Logpoint launches endpoint threat detection and remediation capabilities

Logpoint introduces endpoint detection and remediation capabilities to its security operations platform with the release of AgentX.

  • Wednesday, 8th March 2023 Posted 1 year ago in by Phil Alsop

Logpoint has launched AgentX, an endpoint agent for Windows, Linux, MacOS, and Cloud deployments. AgentX accelerates threat detection and investigation on endpoints and ensures fast response capabilities. In addition to gathering telemetry, AgentX adds interrogation, compliance checks, and vulnerability management capabilities to Logpoint’s security operations platform, converging SIEM, SOAR, and UEBA technologies, to improve overall security posture significantly.

 

“Our vision is to drive accelerated detection and response to threats. Adding AgentX to our platform changes the paradigm from log-collection to observability and interrogation to action-driven response,” says Christian Have, Logpoint CTO. “AgentX expands the visibility of our security operations platform. Analysts can detect and respond to threats from a single console with end-to-end playbooks, analytics and use-cases shipped for common threats and techniques.”

 

AgentX brings endpoint observability from log collection, osquery integration, and vulnerability management to the converged security operations platform. The rich endpoint telemetry enhances security observations, providing analysts with threat and operational context about incidents and more detailed analyses of threats.

 

“The compliance capabilities that AgentX offers solve two of the main challenges compliance and security teams face today,” says Christian Have. “First, identifying critical events for compliance reporting and monitoring. Second, knowing if and when a device enters a non-compliance state.”

 

AgentX provides out-of-the-box enrichment of event data with relevant compliance information, letting compliance specialists query for PCI violations directly in the interface. In addition, admins can get immediate and complete visibility of devices entering non-compliant states by comparing versions of system files and running configuration checks against corporate policies.

 

Logpoint Converged SIEM protects the entire business by providing comprehensive threat detection, investigation and response across clients, servers, network systems, cloud workloads, and business-critical applications. AgentX will give organisations without an EDR a significant endpoint security increase while reducing the total cost of ownership. AgentX is included for all Logpoint customers with the SIEM+SOAR license and can be deployed free of charge on the number of endpoints corresponding to the number of nodes.