LogPoint Tool zur Compliance-Automatisierung
Die Erfüllung von Compliance-Anforderungen kann teuer und kompliziert sein. Allerdings ist diese Investition ein Klacks im Vergleich zu Strafzahlungen, Prozesskosten und einem Imageschaden.
Die Regelungen variieren zwar, Konformität hängt aber normalerweise von der Fähigkeit ab, Prüfungsstandards gerecht zu werden.
Das bedeutet folgendes:
- Die Risiken erkennen, denen Ihr Unternehmen ausgesetzt ist
- Die Kontrollen zum Schutz Ihres Unternehmens vor solchen Risiken entwickeln und einführen
- Die Wirksamkeit solcher Kontrollen überwachen und melden
- Auftretende Compliance-Probleme beheben
- Auf Vorschriften und Kontrollen hinweisen
Da gibt es eine ganze Menge zu lernen – und darüber hinaus müssen Sie auch noch die Berge an Log-Daten verwalten, die sie sammeln müssen. Aber keine Sorge – wir haben eine Lösung dafür.
Contact LogPoint
Get in touch and learn why leading companies choose LogPoint:
LogPoint bedeutet Compliance
Our Modern SIEM solution is designed to handle the vast amounts of data you generate and automate most compliance requirements – so your ops-team doesn’t have to. Here’s what LogPoint can do for you:
- Automatic data collection for all types of event data
- Store event logs for easy access to complete, secure audit trails
- Rapid threat response for identification, remediation and reporting
- Flag policy and compliance violations
- Validate that controls are in place and optimized
- Correlate volumes of diverse events, and track underlying issues to their origin
- Document incidents
- Out-of-the-box and customizable compliance reporting
User activity monitoring
User Activity Monitoring has long been the cornerstone of any efficient defense strategy. By design, LogPoint provides analysts with an intuitive and powerful tool to identify malicious activities, create alerts, dashboards, and reports so they can get an overview and counteract immediately. Primarily for data privacy and regulations, user activity monitoring focuses on activities associated with file access. LogPoint can monitor this using native object access audit records. Additionally, LogPoint’s FIM application monitors any access attempts to privileged file share systems and provides information on the type of access and the actions performed in the file. Additionally, the original and the altered checksums can also be compared to better understand access behavior.
Example
Object access attempts
Query
label=Object label=Access | chart count() by user, access, object order by count() desc
Monitoring international data transfers
LogPoint’s intuitive visualization helps to plot data points for connection requests across the geopolitical boundaries. With an overview of top destination and source countries along with top inbound/outbound connections, LogPoint provides any organization with a detailed overview of cross-border data flow, ensuring lawful data transfer complying with the GDPR.
Example
Trend of outbound data transfer by geo location
Query
source_address=* destination_address=* | process geoip(destination_address) as country | timechart sum(sent_datasize) as OutboundData by country
Computerome – The Danish National Life Science Supercomputing Center
With LogPoint, Computerome – The Danish National Life Science Supercomputing Center has:
- a flexible platform that can integrate with their systems at scale
- real-time monitoring of security controls
- real-time data analysis to early detect possible data breaches
By providing easy access and overview for administrators, auditors and regulators, LogPoint helps support the tough compliance requirements at Computerome.