LogPoint

Score3.7 out of 10

9 Reviews and Ratings

What is LogPoint?

LogPoint detects, analyzes and responds to threats within an organization’s data for faster security investigations. LogPoint is dedicated to helping overloaded security analysts work more efficiently with accelerated detection and response. LogPoint's SIEM solution with UEBA provides users with analytics and ML-driven automation capabilities designed to enable customers to securely build, manage and effectively transform their businesses. The licensing model is flat and based on nodes rather than data volume, giving businesses a predictable price that helps reduce the cost of deploying a SIEM solution on-premise, in the cloud or as an MSSP. The solution integrates with all network devices, so users get a holistic and correlated overview of events in an IT infrastructure. LogPoint SIEM translates all data into one common language so it is possible to compare events across systems. Having a common language enables users to better search, analyze and report on data. When it comes to compliance LogPoint enables automatic monitoring of relevant compliance parameters and alerts users to relevant risks as they happen.

Categories & Use Cases

Media

All LogPoint alerts are mapped to the MITRE ATT&CK framework

1 / 4

Event and log normalization/management
Ability to normalize event syntax so that logs can be compared and are machine-understandable
Category average: 8.5
Centralized event and log data collection
Effectiveness of real-time centralized event and log data collection
Category average: 9
Correlation
Correlation of logs and events to pinpoint significant threats
Category average: 8.4

Data integration/API management
Ease and quality of data integrations between SIEM and other systems
Category average: 8.1
Response orchestration and automation
Quality of built-in response orchestration and automation in Next-Gen SIEM
Category average: 7.1
Incident indexing/searching
Effectiveness of searching across structured and unstructured events and incidents within SIEM
Category average: 8.8

Louis MILCENT View profile

Ingénieur en cybersécurité in Information Technology at SECURIVIEW (1001-5000 employees employees)

Pros

Technical support team is fast and competent
License management and cost
Log parsing
New logs can be provided to the support team for parser creation
High Availability architecture does not cost more

Cons

Alerts interface is too simple, hard to keep visibility if there is more that 10 alarms
Web UI is clear but sometimes confusing
LogPoint never warns on bad practices that could leads to performance issues
Lack of self monitoring, to display which alert rule is consuming too much resources

Return on Investment

Not Sure/Don't Know

Usability

Fabien Landais View profile

IT Manager / Sales Engineer / Trainer in Information Technology at MIEL (51-200 employees employees)

Pros

Analyse in real time lots of different logs and alert security team based on predefined alert templates.
Simple and fast deployment.
Pre defined templates available for dashboarding, alerting, reporting and logs normalization.

Cons

Providing a full Cloud solution
Having more documentation for complex deployment

Return on Investment

Keep the same team to manage more IT resources
Having a better logs visibility

Return on Investment

Not Sure/Don't Know

Alternatives Considered

Splunk Enterprise

Usability

Other Software Used

BeyondTrust Endpoint Privilege Management, BeyondTrust Privileged Remote Access, Vade Secure, Rapid7 InsightIDR, Rapid7 InsightVM (Nexpose)

Alexandre Mirgalet

Security Engineer in Information Technology at SCC (1001-5000 employees employees)

Pros

Pricing model
Active support
Ease of use

Cons

Stability (weird issues)
Transparency (hard to investigate issues)
Search template should be improved

Return on Investment

Not Sure/Don't Know

Usability

Verified User

Manager in Information Technology (1001-5000 employees employees)

Pros

Log storage - depending on the value of the data, you can specify different retention periods.
Log enrichment - LogPoint can use various sources, such as Active Directory and threat intelligence feeds, to enrich logs and make them more useful.
Correlation - you can write complex search queries that bring in information from multiple log sources.
Alerting - any search can be used to configure an automatic alert, triggering an email if an event is detected, or passes a set threshold.
Support - LogPoint support is always incredibly helpful.

Cons

Ease of use - some aspects of LogPoint are difficult to find, hidden away in parts of the product that are not intuitive. For example, you have to go into the Knowledge Base to find the alert rules you've set up.
User community - the user community for LogPoint does not seem to be as large or active as some of their competitors.
UEBA - so far the UEBA functionality has not generated any usable insights for us.

Return on Investment

Not Sure/Don't Know

Usability

Verified User

Professional in Information Technology (501-1000 employees employees)

Pros

Log aggregation
Log search functionality
Excellent customer service

Cons

Some maintenance tasks can only be performed by support

Return on Investment

Highlighted numerous issues in the estate which had gone unnoticed for many years
Provided insight into user behavior
Allows us to monitor for issues pro-actively

LogPoint

What is LogPoint?

Categories & Use Cases

Media

Key Features

Top Performing Features

Event and log normalization/management

Centralized event and log data collection

Correlation

Areas for Improvement

Data integration/API management

Response orchestration and automation

Incident indexing/searching

Reviews

Pros

Cons

Return on Investment

Usability

Pros

Cons

Return on Investment

Return on Investment

Alternatives Considered

Usability

Other Software Used

Pros

Cons

Return on Investment

Usability

Pros

Cons

Return on Investment

Usability

Pros

Cons

Return on Investment

Related Products