In 2015 Scildon wanted to gain more insight into the log sources within the company IT infrastructure, to be able to mitigate the risks they saw in their daily business. In a complex IT environment, manually accessing and analyzing log files was becoming increasingly ineffective, resource consuming and cumbersome.
“In addition to being labor-intensive, manually scanning generic log files also meant that analysis was inherently retrospective. Effectively we would be reviewing the previous day, which is far from optimal from a security perspective,” says Alastair Kirkman, Security Manager at Scildon.
“Also we wanted to extend access to log files to our application support team in a controlled fashion, making sure that information was shared on a need-to-know basis,” he says.
Following a comprehensive review of SIEM solutions in the market, Kirkman and his team shortlisted three vendors. LogPoint was proposed by iSOC24, a LogPoint certified Gold partner since 2013, specializing in cybersecurity in the Benelux-region. Following a Proof-of-Concept, LogPoint was selected as the platform of choice.