SIEM

Logpoint SIEM is an easy-to-use platform to manage log data, security events and compliance risk across the entire IT infrastructure. It is intended for small and medium-sized enterprises looking for a scalable platform that delivers easy security event management and pre-configured dashboards for compliance to meet regulatory frameworks with ease. It can be deployed On-premises or as SaaS and enables quick setup. Logpoint SIEM can be upgraded with security add-ons to achieve improved investigation, response capabilities, and higher observability.

Add-ons

Automation

Built on top of Logpoint SIEM, Logpoint Automation is a SOAR product to automate security tasks and workflows. It is intended for small and medium-sized enterprises that need to speed up and automate their triage, investigation, and response processes. With out-of-the-box playbooks, Automation reduces cybersecurity risk by decreasing the time to detect and respond and increasing the efficiency of the process. Logpoint Automation can be combined with Case Management to automate incident investigations from one single place. In addition to the more than 500 integrations, Automation seamlessly integrates with open APIs, making it highly accessible and easy to use.

Case Management

Logpoint Case Management is a case manager built on top of Logpoint SIEM and requires Logpoint Automation to work. It is intended for small and medium-sized enterprises that require a central place to run all their incident investigations and collaborate in their resolution. Case Management reduces cybersecurity risk using playbooks for investigation and response and increasing the productivity of your SOC team with collaboration tools. With structured case reporting, Case Management makes it easy to evaluate and document the investigation and response process and communicate their status to management teams.​

Behavior Analytics

Logpoint Behavior Analytics leverages ML-based models to identify anomalies in the user and entity behavior. It is intended for small and medium-sized organizations (min. 200 entities) looking to create behavior baselines and add context to alerts for further investigation. Built on top of Logpoint SIEM, Behavior Analytics is a detector that takes the log event data that SIEM has collected and uses it to analyze user and entity behavior in the network and identify abnormal activity. It can detect anomalies in Active Directory (Domain Controllers) and Azure AD.