Logpoint unveils platform enhancements for improved cybersecurity operations
Logpoint has announced new enhancements to its Director and Converged Security Information and Event Management (SIEM) platforms. These capabilities aim to bolster performance and improve the operational experience for Managed Security Service Providers (MSSPs) and other organisations.
The cybersecurity vendor has revealed that the upgrades will optimise usability and ensure streamlined security operations across multiple organisations. This will save valuable time on configuration while also increasing performance and compliance.
The improved Logpoint Director now offers a centralised monitoring dashboard, allowing system administrators to swiftly identify operational issues and rectify them more rapidly. It also enables MSSPs to monitor trends across various systems and performance metrics proactively. The platform has extended templated log sources to the Syslog collector, ensuring consistency across tenants, thus relieving MSSPs from the burdensome process of manual health checks and log source configuration operations.
Enhancements to the SIEM platform impact performance significantly, specifically concerning log querying. Other upgrades to the platform include dark mode viewing, support for cloud-based cold storage in Azure using Azure Blob Storage and an improved access control granularity for log sources. These improvements not only increase operational control for users but also reduce the total cost of ownership and allow for better resource optimisation.
Additionally, the Security Orchestration, Automation, and Response (SOAR) platform has been updated. This includes improvements to memory usage for better performance, hierarchical monitoring and debugging of playbooks, and configurable persistent per-user viewing of playbooks and cases. These enhancements streamline operations by making it simpler for MSSPs and organisations to manage playbooks and control views across cases effectively.
Edy Almer, Product Director at Logpoint, stated, "We're dedicated to helping MSSPs bring value to their customer with threat detection and incident response (TDIR) capabilities and compliance capabilities. Our Logpoint Director release makes it easier for MSSPs to focus on those value-adding tasks because it enables them to save valuable time on manual health checks and eliminates operational workload of configuration." Almer further added that the upgraded SIEM and SOAR products were designed to help MSSPs and other users reduce the total cost of ownership and mitigate the risk of overstretched security analysts.
Logpoint Director is geared towards assisting MSSPs and Managed Detection and Response services (MDRs) in updating, operating, and monitoring multi-tenant and large deployments across customers with ease. The Logpoint Converged SIEM is an all-encompassing platform that combines several tools, such as SIEM, SOAR, User and Entity Behaviour Analytics (UEBA), and endpoint security, in one package to speed up threat detection and incident response.