Exabeam Uses AI To Expose Insider Threat
Exabeam says at RSAC 2026 that its investigative AI agent, Exabeam Nova, detected a malicious North Korean actor who in summer 2025 secured a remote job using a stolen identity. Threat intelligence combined with UEBA flagged risky first-day behavior, allowing the SOC to isolate the employee laptop and prevent further intrusion.
Key Points
- 1Uses agentic AI Exabeam Nova combining threat intelligence and UEBA to detect insider compromise
- 2Highlights DPRK operators using stolen identities to infiltrate US firms, escalating corporate cybersecurity risk
- 3Encourages SOCs to deploy autonomous investigation agents for contextualized triage and faster device isolation
Scoring Rationale
Fresh, credible account from RSAC 2026 showing practical use of an AI investigative agent to stop a DPRK-linked insider. Scored high for scope and relevance, slightly limited by single-source company reporting and modest technical depth.
Sources
Public references used for this report.
Practice interview problems based on real data
1,625 SQL & Python problems across 15 industry datasets — the exact type of data you work with.
Try 250 free problems


