Logpoint as a tool for compliance automation

Meeting compliance can be costly and complicated. But that investment is minimal compared to the costs of fines, legal costs and a damaged reputation.

While regulations vary, compliance is usually tied to your ability to act according to audit requirements.

That means:

  • Identifying the risks your business faces
  • Designing and implementing controls to protect your business from those risks
  • Monitoring and reporting on the effectiveness of those controls
  • Resolving compliance difficulties as they occur
  • Advising on rules and controls

That’s a lot to take in – and there’s also the task of managing the mountains of log data you’re compiling. But don’t worry, we have a solution for this.

Contact Logpoint

Contact us and learn why
industry-leading companies
choose Logpoint:

Contact Logpoint

Logpoint means compliance

Our Modern SIEM solution is designed to handle the vast amounts of data you generate and automate most compliance requirements – so your ops-team doesn’t have to. Here’s what Logpoint can do for you:

  • Automatic data collection for all types of event data
  • Store event logs for easy access to complete, secure audit trails
  • Rapid threat response for identification, remediation and reporting
  • Flag policy and compliance violations
  • Validate that controls are in place and optimized
  • Correlate volumes of diverse events, and track underlying issues to their origin
  • Document incidents
  • Out-of-the-box and customizable compliance reporting
LogPoint AD User Management dashboard
LogPoint for User Activity Monitoring widget

User activity monitoring

User Activity Monitoring has long been the cornerstone of any efficient defense strategy. By design, Logpoint provides analysts with an intuitive and powerful tool to identify malicious activities, create alerts, dashboards, and reports so they can get an overview and counteract immediately. Primarily for data privacy and regulations, user activity monitoring focuses on activities associated with file access. Logpoint can monitor this using native object access audit records. Additionally, Logpoint’s FIM application monitors any access attempts to privileged file share systems and provides information on the type of access and the actions performed in the file. Additionally, the original and the altered checksums can also be compared to better understand access behavior.

Example

Object access attempts

Query

label=Object label=Access | chart count() by user, access, object order by count() desc

LogPoint monitors International Data Transfers widget

Monitoring international data transfers

Logpoint’s intuitive visualization helps to plot data points for connection requests across the geopolitical boundaries. With an overview of top destination and source countries along with top inbound/outbound connections, Logpoint provides any organization with a detailed overview of cross-border data flow, ensuring lawful data transfer complying with the GDPR.

Example

Trend of outbound data transfer by geo location

Query

source_address=* destination_address=* | process geoip(destination_address) as country | timechart sum(sent_datasize) as OutboundData by country

LogPoint monitors International Data Transfers widget

Computerome – The Danish National Life Science Supercomputing Center

Computerome - Supercomputer for Life Science, strengthens security with LogPoint

With LogPoint, Computerome – The Danish National Life Science Supercomputing Center has:

  • a flexible platform that can integrate with their systems at scale
  • real-time monitoring of security controls
  • real-time data analysis to early detect possible data breaches

By providing easy access and overview for administrators, auditors and regulators, LogPoint helps support the tough compliance requirements at Computerome.

See this case

GDPR features

The increased data security requirements of the General Data Protection Regulation means businesses have to protect data from unlawful processing and loss or destruction. 

If you’re struggling with how to ensure and maintain compliance, you’re not alone. But there’s good news, meeting the GDPR’s strict requirements is a lot easier with LogPoint’s “out-of-the-box” GDPR features for compliance monitoring and reporting.

LogPoint allows you to quickly detect unusual behavior in networks and applications to prevent misuse and data breaches with GDPR compliance monitoring. With static rules to detect the knowns, machine learning and advanced analytics to detect “as-is” and unusual activity in the network, it’s much easier to maintain compliance.

With LogPoint, you can:

  • Spot and track unauthorized network or systems access
  • Identify unusual patterns or rogue employee actions on an individual level
  • Empower your security team with analytics
  • Enrich and route logs with sensitive data to secure repositories

File Integrity Monitoring (FIM) is a compliance cornerstone. LogPoint’s native FIM features alert you whenever a new directory or file is created, deleted, renamed or altered in its content, so you can maintain an overview of your sensitive assets.

