Security Operations Centers (SOCs) and Managed Security Service Providers (MSSPs) are under immense pressure to keep pace with an ever-expanding threat landscape—while also grappling with a persistent cybersecurity skills shortage. According to the European Union Agency for Cybersecurity’s (ENISA) 2024 report, the industry-wide talent gap continues to challenge security teams, leading to inefficiencies and increased workloads. Many cybersecurity professionals lack formal qualifications or standardized training, making it even more difficult to maintain consistent and effective security operations.

Sergio Lozano Álvarez
Sergio Lozano Álvarez

Product Marketing Manager

Recognizing these challenges, Logpoint’s latest release is designed to reduce operational burdens, enhance efficiency, and improve security outcomes. With a strong focus on automation, centralized monitoring, and centralized management, this release helps SOC teams and MSSPs streamline their workflows, scale their operations, and maximize their security investments.

Effortless Onboarding and Instant Visibility

Getting up and running with a SIEM shouldn't be a hurdle. The longer it takes, the more you're missing and the more costly onboarding new SIEM instances cost.

This is why Logpoint now automatically accepts Syslog messages right out of the box. This Default Log Accept feature means immediate log collection after installation, frictionless onboarding for new clients, and seamless scalability as you add new Logpoint instances – all without losing a single log. Gain instant security visibility and reduce onboarding costs, ensuring you're protected from day one.

Logpoint releases continue removing the manual configuration headaches, this time by expanding the templated log source to FTP and ODBC Fetcher.With a focus on improving the onboarding experience, Logpoint offers pre-configured templates for this type of fetcher. This way, SOC teams simplify data integration from various systems and quickly ingest critical logs for precise threat detection and incident response, freeing up your team to focus on proactive security.

 

 

Guarantee Data Integrity and System Stability

Confidence in your security data and system stability is fundamental. If you can't trust the logs you're ingesting or even the ingestion stability of your SIEM, for that matter, you may as well reconsider how you approach your organization's cybersecurity. This release intends to help you with that.

Avoid Blind Spots with Easy Identification of Inactive Log Sources

Never miss critical alerts due to log collection failures. Our new Log Source Activity Monitoring feature provides real-time notifications, email alerts, and a visual color-coding system to instantly identify inactive log sources. Define your own threshold for inactivity and receive alerts across multiple channels, ensuring continuous security visibility and preventing interruptions in your alerting, especially vital for large enterprises.

Increase Detection Accuracy with Log Integrity Checker

Uphold uncompromised security and compliance with Logpoint's latest improvement: Log Integrity Checker. Console users can now run a  li-admin command to validate and monitor the integrity of the log data in real-time, ensuring logs are tamper-proof, complete, and compliant with regulatory standards. Detect alterations and inconsistencies, streamline audits, and conduct precise forensic investigations with confidence, reducing risk, downtime, and potential legal and operational costs.

More Team Efficiency, Fewer Bottlenecks

Efficiency is key to a successful security team. Oftentimes it's not about smoother ways of working, but removing obstacles that hinder how SOC managers collaborate with their team. With this sentiment, we're introducing two improvements that will optimize your team's workflow and reduce manual overhead:

Manage Alerts in Bulk to Save Time and Increase Operational Efficiency

Dealing with numerous alerts rules can soon become a cumbersome task as your security team can spend more time activating and deactivating alerts, setting up notifications for them, or changing the repo and time range. And this only gets more time-consuming the more alerts you have. Now they can manage alert rules in bulk.

This poses a significant reduction in time spent on alert rule administration, freeing up SOC analysts to focus on higher-priority tasks like threat hunting and incident response. It only takes to select the alert rules from the list and apply the action of your choice, boosting overall security operations efficiency.

Shared Analytics Content for Improved Workflows and Cost-efficiency

Removing bottlenecks is a big part of ensuring efficiency and reducing costs. Well, this is exactly what happens when admins get access to analytics contents. As they can see the alerts, dashboards, reports and search templates other users are running they can control misconfigurations and standardize best practices across the team. 

When it comes to optimizing costs, sharing analytics content have a great advantage that goes beyond eliminating misconfiguration and redundant efforts to streamline security operations. As they're not two or more people running the same alerts or dashboards, the consumption of resources and the impact on stability decreases. Another advantage of Logpoint administrators being able to manage analytics content has an obvious, yet important, outcome. Admins can take over for analysts who are off, on vacation or leave.

Other Notable Updates

Now, you can integrate with you MaxMind's GeoIP account to achieve geographical intelligence, hence, reducing the risk of overlooking geographically-relevant threats decreases. This translates to potential cost savings from avoided breaches and better use of your analysts' time by providing them more accurate location context.

In addition, Logpoint now supports enforced StartTLS, enhancing email security by making sure that all email communications are encrypted, and allowing users to encrypt connections in SMTP (Simple Mail Transfer Protocol). the communication protocol used for sending emails of Logpoint alerts and incidents.

This release benefits in-house security teams and SOC team of MSSPs alike, allowing them to operate with frictionless workflows. If you have any questions about it, you can always reach out to your Logpoint sales representative.