Blog

Releasing 5.6.0

Releasing LogPoint 5.6.0 By Christian Have, VP of product management in LogPoint - March 2017 We are proud to announce LogPoint 5.6! Since our last large upgrade back in April 2016 (5.5.0), we have had minor releases and in parallel worked on this release.  Note: Please go through the release notes and ensure you have prepared your platform and fulfilled all the prerequisites before upgrading. New Features  Policy Based Routing The feature allows your organization to: Reduce costs of storage: Filter messages before they are stored. Optimize workflows:...

Detecting Ransomware with LogPoint

Detecting Ransomware with LogPoint By Thorsten Mandau, Senior Pre-Sales Consultant, CISSP, LogPoint - February 2017 Ransomware is doubtless a rising threat nowadays, putting all small, medium-sized and large businesses at risk. Our IT and security professionals at LogPoint are constantly working to help our clients withstand such attacks. When fighting ransomware, planning and forethought are crucial so you can limit the impact and quickly recover with minimal disruption. Keep in mind that ransomware variants are constantly changing, and it's hard to thwart every attack...

Ingesting Vulnerability Management data to LogPoint

Ingesting Vulnerability Management data to LogPoint  February 2017 Getting Qualys VM data into LogPoint is something many of our customers have been asking for. In this document we outline how data is pulled from the Qualys Reporting API, into LogPoint for easy analysis, correlation and reporting.  Overview  When you are using Qualys, either from the cloud or via an on premise appliance, the scan results and management of the scan is maintained from the Qualys Cloud. Qualys exposes an API that LogPoint uses to pull the data. To get started you have to download the Qualys...

Introducing LogPoint Free

Introducing LogPoint Free...! December 13, 2016 We are excited to announce that we are introducing a new way of experiencing LogPoint! LogPoint Free is a completely free version of LogPoint, which lets you ingest up to 350 events per second (eps), from up to 10 nodes. LogPoint Free provides full LogPoint functionality, access to support, Help Center and Community.    Free Extension The LogPoint Free license runs for 90 days but can be extended for free upon request. You can also easily upgrade to a LogPoint license if needed. Is LogPoint Free for you? LogPoint Free is...

Syscall Auditing in Unix

Syscall Auditing in Unix By Prabhat Pokharel, KB Lead Architect at LogPoint, December 09, 2016.  Logging defaults from Linux is great for many different aspects of security. Going the step deeper allows for more granular security monitoring with deeper insights. Today in this blog, we introduce how to use auditd to achieve much deeper security analytics. We will go through auditing of file access in Unix environment using the syscall (system calls). Communication between software and a linux kernel is handled by syscall.  Here we'll use auditd tool for...

Risk for Security and Compliance

Risk for Security and Compliance: Vulnerabilities in Industrial Systems By Pascal Cronauer, Country Manager DACH at LogPoint, December 5, 2016 Industrial systems are often inadequately protected against cyberattacks. But the threats have become greater in light of digital integration. Through digital integration, it has become more difficult to secure SCADA (Supervisory Control and Data Acquisition) and ICS (Industrial Control Systems), and the potential threat has increased due to the changing risk landscape. The latest generation of SCADA systems has consistently networked control...

Threat Intelligence: The Other Side of Security

Threat Intelligence: The Other Side of Security. By Frédéric Saulet, Regional Director of Southern Europe. November 28, 2016 There are almost as many definitions of Threat Intelligence as there are security vendors! In my view, Threat Intelligence is the capacity to identify the signs of compromise in an infrastructure that the organization must do something about. To do that, the logs in that infrastructure must be analysed so as to identify the faint signals that can indicate a potential attack.  In a Big Data environment, event and security data management by a SIEM can...

Getting started with Threat Intelligence

Getting Started with Threat Intelligence By Christian Have, VP Products & Innovation. November 21, 2016 Following our introduction blog-post, in this instalment we will cover how to integrate the LogPoint TI application with the Critical Stack platform. Critical Stack is an industry leading aggregator of threat intelligence sources, focused on high quality sources and ease of use. Out of the box LogPoint fully supports the different data-types provided through Critical Stack (Hashes, file names, ip addresses etc). Go the our Help Center page to get access to the Threat Intelligence...

Introducing the Public Beta of the Threat Intelligence Application

Introducing the Public Beta of the Threat Intelligence Application By Christian Have, VP Products & Innovation. November 21, 2016 It is with pride and great pleasure that we have the opportunity today to launch our Threat Intelligence application! With this application, we provide a simple and efficient module for providing contextual attack information to observations from sensor data in your network. Context The Threat Intelligence application sources data from best-in-class ProofPoint and the large collection of indicators from Critical Stack. With these...

How To: Create Long-Term Complex Correlations with Alert Feedback

How To: Create Long-Term Complex Correlations with Alert Feedback By Julien Soukhavong, Security Consultant, November 16, 2016. Feedback from correlated events can be extremely useful for later analytics. What was the average daily number of devices over three months? We could do a complete search over the total time-period, but if we want to see this regularly, we would have to rerun a large query. Instead we can use the output of one search as the input to another search. For instance: We count the number of devices every day and output that number as a log-file. Now we only have to...

VIEW MORE ENTRIES

Why LogPoint?

With LogPoint, you will discover a full enterprise SIEM solution. 

LogPoint is EAL 3+ certified and the solution is tailored to solve the specific security management challenges of your business - whether the goal is compliance, forensics or operational insight.

And the best part..? We have the most predictable licensing model in the industry.