Logpoint – What’s New?

Who are Logpoint and when was the company established?

Logpoint was founded in 2012, and safeguards society in a digital world by helping customers and Managed Security Service Providers (MSSPs) detect cyberattacks. Combining reliable technology with a deep understanding of cybersecurity challenges, Logpoint makes security operations easier, giving organisations the freedom to progress. Logpoint’s SIEM and NDR technologies improve visibility and give a multi-layered approach to cybersecurity that helps customers and MSSPs in Europe navigate the complex threat landscape. Headquartered in Copenhagen, Denmark, Logpoint has a European foundation and is the only European SIEM vendor with a Common Criteria EAL3+ certification. This demonstrates Logpoint’s strong focus on data protection and cybersecurity regulations. 

What’s new since KedronUK first partnered with Logpoint?

The biggest news in 2024 was Logpoint’s acquisition of Muninn, a Danish company specialising in AI-driven Network Detection & Response (NDR) technology. 

What new features have been introduced in the past year?

1. SIEM

• Support for .CSV and .TXT to import lists (IoC, malicious domains, IPs, etc.)
• Templated log sources, including syslog sources
• Dark mode
• Support for Azure Blog Storage for more cost-effective cloud-based storage methods and scalability to scale up or down in tiers of storage
• SaaS Logpoint Portal for centralised access management, expanding to on-prem SIEMs in 2025
• Onboarding with pre-configured compliance dashboards covering access management, incident management, and perimeter security monitoring. 

2. SOAR Playbooks

•  Playbook restoring
• Integration-agnostic playbooks for easier distribution to customers
• Playbook action for encoding/decoding HTML, changing case types and adding incidents as a new artifact

3. SOAR Case Management

• Automatic reading of the incidents and adding all the extractable data as artifacts to the case
• All-in-one screen case management with case timeline, graphical overview of artifacts relations in an incident, and the option to run automatic investigations from the case

4. Director 

• Templated log sources, including syslog log sources and cloud features
• Centralised health metrics monitoring dashboard
• Role-based access control for segregation of users permissions

What’s coming in 2025?

Throughout the following months, Logpoint will focus on different areas. To reduce operational overhead, Logpoint is looking for ways to improve log source onboarding and enhance log source activity monitoring and data integrity. Analysts will also benefit from better enrichment and querying features for threat hunting and will continue to get better threat detection, thanks to optimised T1 integrations and alerting. 

What gap does KedronUK fill for Logpoint?

Logpoint delivers a comprehensive end-to-end security platform, equipping organisations with everything they need for effective cybersecurity. Kedron complements this by providing value-added services and managing security complexities on behalf of end customers. Together, we enable organisations to stay focused on their core business while ensuring their security operations are well-managed and optimised. 

Phil Swainson, Head of Technology at KedronUK says: “We’ve found that customers managing enterprise networks are struggling to find a network performance management tool focused on packets that can handle the demands of high-speed, high-bandwidth networks, while not breaking the bank with excessive storage requirements. The unique way Allegro Packets solutions work means that network managers and IT Ops managers can get the information they need without having to search petabytes of data.”

What does Logpoint bring to KedronUK?

Logpoint brings a valuable SIEM capability to the KedronUK product and services portfolio. 

• Flexible deployment models including self-managed (on-premise / private cloud) and SaaS cover varying customer requirements. For users with specific compliance or contractual obligations, the SaaS instance can be provisioned in the UK to remove any concerns about data sovereignty.
• Logpoint’s transparent pricing model is easy to understand and provides cost clarity for users. Predicting costs can be difficult with other models such as ingestion-based billing (e.g. events per second or GB per day) and limit the scope of a deployment. There are also special license bundles for public sector customers such as the NHS. 
• Hundreds of out-of-the-box integrations allow users to collect data from a wide variety of sources and leverage existing security tools to improve detection, investigation, and response capabilities.

The recent acquisition of Muninn extends the security capabilities of Logpoint to include NDR/XDR. This provides additional visibility into Cloud, OT, and remote workers. 

To find out more about Logpoint, please Contact us or get in contact with our sales team through sales@kedronuk.com. 

Call us today on 01782 752 369
KedronUK, Kern House, Stone Business Park, Stone, Staffordshire ST15 0TL