Blog

KRACKs

KRACKs Today we have released our application to detect the KRACK attacks. For detailed information about the attack please refer to https://www.krackattacks.com/. Since the attack can target both infrastructure and endpoints, patching the infrastructure alone will not be sufficient to protect against the attacks. Patching endpoints will be a tedious process for large organizations, especially if they operate IOT, OT or embedded devices relying on WIFI. Since the vulnerable devices can survive for longer periods of time in the network, it is important to implement active monitoring...

LogPoint adds UEBA module to its Next Generation SIEM solution

LogPoint adds UEBA module to its Next Generation SIEM solution LogPoint and Fortscale join forces on the embedded UEBA engine, Presidio. This will enable hundreds of LogPoint’s SIEM platform customers, to natively detect malicious activity of users and entities, with advanced machine learning analytics. Copenhagen, Denmark; San Francisco, CA, Sep 18, 2017 LogPoint, big data analytics and Security Information and Event Management (SIEM) platform provider, and Fortscale, the pioneer in embeddable User and Entity Behavioral Analytics UBEA, today announced that they have joined forces to...

The re-emergence of Dragonfly

The re-emergence of Dragonfly Created by Nicolai Zerlang, September 11, 2017 An increase of dangerous Advanced Persistent Threats (APT) attacks was reported by Symantec last week. The sophisticated attack group Dragonfly (also known as Energetic Bear), is reportedly behind. Dragonfly 2.0, as this wave of attacks is dubbed, appears to have begun already in 2015 and share tactics earlier used by the group to infiltrate critical infrastructure control systems. The attacks are primarily targeted at the energy sector, and has already compromised numerous organizations, enabling Dragonfly to...

Petya/NotPetya Ransomware

Petya/NotPetya Created by Roshan Pokharel, June 29, 2017 A new ransomware outbreak named "Petya", similar to WannaCry malware, was seen on June 27, 2017. This malware spread quickly and affected various organizations in Europe and the US. The ransomware was thought to be a variant of Petya family but researcher determined that they are not related and now renamed to "NotPetya". Petya/NotPetya does not require EternalBlue SMB vulnerability for exploitation to spread in systems on a network. One infected host will allow ransomware to spread in any connected systems, provided that infected...

Introducing the WannaCry application

Introducing the WannaCry application  By Prabhat Pokharel, Roshan Pokhrel & Cintia Szabó, May 16, 2017 After our blog post on Sunday regarding the WannaCry malware breakout, LogPoint today is excited to announce our turn-key application to detect and respond to WannaCry. The application works on LogPoint and LogPoint Free, works for all types of devices  (firewalls, content security appliances, file-shares etc) and provides a simple effective tool to monitor and contain any further spread of the malware. In addition, as research moves forward with different samples of...

Responding to WannaCry Malware

By Christian Have, VP Products & Innovation, May 13, 2017   Update: Read our latest blog post on our newly released WannaCry Application   As WannaCry has wrecked havoc over the weekend, many organizations will face the impact of the malware during the beginning of the week. WannaCry is a ransomware attack that exploits the MS17-010 vulnerability. Infection After exploiting the vulnerability the malware attempts to connect to a domain: iuqerfsodp9ifjaposdfjhgosurijfaewrwergwea.com The malware expects the connection to fail and then proceeds to install and infect...

What is CEO Fraud - and how can LogPoint detect it?

  About CEO Fraud By Prabhat Pokharel & Cintia Szabó, April 25, 2017 CEO fraud is the most recent generation of cyber crimes, which involves impersonation of the CEO and other senior business managers, by using social engineering attacks to trick someone at the organization into wiring business money to the fraudsters. The U.S. Federal Bureau of Investigation (FBI) has warned about a dramatic increase in Business E-Mail Scams, known as CEO fraud, which has, over the past three years, cost organizations more than $2.3 billion in losses. Many organizations think email...

LogPoint secures $10 million in funding led by Evolution Equity Partners

LogPoint positioned to accelerate growth with advanced analytics and machine learning driving the next generation of SIEM. Copenhagen – April 4, 2017 LogPoint, the next-generation security information and event management (SIEM) and big data analytics platform, today announced it has secured $10 million in Series B funding from Evolution Equity Partners. The funding will enable LogPoint to enter the next phase of growth; fueling expansion in new markets and providing for continuous enhancement of the LogPoint Enterprise SIEM platform. LogPoint enables enterprises to proactively monitor...

New Release of Logpoint Agent

Introducing the latest release of the LogPoint Agent. By Christian Have, VP of product management in LogPoint - March 2017 After a long period of development, we are now ready with the largest feature release of the LogPoint agent in the history of LogPoint. With this release the agent will be faster, more stable and offer more features. Combined with the recent changes in LogPoint 5.6 (Policy Based Routing), the new agent can make drastic cuts in resource consumption! New Features  File Integrity Monitoring and Windows Registry Scanning is now supported. The agent now...

Releasing 5.6.0

Releasing LogPoint 5.6.0 By Christian Have, VP of product management in LogPoint - March 2017 We are proud to announce LogPoint 5.6! Since our last large upgrade back in April 2016 (5.5.0), we have had minor releases and in parallel worked on this release.  Note: Please go through the release notes and ensure you have prepared your platform and fulfilled all the prerequisites before upgrading. New Features  Policy Based Routing The feature allows your organization to: Reduce costs of storage: Filter messages before they are stored. Optimize workflows:...

VIEW MORE ENTRIES

Why LogPoint?

With LogPoint, you will discover a full enterprise SIEM solution. 

LogPoint is EAL 3+ certified and the solution is tailored to solve the specific security management challenges of your business - whether the goal is compliance, forensics or operational insight.

And the best part..? We have the most predictable licensing model in the industry.