Logpoint SIEM
Logpoint SIEM is a security information and event management solution that centralizes log and event data collection from various sources across an organization's infrastructure. The platform normalizes collected data into a common taxonomy, making it easier for security analysts to work with logs from different systems without needing to know the exact format of each device's logs. The solution maps alerts to the MITRE ATT&CK framework to provide context for security incidents and user activity. It includes data enrichment capabilities that add contextual information such as threat intelligence, geographical data, and LDAP information to logs. Logpoint SIEM offers compliance support for regulatory frameworks including GDPR, NIS2, and GPG13 through pre-configured dashboards for access management, incident management, and perimeter security monitoring. The platform includes forensic analysis capabilities to help determine the root cause of security breaches. The solution features AgentX, a native endpoint sensor that provides visibility into user actions and processes running on endpoints to enhance threat detection capabilities. Logpoint SIEM can be integrated with other security tools within the Logpoint ecosystem, including automation, case management, and behavior analytics components. Logpoint SIEM supports various deployment options and is designed to help organizations improve their security visibility, threat detection, and compliance reporting capabilities.
FEATURES
ALTERNATIVES
Apache Metron is a centralized tool for security monitoring and analysis that integrates various open-source big data technologies.
Windows Event Log Analyzer with logon timeline generator and noise reduction for fast forensics.
A cloud-native SIEM platform that provides security analytics, intuitive workflow, and simplified incident response to help security teams defend against cyber threats.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
A collection of detections for Panther SIEM with detailed setup instructions.
A community-led project focused on standardizing security event logs.
PINNED
InfoSecHired
An AI-powered career platform that automates the creation of cybersecurity job application materials and provides company-specific insights for job seekers.
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.