The LogPoint SIEM solution extracts events and incidents from the billions of logs existing in any IT infrastructure of any size.
Orchestration, automation and incident response – real time
LogPoint enables you to easily assess the status of your systems and applications through the solution’s uniquely designed correlation and analysis layers.
The built-in log analysis engine automatically detects and notifies of all critical incidents on your systems. The events monitored can be very diverse and can include: an ongoing attack, a compromised system, a system breakdown, user authentication issues and much more.
The raw log data from your systems can be used to:
- Automate regulatory processes
- Improve efficiency in forensics investigations
- Increase troubleshoot turnaround time
- Improve your security position
- Gain visibility into the organization
Implementing LogPoint is simple. The product is shipped in a virtual appliance, physical appliance or as a piece of software, allowing the organization complete flexibility in deployments. LogPoint further offers several pre-settings based on 400+ Use Cases, and organizations can thus orchestrate storage for LogPoint that is both cost effective and performance optimized.
LogPoint provides full data-enrichment capabilities – which means gathered events can, for instance: produce a message about a critical transaction in an ERP system, investigate if the user is authorized to conduct the operation in the HR system or raise alerts if a discrepancy is discovered. These capabilities increase performance and accuracy of analytics through ingest-time enrichment, without the need to import and fragment existing data.
LogPoint is licensed on the number of devices sending logs to the system. Thus, organizations can scale to as many LogPoint servers as needed, while maintaining transparent cost-projections.
UEBA (Machine Learning)
LogPoint offers UEBA to achieve situational awareness before, during and after responding to breaches. Utilizing Machine Learning, LogPoint UEBA builds baselines for every entity in the network, without creating predefined rules or signatures, thus acting as a force-multiplier for your security analysts by reducing expert-rules, false positives and prioritizing alerts.
Fast performance and precision analysis offers IT teams swift insight into all incidents across the infrastructure.
Real-time, actionable insights from raw machine data help increase operational efficiencies, streamline compliance for regulatory mandates, and strengthen the organization’s security posture.
EAL3+ Certified Solution
LogPoint is the only European EAL3+ certified SIEM solution. EAL3+ is an international standard for software security certification. The certification is also referred to as a NATO-certification, as the EAL-certification is a requirement for suppliers to the Western defense alliance. To achieve EAL3+, LogPoint’s product and processes have been extensively examined, verified and documented to the Common Criteria standard – also called ISO/IEC IS 15408.
Extended Integration possibilities
Any new application, business process or infrastructure component will be immediately covered by our best-practice taxonomy and thus the features in LogPoint without user involvement. This also goes for numerous integrations, e.g. Threat Intelligence.
Automated correlation of any number of data sources – internal, external or structured, gives you a clear and detailed overview of your organization’s data. Thus, providing you also with real-time alerts on risky behavior, anomalous activities, etc.
Extensive data privacy mode
Understand when and why critical or sensitive data is accessed and reduce the data stored, if needed. Thus, preparing your business for the GDPR regulations.