Efficiency

LogPoint provides pre-defined use cases through the installation of applications that are defined by vendor/technology/compliance standards. There are 500+ such applications currently available for LogPoint with several pre-defined rules within each application. This list of applications is continuously being updated and added to. All out-of-the-box use cases can be downloaded free-of-charge from our Help Center as a part of the core LogPoint license

More information: https://www.logpoint.com/en/product/supported-log-sources/

LogPoint has a set of default rules that exceed 10.000. To make the most of these rules, LogPoint has implemented ML-based scoring and prioritization of alert-rules. This ensures that the alert fatigue experienced in other SIEMs, for instance, Splunk and LogRhythm is not replicated. Even when more rules are active and used, the use of ML filters, aggregates, and prioritizes alerts to remove false positives and irrelevant alerts

LogPoint has applications containing predefined reports/alerts/dashboards for a large amount of regulations out-of-the-box – all included in the base license, including: SOX, ISO27001 and 002, HIPAA. FISMA, BASEL-II, GPG13, PCI-DSS and GDPR

A full LogPoint deployment is often completed in days, rather than weeks/months as is seen with other SIEM vendors – mainly due to the amount of out-of-the-box content and the one single taxonomy which eliminates time-consuming activities such as data mapping. Average implementation time in LogPoint is 3-10 days. As soon as data is ingested into LogPoint, the customer starts getting value from analytics. The implementation time is the fastest among SIEM industry leaders according to Gartner Peer Insights (66% of implementations taking less than 3 months)

LogPoint has designed and deployed hundreds of normalization plugins that simplify the ingestion of event data. Usually, a customer can be live within 3-10 days of installation and usually sees value within the first week.The one common taxonomy means that as soon as the customer ingest data into LogPoint, the analytics works right away (including, but not limited to advanced log management and compliance reporting). LogPoint owns the taxonomy which removes much maintenance and reduces the complexity of correlating data across applications

LogPoint has support for a variety of Identity Providers. LogPoint supports OAUTH, SAML, ADFS, RADIUS, and LDAP to integrate with remote identity providers. The authentification framework is pluggable as well, allowing for LogPoint to implement additional authentication sources as required by customers. Typically the lead time for these integrations is measured in weeks

LogPoint supports the ingestion of any data type from any source. If the data can be machine-parsed, the data can be ingested into the system. LogPoint typically monitors application-layer data through eventlogs, syslog, database-pulls or API calls. Once the data is in the system, all of the analytical features are available for the analyst

Yes. LogPoint provide out-of-the-box integrations for a range of ERP systems, including SAP, Oracle Financials, MS Dynamics and DB2.

More information: https://www.logpoint.com/en/product/supported-log-sources/

Support for cloud application SaaS is increasingly essential to support due to demand from customers. LogPoint continuously adds support for new cloud applications based on demand, with a time-to-market within weeks, which is much faster than competing vendors. LogPoint has extensive support for: Office 365, Cisco Umbrella, Cloud Trail, Salesforce, EventHubs, Incapsula, Cisco AMP, Clouldwatch, VPC Flow Logs and MySQLRDS

More information: https://www.logpoint.com/en/product/supported-log-sources/

Yes, ABB BECOS is natively supported, and additional SCADA components are easily added to the mix. LogPoint partners with several OT/SCADA protection products such as Industrial Defender and Rhebo. LogPoint acquires many customers due to the straightforward way of integrating new devices from OT, SCADA, and IoT. New application support for any data source can be developed in a matter of days and has the same taxonomy as any other source, making integration of any device extremely quick and easy to use once implemented

File Integrity Monitoringis supported natively in LogPoint free-of-charge

More information: https://go.logpoint.com/logpoint-file-integrity-monitoring?