LogPoint SIEM detects Unauthorized Access widget

Spotting and tracking unauthorized network or systems access

LogPoint enables you to detect any suspicious and/or unauthorized network behavior such as connection attempts on closed ports, blocked internal connections, connections made to known-bad destinations, requests initiated from untrusted zones, suspicious system access and many more.

Example

Threats in higher privilege systems

Query

label=Connection label=Allow source_address IN PRIVILIGE_SYSTEMS | process ti(source_address)|search et_ip_address=* | rename et_category as category | chart count() by ip_address, category order by count() desc

LogPoint Compliance Report 1

Monitoring international data transfers

Logpoint’s intuitive visualization helps to plot data points for connection requests across the geopolitical boundaries. With an overview of top destination and source countries along with top inbound/outbound connections, Logpoint provides any organization with a detailed overview of cross-border data flow, ensuring lawful data transfer complying with the GDPR.

Example

Trend of outbound data transfer by geo location

Query

source_address=* destination_address=* | process geoip(destination_address) as country | timechart sum(sent_datasize) as OutboundData by country

LogPoint Compliance Report 2

GDPR report

Logpoint’s GDPR reports provide critical insight into how your network is actually performing. The reports support GDPR compliance reporting by helping to explain critical data flows and transactions on data, while providing the means to evaluate observed baselines and known-bad behavior from Logpoint GDPR compliance monitoring features. With this accurate, real-time view of the network, you can focus on areas that are non-compliant and plan for the future (or “to-be”) architecture by defining a transition plan. If you want to learn more about the GDPR and how it will affect your organization, take a look at our section on GDPR: When, Why and Who?

All Logpoint reports relate directly to the GDPR compliance reporting requirements as well as the ISO/IEC 27000 International Standard. The information will help ensure confidentiality, integrity and availability of your systems by monitoring your assets containing Personally Identifiable Information (PII) and allowing for business investigation into data loss.

Logpoint currently offers the following out-of-the-box GDPR compliance reports:

LogPoint GDPR File system and database activities and file access reports Icon

File system and database activities and file access reports

Provide an overview of user access to files and data transfers to removable devices.

LogPoint GDPR Account management and data modification reports Icon

Account management and data modification reports

Provide an overview of access management and user account rectification and erasure activities.

LogPoint GDPR General access reports Icon

General access reports

Provide an overview of activity on the network including connections and access attempts.

LogPoint GDPR International connection reports Icon

International connection reports

Provide an overview of cross-border data flow, ensuring your transfers are lawful.

LogPoint GDPR Policies reports Icon

Policies reports

Provide an overview of your company’s policy changes, uncovering potentially damaging changes to the security structure of your system.

LogPoint GDPR Network access reports Icon

Network access reports

Provide an overview of unsuccessful attempts to connect to your network to help identify potential threats.

LogPoint GDPR User privilege escalation reports Icon

User privilege escalation reports

Provide an overview of user access to files as well as data transfers to removable devices.

LogPoint GDPR Mobile device activities reports Icon

Mobile device activities reports

Provide an overview of your users’ mobile device usage and resource access attempts.

LogPoint GDPR Network security reports Icon

Network security reports

Provide an overview of advanced persistent threats in your network and allows for investigation into data loss.

An overview on GDPR

If you conduct business in the European Union (EU), the General Data Protection Regulation is something you should be familiar with – or becoming familiar with. GDPR will lay out guidelines for how businesses and public entities hold and process personal identifying data of EU citizens, whether inside or outside EU borders.

Read more

GDPR is good for business

The General Data Protection Regulation (GDPR) affects all companies doing business in the EU – and that’s a good thing. The regulation is designed to improve data privacy by changing the way businesses manage and process personal data.

Read more

Test the benefits of LogPoint’s SIEM, UEBA & SOAR solution

To learn more about the benefits of our SIEM, UEBA & SOAR product and different download options, book a personal demo.

Book a demo