Logpoint Features

Orchestration (8)

Asset Management: Lets users group and organize their endpoints to gather threat intelligence on specific technologies.
Security Workflow Automation: Reduces the need for IT and security professionals to iterate repetitive tasks associated with gathering threat information.
Deployment: The process in which users integrate their existing security systems and endpoints to the threat intelligence platform.
Sandboxing: A feature that allows security testing and information gathering to occur in a secure, resource independent environment.
Security Orchestration: Integrates additional security tools to automate security and incident response processes.
Data Collection: Collects information from multiple sources to cross reference and build contextual to correlate intelligence.
Threat Intelligence: Stores information related to common threats and how to resolve them once incidents occur.
Data Visualization: Offer pre-built and custom reporting and dashboards for quick insights into system states.

Information (3)

Proactive Alerts: Prior to security incidents, the product will alert users when a new, relevant vulnerability or threat is discovered.
Malware Detection: Provides multiple techniques and information sources to alert users of malware occurrences.
Intelligence Reports: The ability for users to produce reports outlining detailed and personalized threat information

Personalization (3)

Endpoint Intelligence: Analysis for users to examine threat intelligence data specific to their endpoint devices.
Security Validation: The product has a recurring examination process to update your intelligence reports as new threats emerge.
Dynamic/Code Analysis: The ability to examine your application, website, or database's code to uncover zero-day vulnerabilities.

Response (10)

Resolution Automation: Diagnose and resolve incidents without the need for human interaction.
Resolution Guidance: Guide users through the resolution process and give specific instructions to remedy individual occurrences.
System Isolation: Cuts off network connection or temporarily inactivate applications until incidents are remedied.
Threat Intelligence: Gathers information related to threats in order to gain further information on remedies.
Alerting: Clearly notifies users with relevant information and anomalies in a timely manner.
Performance Baselin: Sets a standard performance baseline by which to compare log activity.
High Availability/Disaster Recovery: Allows platform to scale to size of desired environment and configured with high availability and disaster recovery capabilities.
Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Response Orchestration: Integrates additional security tools to automate security and incident response processes.
Response Automation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly

Records (3)

Incident Logs: Information on each incident is stored in databases for user reference and analytics.
Incident Reports: Produces reports detailing trends and vulnerabilities related to their network and infrastructure.
Resource Usage: Analyzes recurring incidents and remedies to ensure optimal resource usage.

Management (3)

Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Database Management: Adminstrators can access and organize data related to incidents to produce reports or make data more navigable.
Workflow Management: Administrators can organize workflows to guide remedies to specific situations incident types.

Network Management (3)

Activity Monitoring: Documents the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.
Asset Management: Keeps records of each network asset and its activity. Discovers new assets accessing the network.
Log Management: Provides security information and stores the data in a secure repository for reference.

Incident Management (3)

Event Management: Alerts users of incidents and allows users to intervene manually or triggers an automated response.
Automated Response: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Incident Reporting: Documents cases of abnormal activity and compromised systems.

Security Intelligence (4)

Threat Intelligence: Stores information related to common threats and how to resolve them once incidents occur.
Vulnerability Assessment: Analyzes your existing network and IT infrastructure to outline access points that can be easily compromised.
Advanced Analytics: Allows users to customize analytics with granulized metrics that are pertinent to your specific resources.
Data Examination: Allows users to search databases and incident logs to gain insights on vulnerabilities and incidents.

Visibility (3)

Dashboards and Visualizations: Presents information and analytics in a digestible, intuitive, and visually appealing way.
Alerts and Notifications: Clearly notifies users with relevant information and anomalies in a timely manner.
Reporting: Creates reports outlining log activity and relevant metrics.

Monitoring and Management (3)

Analysis (14)

Continuous Analysis: Constantly monitors traffic and activity. Detects anomalies in functionality, user accessibility, traffic flows, and tampering.
Behavioral Analysis: Constantly monitors acivity related to user behavior and compares activity to benchmarked patterns and fraud indicators.
Data Context: Provide insights into why trends are occurring and what issues could be related.
Activity Logging: Monitors, records, and logs both real-time and post-event activity.
Track Trends: Allows user to track log trends.
Detect Anomalies: Identify and predict anomalies in real-time with outlier detection and uncover root-causes
Metric and Event Data: Analyze both metric and event data on the same platform regardless of source or structure
Search: Search your logs for troubleshooting and open-ended exploration of your data
Alerts: Create alerts based on search patterns, thresholds for specific log metrics, or other conditions
Live Tail: See your data, in real time, streaming into the system from multiple data sources
Incident Reporting: Produces reports detailing trends and vulnerabilities related to their network and infrastructur
Network Visibility: Provides all-encompassing display and analysis of environments, resources, traffic, and activity across networks.
Metadata Enrichment: Facilitates Artificial Intelligence (AI) such as Machine Learning (ML) to enable data ingestion, performance suggestions, and traffic analysis.
Metadata Management: Indexes metadata descriptions for easier searching and enhanced insight

