Key Takeaways:
- Exabeam and Cribl announced an enhanced partnership to integrate Exabeam’s New-Scale Security Operations Platform with Cribl Stream, aiming to reduce the trade-off between security visibility and cost.
- The collaboration emphasizes targeted ingestion of high-value data, optimized storage, and behavioral analytics to improve threat detection and investigation.
- Exabeam Outcomes Navigator and Nova Advisor Agent help identify critical data sources, while Cribl ensures efficient routing and long-term storage management.
- Executives from both companies highlight that better data leads to faster investigations and stronger defenses, with AI-driven detection playing a central role.
- The joint solution provides flexibility in data routing, historical replay capabilities, and reduced operational costs for enterprises.
Exabeam and Cribl have announced an expansion of their strategic partnership, bringing together their respective strengths to help security teams achieve more effective threat detection while managing costs. The announcement builds on their 2023 collaboration and centers on integrating the Exabeam New-Scale Security Operations Platform with Cribl Stream. Together, the companies say the integration allows organizations to ingest and prioritize high-fidelity security data, reduce storage expenses, and maintain the ability to search and replay historical data on demand.
At the heart of the enhanced partnership are two Exabeam technologies: Outcomes Navigator and the Nova Advisor Agent. These tools guide security teams in identifying which data sources deliver the most impactful outcomes. Once identified, Cribl Stream routes that data into the New-Scale Platform, where Exabeam applies AI-driven analytics to create detections and threat timelines that support investigations. This process is designed to ensure that every log ingested contributes directly to business-critical use cases and MITRE ATT&CK coverage, while less valuable data can be shifted into lower-cost storage without losing searchability.
A major challenge for many organizations is balancing the need for visibility against the rising cost of data storage. Exabeam argues that its behavioral analytics help uncover threats that traditional security tools may overlook, particularly insider threats. By combining those capabilities with Cribl’s data pipeline flexibility, the companies believe security teams gain greater efficiency and clarity in their operations.

Steve Wilson, Chief AI and Product Officer at Exabeam, described the significance of the integration. “One of the differentiated strengths of the New-Scale Platform is the AI we provide powered through the data we ingest,” Wilson said. “Working with Exabeam, Cribl helps our customers achieve two important goals, delivering the data to support strategic security outcomes, and controlling cost. This partnership gives security teams the clarity, control, and confidence to detect real threats faster and outpace adversaries with precision.”
The companies outlined several advantages for customers adopting the combined solution:
- Targeted Data Ingestion ensures only strategic, high-value logs are used to support key security use cases.
- Accelerated Platform Adoption helps organizations minimize downtime during migration to Exabeam’s platform.
- Flexible Data Routing allows movement of data across any security tool without new agents or infrastructure.
- Long-Term Storage Optimization provides options to use customer-managed or cloud-based cold storage, reducing cost while preserving compliance.
- Historical Search and Replay enables forensic investigations across months or years of archived data.
- Data Filtering removes low-value logs to reduce SIEM overhead and free analyst capacity.
Vlad Melnik, Vice President of Global Alliances at Cribl, emphasized the importance of clean, relevant data. “An effective threat detection, investigation, and response strategy starts with clean, high-value data—because better data leads to better decisions, faster investigations, and stronger defenses,” Melnik said. He added that the combination of Cribl’s routing and shaping capabilities with Exabeam’s behavioral analytics allows customers to streamline SIEM ingestion and pursue security objectives more efficiently. “It’s a smarter, more sustainable path to cyber resilience.”
The move comes as organizations increasingly seek outcome-driven approaches to cybersecurity. By decoupling data volume from security outcomes, the partnership between Exabeam and Cribl reflects a shift toward strategies that prioritize relevance and cost-effectiveness. For enterprises facing both regulatory pressures and resource constraints, this combination could provide an avenue to maintain visibility without escalating expenses.
The emphasis on AI-driven detection also highlights the growing role of automation in security operations. Exabeam’s behavioral analytics layer, combined with Cribl’s control over data ingestion, presents an approach intended to empower teams to focus on actionable insights rather than noise. The ability to replay historical data for compliance and investigations further supports long-term resilience.
As cyber threats grow more sophisticated and budgets remain under scrutiny, partnerships like this suggest that security providers are rethinking how data pipelines and analytics platforms interact. The Exabeam–Cribl collaboration underscores an industry-wide effort to align efficiency with security outcomes, providing a model that other vendors may follow.
Learn how AI Agents can supercharge your company’s profits and productivity at TMC’s AI Agent Event Sept 29-30, 2025 in DC.
Rich Tehrani serves as CEO of TMC and chairman of ITEXPO #TECHSUPERSHOW Feb 10-12, 2026 and is CEO of RT Advisors and is a Registered Representative (investment banker) with and offering securities through Four Points Capital Partners LLC (Four Points) (Member FINRA/SIPC). He handles capital/debt raises as well as M&A. RT Advisors is not owned by Four Points.
The above is not an endorsement or recommendation to buy/sell any security or sector mentioned. No companies mentioned above are current or past clients of RT Advisors – howebver Tehrani is the FusionScore.ai founder.
The views and opinions expressed above are those of the participants. While believed to be reliable, the information has not been independently verified for accuracy. Any broad, general statements made herein are provided for context only and should not be construed as exhaustive or universally applicable.
Portions of this article may have been developed with the assistance of artificial intelligence, which may have contributed to ideation, content generation, factual review, or editing.






