We use LogPoint for log collection. We have a specific use case around a system that was not able to provide this kind of correlation. However, we are going to get rid of the legacy platform within the year and will be moving away from LogPoint.

The main use cases were triage and log collection and security analysis of any logs.

I didn't fully work on the SIEM and used it to its full potential so my experience was quite limited.

The version I used was 7.13.

We use it as a repository of most of the logs that are created within our office systems. It is mostly used for forensic purposes. If there is an investigation, we go look for the logs. We find those logs in LogPoint, and then we use them for further analysis.

We used the solution to help our clients protect their environment by identifying users and the tools they access. Multiple users in our client's admin and HR departments were accessing critical financial documents. Our clients could not stop them from accessing these documents. So they wanted data on which users were accessing the files.

We are using LogPoint for MSSP. 

The use case with the business case actually is using LogPoint as a full-blown team system. And actually to orchestrate incident responses.

It's a SIEM system and if you incorporate detection rules and can set alerts, severities, stuff like that. It's the center of a SOC, basically. That's the main use case for it. Of course, it's also sued to fulfill regulatory compliance, which is making a report every week, every day, every month, according to the auditor, what he wants. That's the basic use case.

We use it for our network and security devices. We also use it for all the infrastructure services, such as Active Directory, domain controllers, Exchange servers, hypervisors, and antivirus servers. In general, it is more dedicated to security than to logs.

Logpoint works as a SIEM system. It provides SOAR functionality as well. It helps clients with users' endpoint behavior analysis.

The main purpose was for compliance reasons because the pension funds need to comply with the Dutch Federal Bank rules. So, most of the use cases were much more focused on the separation of duties, privilege escalation, and access to sensitive data.

We were not using it as an active, real-time monitoring tool. The group of people looking after security was very small, and there were only daytime operations. So, the focus was not to look after external breaches, attacks, etc. That's the main reason why the responsibility of security monitoring was not ours anymore. Accountability and responsibility had shifted from the internal organization to a contracting firm.

It monitors the users as well as the endpoints and provides data for that. It basically studies the activities, tries to understand the activities, and then does a little bit baseline for that. It then monitors the user or the endpoint to see if there is any deviation. If there is any deviation, it triggers an alarm.

The primary use case is standard compliance to help the user's ability to navigate PCI DSS compliance or GDPR compliance. Besides that, if a user needs to do the log collection and correlation, the solution makes it easy.

We do SMB and schools, K through 12. 

We have a storage cloud and cloud-based Cisco voiceover IP cloud services that we offer, as well as on-premise-based for those who still prefer that.

I use the product for my research and development to enhance my work. We are transitioning to a new technology, and Logpoint has proven valuable for my purposes.

We use the solution for SIEM and SOAR.

I'm using LogPoint as a commercial product. My company uses LogPoint for data aggregation, which is also used for creating custom use cases based on organizational leads. Then, my company triggers and escalates to the IT team responsible for solving loopholes and problems seen via LogPoint.

We're a health care organization and we had a specific case where LogPoint was able to help develop a special collector for an earlier version of our storage system, where we had issues with migration. Some files were missing when we migrated to the new system, and we had trouble finding out why. LogPoint was very helpful in designing some drivers which could collect the log data, so we could identify the problem. We're customers of LogPoint and I'm a security consultant.

We have certain vendors, and our work is to deploy the SIEM solution.

On a high-level, we primarily use the solution for creating security operation centers.