ChannelLife New Zealand - Industry insider news for technology resellers
New Zealand
Guides
#
cloud services
#
cybersecurity
#
distributors
#
microsoft
#
partner programmes
Search
Story image
#
Converged Infrastructure
#
Cybersecurity
#
SIEM
Logpoint unveils new capabilities to Converged SIEM platform
Wed, 13th Sep 2023
Author image
By Shannon Williams, Journalist
Follow us

Logpoint has announced the release of new capabilities to its Converged SIEM platform, built on SIEM, SOAR, UEBA, and Business-Critical Security (BCS) technologies. 

The new practical SOC-centred functions connect detection with investigation, automation, response, and orchestration to provide enhanced visibility, automation, and response and improve the end-to-end functionality for end customers and MSSP partners.

"Cyberattacks have become a daily nuisance for organisations today, and improving the security posture is a top priority," says Edy Almer, Logpoint Director of Product. 

"We are now enhancing endpoint capabilities and strengthening our case management tool to help analysts better understand what is happening," Almer says. 

"Gaining that complete insight makes it easier to identify security breaches, simplifies investigation, and accelerates response, allowing small organisations to handle attacks and leverage MSSP capabilities to save time and resources. The SOC team can also share information more easily with the rest of the organisation, helping CISOs justify their cybersecurity approach or build a case to modify it."

The new release improves investigation, the cornerstone of the incident response process, by introducing more contextual information in Logpoint SOAR. Security analysts will have all the information they need in the case management tool, with incidents mapped to the MITRE ATT&CK framework and a new graphical overview of connections between artefacts.

Logpoint also introduces case summaries, providing analysts with a comprehensive PDF report on ongoing and finalised cases to easily share with stakeholders, and the playbooks are enhanced with improved documentation and increased flexibility to create more precise and less time-consuming workflows.

The capabilities in AgentX, Logpoint's native endpoint agent, have also been expanded, with the opportunity to select installation directory and manage the TLS authentication directly from the user interface. In addition, SOAR now automatically authenticates AgentX, saving time and preventing mistakes happening from manual authentications.

"While cyberattacks do pose a problem and concern CISOs worldwide, we aim to provide the necessary tools and information to let them rest assured that they get the information they need about activities in the IT infrastructure," says Almer. 

"We strive to provide value beyond the security function, and with the new release, we close the loop between the alerts, investigation, and response, enabling our customers to increase operational speed, optimise business processes, and expose weaknesses faster."
 
Logpoint Converged SIEM is an end-to-end cybersecurity platform that covers the entire threat detection and incident response (TDIR) process. The platform automatically adds threat intelligence, business context, and entity risk to observations to transform weak signals into meaningful investigations and enables analysts to respond faster with automation and orchestration.

Top stories
HID acknowledged as Leader in Gartner Magic Quadrant for Indoor Location Services
Exclusive: How Darktrace is tackling AI-driven cybersecurity
Game review: TopSpin 2K25 (PS5)
Gartner unveils top four data & analytics trends for 2024
Smarttech247 & SentinelOne launch AI-powered cybersecurity for SMEs