Alert fatigue and analyst burnout continue to be a major challenge for SOC teams with up to 11,000 security alerts daily according to a Forrester Study.
Security analysts work in a stressful environment and 71% of them say that introducing automation to the analyst workflow would help reduce analyst stress.
With the latest update of Logpoint’s Converged SIEM security analysts receive a wide set of new and improved features that provide enhanced observability and the added advantage of decreasing incident response time.
New Case Management provides an enhanced overview and facilitates a quicker response to incidents
With the latest update, we are launching a whole new Case Management interface, which provides an immediate overview for security teams.
A lack of visibility into the environment for monitoring can increase the mean time to respond (MTTR) and make organizations vulnerable to attacks. The new case management groups related incidents into the same case and allow analysts to run playbooks within a case. These capabilities make it easier for SOC teams of all sizes to efficiently manage cases and resolve incidents faster.
Simple and easy log source onboarding
Implementing and being onboarded to a new SIEM platform can be a complicated process and demand a lot of resources from the SOC team.
Logpoint’s universal rest API fetcher will, with the new update, allow new users to configure log sources easily through templates making adding new data sources easy and transparent for all users. By making the onboarding process easier, the analysts can get started on what really matters - securing the organizations against threats.
Improving detection of threats in endpoints
With the addition of AgentX, our new endpoint security agent, Logpoint’s converged platform also includes endpoint security and provides precise detection of malware and remediation of incidents in endpoints.
For modern organizations with hybrid workplaces, employees will move their devices between different locations, making them more difficult to track based on IP addresses. With the new update, users will now be able to add devices by their hostname, which ensures that devices receiving a new IP address will still be recognized within the platform, safeguarding that the Converged SIEM platform supports the customers’ network architecture now and in the future.
But that’s not all…
This update of the Converged SIEM platform includes more new and improved features, all focusing on making the lives of security analysts easier. With the new update, you also get:
- An improved Alert Triggering if a delay in log collection occurs
- A list of active log sources to help security analysts know what to focus on
- New dashboards which provide a better and quicker overview
- The ability to allow backup and restore of all Playbook and Actions providing access to new security content faster and keep improving their response to alerts
- Azure Active Directory-related detectors for UEBA, helping analysts to spot early signs of suspicious behavior
- UEBA analytics in Logpoint Search Master enables MSSPs to monitor user and entity behavior for each tenant
Would you like to discover more about how these new features look and work?
Sign up for our webinar on April 19th where Senior Product Manager, Edy Almer, and Senior Sales Engineer, Nils Krumrey, will go through the features and do a live demo of how they can help you to speed up incident response with enhanced observability.
Get the latest version of Logpoint’s Converged SIEM platform today!
Visit the Logpoint Help Center to download the latest version of Logpoint and read the release notes.