The Solution


The LogPoint SIEM solution extracts events and incidents from the billions of logs existing in any IT infrastructure of any size.

Real-time Orchestration, Automatization and Incident Response

LogPoint enables you to easily assess the security posture of your network and applications through the solution’s uniquely designed correlation and analysis layer.

The built-in log analysis engine automatically detects and alerts on critical incidents on your systems. Events monitored can be very diverse and can, for example, include an ongoing attack, a compromised system, malicious insider activity, performance degradations, and much more.


The raw log data from your systems can be used to:

  • Automate regulatory processes
  • Improve efficiency in forensics investigations
  • Increase troubleshoot turnaround time
  • Improve your security position

 fast impl vs2

Implementing LogPoint is simple. The product is shipped as a virtual appliance or on physical hardware, allowing your organization the complete flexibility to best fit the deployment to your needs. In order to enable your organization to create value fast, LogPoint offers several preconfigured configurations based on 400+ Use Cases, allowing your team to orchestrate analytics and playbooks, without the hassle of countless hours of professional services. A simple installation with i.e. 30 nodes takes in average 3-10 days. 


 ueba vs2

LogPoint offers User and Entity Behavioral Analytics (UEBA) to achieve situational awareness before, during and after responding to breaches. By utilizing Machine Learning, LogPoint UEBA builds baselines for every entity in the network, without relying on predefined rules and signatures. With LogPoint UEBA you can allow your analysts to spend time investigating issues that cannot be detected through signature-based alerts, reduce the number of false positives and eliminate the hassle of maintaining and developing expert-rules based on signatures. 

 eal cert solution vs2

LogPoint is the only Common Criteria EAL3+ certified SIEM solution. Common Criteria is the international standard for software security certification. To achieve EAL3+ the product and processes have been extensively examined, verified and documented to the Common Criteria (ISO15408) standard. The EAL3+ certification is of particular interest for industries with high requirements towards systems assurance such as critical infrastructure, finance, defense, space and intelligence organizations. 


 enrichment vs2

LogPoint provides full data-enrichment capabilities, meaning that gathered events can be correlated with external metadata for contextual analytics. For instance, LogPoint can be used to correlate Threat Intelligence feeds against any collected data source or correlate incidents with CMDBs to quickly target pinpoint locations of devices. Any structured data can be used to enrich the collected data. These capabilities increase performance and accuracy of analytics through ingest-time enrichment, without the need to import and fragment existing data.

 ext int possibilities vs2

Any new application, business process or infrastructure component will be immediately covered by our best-practice taxonomy. The LogPoint taxonomy is a single language that is used to describe the contents of the gathered log-files. Because of the completeness of the taxonomy, any new device that is added will automatically feed into existing use-cases, UEBA models, and reports. Allowing fast, easy extension and evolution of the deployment. The LogPoint taxonomy extends outside of log-collection and fully encompasses Threat Intelligence data (stored in a STIX2 compliant format) as well as Vulnerability and Asset Management data. With a taxonomy that spans input, enrichment, and output, advanced correlations and searches are easy and provide value to the skilled analyst and organizations just getting started with Security Analytics.


 fav licensing vs2

Don’t let your attacker determine the price of your SIEM or Log Management solution. LogPoint is licensed on the number of devices sending logs to the system. All use-cases, reports, collection capabilities are included. It does not matter how many analysts are using the system, how many gigabytes per day or events per second you process – not even how many LogPoint servers you need to deploy. We license on the systems that send data. If you run an anti-malware setup that collects data from 15.000 endpoints, but centrally managed from a single server – then this will be counted as one license. Easy, simple and predictable.

 op intel vs2

Fast performance and precision analytics offer IT teams rapid insight into incidents across the infrastructure. Real-time, actionable insights from raw machine data help increase operational efficiencies, streamline compliance for regulatory mandates, and strengthen the organization’s security posture.


 ext data privacy mode vs2

Understand when and why for instance critical or sensitive data is accessed and reduce data stored.  Thus, preparing your business for regulations such as GDPR, HIPAA, SOX, PCI, etc., which is included out-of-the-box with LogPoint.

 adv correlation vs2

LogPoint enables real-time insights into your organizations data providing you a clear, detailed overview across data, devices and applications.




There is no better reference than our current customers. Read more about what some of them have to say about working with LogPoint.  >Testimonials<



LogPoint received the Silver Award in the Gartner 2017 Customer Choice Awards with a 4.6-point average score when Gartner conducted their first customer satisfaction survey ever for Security Information and Event Management (SIEM).

Read more > Garter Peer Insight<

Why LogPoint?

With LogPoint, you will discover a full enterprise SIEM solution. 

LogPoint is EAL 3+ certified and the solution is tailored to solve the specific security management challenges of your business - whether the goal is compliance, forensics or operational insight.

And the best part..? We have the most predictable licensing model in the industry.