With the new update, Logpoint is streamlining security orchestration, automation and response (SOAR), and case management.
Logpoint announced the release of new capabilities to its Converged SIEM platform, enhancing threat detection and security operations and streamlining case management. Organisations can focus on essential security matters with the new capabilities by reducing workload, simplifying automation, and freeing up resources.
The new release delivers increased system stability and reliability and more efficient use of resources by introducing adaptive memory management, which optimises memory usage automatically. This allows users to prevent service disruptions and eliminate time spent on manual memory tuning. They can also add more nodes and increase visibility due to the release of extra memory.
Edy Almer, Director of Products at Logpoint, said, “Visibility, time to respond, and confidence in the investigation are important factors in fending off cyberattacks successfully, and we’re excited to help organisations improve on that with the new Logpoint release. We’re essentially helping organisations get more resources for focusing on what matters for their security, which is essential as the pressure on cybersecurity professionals increases from expanding data and cybersecurity regulations and the threat actors’ ever-changing and innovative methods.”
Logpoint enhances the experience of configuring alerts with one single window and fewer clicks. Additionally, the way users populate and update lists has been simplified. Now, they can upload a list of, e.g., IoCs, malicious domains, IPs, etc., in a .CSV or .TXT file. This provides users with a flexible way to add lists from different sources, facilitates their jobs, and helps keep threat detection up to date.
Logpoint now allows complete collection chain configuration with a single click from LogSource Templates and enables distribution at scale for MSSPs from Logpoint Director, a platform to manage large deployments. This enhancement makes the initial configuration of Logpoint a breeze with pre-configured templates for all major Log Sources.
With the new update, Logpoint is streamlining security orchestration, automation and response (SOAR), and case management. For example, incident artefacts are automatically extracted into cases, adding context, reducing analyst workload, and improving detection and response. Playbooks can automatically read incidents and add all extractable data as artefacts to the case. Additionally, security teams can search logs directly from the case management tool with a single click and feed the result back into the case, simplifying investigations.