Detection (6)

Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns.
Incident Alerts: Gives alerts when incidents arise. Some responses may be automated, but users will still be informed.
Activity Monitoring: Monitors the actions from endpoints within a network. Alerts users of incidents and abnormal activities and documents the access point.
Multi-Network Monitoring: Provides monitoring capabilities for multiple networks at once.
Asset Discovery: Detect new assets as they enter a network and add them to asset inventory.
Anomaly Detection: Constantly monitors activity related to user behavior and compares activity to benchmarked patterns

Automation (4)

Workflow Mapping: Visually displays connected applications and integrated data. Allows customization and management of workflow structures.
Workflow Automation: Streamline the flow of work processes by establishing triggers and alerts that notify and route information to the appropriate people when their action is required within the compensation process.
Automated Remediation: Reduces time spent remedying issues manually. Resolves common network security incidents quickly.
Log Monitoring: Constantly monitors logs to detect anomalies in real time.

Data Preparation (4)

Data Sources: Automatically collect logs from all your services, applications, and platforms
Indexing: Automate the indexing of machine data that's critical to your operations
Automated Tagging: See log data in context with automated tagging and correlation
Data Blending: Mix and match data from apps, hosts, containers, services, networks, and more

Visualization (2)

Generative AI (6)

AI Text Summarization: Condenses long documents or text into a brief summary.
Generate Attack Scenarios: Use AI to propose possible threat actor tactics, techniques, and procedures against specific environments or assets.
Generate Threat Detection Rules: Use AI to automatically create detection rules based on observed patterns.
Generate Threat Summaries: Use AI to produce concise summaries of complex threat reports or alerts.
AI Text Generation: Allows users to generate text based on a text prompt.
AI Text Summarization: Condenses long documents or text into a brief summary.

Functionality - SAP Security Software (6)

Visualizations: Create dashboards that provide real-time data and insights for comprehensive SAP security.
Log Analysis: Provides log correlation and analysis to give a complete overview of the SAP IT landscape.
SIEM capabilities: Offers real-time security information and event management (SIEM) intelligence to offer both proactive and reactive cybersecurity measures.
Prebuilt content and integrations: Offers integrations and prebuilt content to provide quick implementation.
User Identification: Provides SSO, MFO and RBAC capabilities.
360 degree security: Offers threat detection, vulnerability management, devsecops, compliance, patching and monitoring capabilities.

Agentic AI - Threat Intelligence (4)

Agentic AI - Security Information and Event Management (SIEM) (4)

Agentic AI - User and Entity Behavior Analytics (UEBA) (4)

Agentic AI - SAP Security Software (3)

Agentic AI - SAP Store (7)

Autonomous Task Execution: Capability to perform complex tasks without constant human input
Multi-step Planning: Ability to break down and plan multi-step processes
Cross-system Integration: Works across multiple software systems or databases
Adaptive Learning: Improves performance based on feedback and experience
Natural Language Interaction: Engages in human-like conversation for task delegation
Proactive Assistance: Anticipates needs and offers suggestions without prompting
Decision Making: Makes informed choices based on available data and objectives

Agentic AI - Log Analysis (7)

Autonomous Task Execution: Capability to perform complex tasks without constant human input
Multi-step Planning: Ability to break down and plan multi-step processes
Cross-system Integration: Works across multiple software systems or databases
Adaptive Learning: Improves performance based on feedback and experience
Natural Language Interaction: Engages in human-like conversation for task delegation
Proactive Assistance: Anticipates needs and offers suggestions without prompting
Decision Making: Makes informed choices based on available data and objectives

Agentic AI - Log Monitoring (7)

Autonomous Task Execution: Capability to perform complex tasks without constant human input
Multi-step Planning: Ability to break down and plan multi-step processes
Cross-system Integration: Works across multiple software systems or databases
Adaptive Learning: Improves performance based on feedback and experience
Natural Language Interaction: Engages in human-like conversation for task delegation
Proactive Assistance: Anticipates needs and offers suggestions without prompting
Decision Making: Makes informed choices based on available data and objectives