Logpoint SIEM
Logpoint SIEM is a security information and event management solution that centralizes log and event data collection from various sources across an organization's infrastructure. The platform normalizes collected data into a common taxonomy, making it easier for security analysts to work with logs from different systems without needing to know the exact format of each device's logs. The solution maps alerts to the MITRE ATT&CK framework to provide context for security incidents and user activity. It includes data enrichment capabilities that add contextual information such as threat intelligence, geographical data, and LDAP information to logs. Logpoint SIEM offers compliance support for regulatory frameworks including GDPR, NIS2, and GPG13 through pre-configured dashboards for access management, incident management, and perimeter security monitoring. The platform includes forensic analysis capabilities to help determine the root cause of security breaches. The solution features AgentX, a native endpoint sensor that provides visibility into user actions and processes running on endpoints to enhance threat detection capabilities. Logpoint SIEM can be integrated with other security tools within the Logpoint ecosystem, including automation, case management, and behavior analytics components. Logpoint SIEM supports various deployment options and is designed to help organizations improve their security visibility, threat detection, and compliance reporting capabilities.
FEATURES
ALTERNATIVES
Security-Guard helps secure microservices and serverless containers by detecting and blocking exploits.
Browse a library of EQL analytics now natively integrated in Elasticsearch.
Python application to translate Zeek logs into ElasticSearch's bulk load JSON format with detailed instructions and features.
Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.
A collection of detections for Panther SIEM with detailed setup instructions.
PINNED
Mandos Brief Newsletter
A weekly newsletter providing cybersecurity leadership insights, industry updates, and strategic guidance for security professionals advancing to management positions.
PTJunior
An AI-powered penetration testing platform that autonomously discovers, exploits, and documents vulnerabilities while generating NIST-compliant reports.
CTIChef.com Detection Feeds
A tiered cyber threat intelligence service providing detection rules from public repositories with varying levels of analysis, processing, and guidance for security teams.
OSINTLeak
OSINTLeak is a tool for discovering and analyzing leaked sensitive information across various online sources to identify potential security risks.
ImmuniWeb® Discovery
ImmuniWeb Discovery is an attack surface management platform that continuously monitors an organization's external digital assets for security vulnerabilities, misconfigurations, and threats across domains, applications, cloud resources, and the dark web.
Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.
Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.
DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.