Blog

Introducing LogPoint Free

Introducing LogPoint Free...! December 13, 2016 We are excited to announce that we are introducing a new way of experiencing LogPoint! LogPoint Free is a completely free version of LogPoint, which lets you ingest up to 350 events per second (eps), from up to 10 nodes. LogPoint Free provides full LogPoint functionality, access to support, Help Center and Community.    Free Extension The LogPoint Free license runs for 90 days but can be extended for free upon request. You can also easily upgrade to a LogPoint license if needed. Is LogPoint Free for you? LogPoint Free is...

Syscall Auditing in Unix

Syscall Auditing in Unix By Prabhat Pokharel, KB Lead Architect at LogPoint, December 09, 2016.  Logging defaults from Linux is great for many different aspects of security. Going the step deeper allows for more granular security monitoring with deeper insights. Today in this blog, we introduce how to use auditd to achieve much deeper security analytics. We will go through auditing of file access in Unix environment using the syscall (system calls). Communication between software and a linux kernel is handled by syscall.  Here we'll use auditd tool for...

Risk for Security and Compliance

Risk for Security and Compliance: Vulnerabilities in Industrial Systems By Pascal Cronauer, Country Manager DACH at LogPoint, December 5, 2016 Industrial systems are often inadequately protected against cyberattacks. But the threats have become greater in light of digital integration. Through digital integration, it has become more difficult to secure SCADA (Supervisory Control and Data Acquisition) and ICS (Industrial Control Systems), and the potential threat has increased due to the changing risk landscape. The latest generation of SCADA systems has consistently networked control...

Threat Intelligence: The Other Side of Security

Threat Intelligence: The Other Side of Security. By Frédéric Saulet, Regional Director of Southern Europe. November 28, 2016 There are almost as many definitions of Threat Intelligence as there are security vendors! In my view, Threat Intelligence is the capacity to identify the signs of compromise in an infrastructure that the organization must do something about. To do that, the logs in that infrastructure must be analysed so as to identify the faint signals that can indicate a potential attack.  In a Big Data environment, event and security data management by a SIEM can...

Getting started with Threat Intelligence

Getting Started with Threat Intelligence By Christian Have, VP Products & Innovation. November 21, 2016 Following our introduction blog-post, in this instalment we will cover how to integrate the LogPoint TI application with the Critical Stack platform. Critical Stack is an industry leading aggregator of threat intelligence sources, focused on high quality sources and ease of use. Out of the box LogPoint fully supports the different data-types provided through Critical Stack (Hashes, file names, ip addresses etc). Go the our Help Center page to get access to the Threat Intelligence...

Introducing the Public Beta of the Threat Intelligence Application

Introducing the Public Beta of the Threat Intelligence Application By Christian Have, VP Products & Innovation. November 21, 2016 It is with pride and great pleasure that we have the opportunity today to launch our Threat Intelligence application! With this application, we provide a simple and efficient module for providing contextual attack information to observations from sensor data in your network. Context The Threat Intelligence application sources data from best-in-class ProofPoint and the large collection of indicators from Critical Stack. With these...

How To: Create Long-Term Complex Correlations with Alert Feedback

How To: Create Long-Term Complex Correlations with Alert Feedback By Julien Soukhavong, Security Consultant, November 16, 2016. Feedback from correlated events can be extremely useful for later analytics. What was the average daily number of devices over three months? We could do a complete search over the total time-period, but if we want to see this regularly, we would have to rerun a large query. Instead we can use the output of one search as the input to another search. For instance: We count the number of devices every day and output that number as a log-file. Now we only have to...

A Better Way of Updating LogPoint

A Better Way of Updating LogPoint By Christian Have, VP Product & innovation, November 7, 2016. We have all been there; we just finished a RFC with a CAB review and restored to normal operations and then the mail ticks in; a new patch is available. With FlexPatch this is solved. Starting with LogPoint 5.5.5, released today, we are introducing Flex[ible] Patch[ing]. With FlexPatch, we allow operators to remain on their preferred Minor version (5.5). If a new feature or bug is released (for instance 5.5.6) but not applicable to your environment you can now safely skip this...

The Value of Security Analytics: How To Convince the C-Suite

The Value of Security Analytics: How To Convince the C-Suite By Nicolai Zerlang, Project Manager, November 2, 2016. As a cybersecurity team, it can sometimes be a struggle to convince the c-suite of the importance in having a well-funded security program within your organization. This results in a critical gap of resources, compared to what is needed to protect crucial company assets. As an analogy, you probably have fire extinguishers in your office, but most of us have never had a fire in the room, building or on the block. However, just in case, we still have extinguishers all over the...

How to Reduce the Impact of Ransomware

How to Reduce the Impact of Ransomware By Claus Løppenthien, Senior Solutions Specialist, October 27, 2016. One of the big concerns at the moment in the world of IT security is Ransomware. It is a small piece of malware that will encrypt data on local hard drives as well as remote network shares. After the encryption is completed a ransom for the data is requested. It is important to understand that no single tool can prevent or eradicate a ransomware. The best way to avoid the malware is user awareness as well as updated mail and endpoint protection. When dealing with ransomware, one...

VIEW MORE ENTRIES

Why LogPoint?

With LogPoint, you will discover a full enterprise SIEM solution. 

LogPoint is EAL 3+ certified and the solution is tailored to solve the specific security management challenges of your business - whether the goal is compliance, forensics or operational insight.

And the best part..? We have the most predictable licensing model in the industry.