) region. This expansion enables seamless integration with the Exabeam Security Operations Platform for customers operating in the Middle East. For more information, see API Gateways.
New Endpoints to Onboard Site Collectors
You can now use the Exabeam API to configure Site Collector templates for rapid deployment of multiple Site Collector collectors (also known as agents). For more information, see Site Collector Templates and Site Collector Agents.
New Threat Center Endpoint
To effectively and efficiently respond to threats, you can now use the Exabeam API to search and retrieve details for alerts and cases in Threat Center. For more information, see the Threat Center endpoint.
New Region Support for Switzerland
The Exabeam API now supports deployments in the Switzerland region (europe-west6 in GCP).