About Us

Opsview Introduces Two New Products – Opsview Log Analytics and Network Topology

Opsview, a firm that delivers a broader view into dynamic IT operations, has released two new products: Opsview Log Analytics and Network Topology.

Opsview Log Analytics connects with Opsview Monitor and Opsview Cloud to assist IT Operations teams in identifying the root causes of warnings and predicting security problems before they cause business disruption. These critical log events are directly correlated with metrics in Opsview’s IT infrastructure monitoring solution, resulting in a single pane of glass view with detailed insights that show employees why issues come up.

“Opsview Log Analytics automates the manual processes of log management. Combined with Opsview Monitor and Opsview Cloud, it provides a faster time to resolution for IT Operations teams. With SIEM functionality, Opsview Log Analytics correlates events and identifies security incidents such as brute force attacks or DDoS,” said Mike Walton, CEO of Opsview.

With the inclusion of Network Topology to the Opsview Network Analyzer module, IT Operations teams can collaborate with their networking teams to create a unified view of an organization’s IT estate. Network Topology automates network discovery, lowers the security risk of unidentified hosts in the environment, and detects network misconfigurations.

“With Opsview’s Network Topology providing overlays with real-time status information, this will provide valuable time savings to IT teams as well as reducing potential security risks. The risk of the unknown is drastically reduced with Network Topology,” said Scott Heyhoe, VP Products at Opsview.

LogPoint completes acquisition of SecBI and added native SOAR to its core SIEM offering

LogPoint, a worldwide leader in cybersecurity, announced that the acquisition process of Tel Aviv-based SecBI is completed. LogPoint’s native integration with SecBI’s SOAR and XDR universal SOAR and XDR technology will create a foundational Security Operations platform. In December, SOAR and LogPoint 7.0 will be available together as a bundle.

“With the tidal wave of cyberattacks threatening businesses and societies across the globe, a disruption of the way organizations respond to cybersecurity incidents is required,” said Jesper Zerlang, CEO LogPoint. “Building on LogPoint SIEM and UEBA to effectively detect threats, orchestration and automation of the response to incidents is key to advancing cybersecurity. Consequently, SOAR will be a capability included in LogPoint to advance foundational cybersecurity.”

In addition, all current and future LogPoint clients will be able to use SOAR in their security operations with the release of LogPoint 7.0, automating repetitive tasks and orchestrating threat remediation workflows, as well as facilitating autonomous investigation, prioritisation and execution of playbooks to minimize human involvement and speed up response time. Clients will be able to use SOAR as part of their LogPoint Core SIEM license.

“LogPoint SOAR has been in production with select customers over the past few months and we’re thrilled with the overwhelmingly positive feedback that analysts have more confidence that incidents are dealt with appropriately thanks to the automatic playbooks. Our customers have reported a significant decrease in the time it takes to detect and respond to a phishing email – down from three hours with manual processes to 10 minutes with automated LogPoint SOAR playbooks,” said Christian Have, CTO, LogPoint.

“SOAR is not only about coping with the increasing number of cybersecurity incidents. By including SOAR in the LogPoint SIEM solution, we will enable organizations of all sizes, especially companies that do not have a fully-staffed 24/7 Security Operations Center (SOC), to establish proper and relevant incident-handling processes and dramatically increase quality and speed in their response capabilities. It also helps those organizations assess the efficiency of new cybersecurity tools and measures,” said Have.

“Already a strong SIEM player in Europe, LogPoint’s new SOAR and XDR offerings, combined with its own notable TDIR advancements, position the vendor to compete globally for a growing share of enterprise customers.”

Hunters Raises $30 Million in Funding Round to Lead the Open Extended Detection and Response (XDR) Market

Hunters has raised $30 million in a Series B round led by Bessemer Venture Partners, with current investors YL Ventures, Blumberg Capital, Microsoft’s Venture Fund M12, and US Venture Partners also participating (USVP). The entire investment now stands at $50.4 million. Okta Ventures and Snowflake were strategic investors in the prior round of funding.

“Hunters’ customer engagements are accelerating with Fortune 1000 Companies adopting XDR to be at the heart of their security operations. Traditional security tools like SIEM have not fulfilled the need to clearly and rapidly identify and investigate threats at the scale of cloud data, leaving a crucial gap in supporting security analysts. Open XDR offers a new technology approach with a turn-key solution that stitches security events from across the entire security stack into contextualized and prioritized incidents. This maximizes the value security teams are getting from their current stack and enables them to see real incidents and rapidly respond,” said Uri May, CEO and co-founder of Hunters.

Hunters XDR is chosen by companies facing complex security threats because of its proven ability to speed up threat detection, investigation, and incident response. Known brands from the financial services, technology, retail, manufacturing, and media industries are among them.

“At NETGEAR, we support a complex IT environment. To keep pace with our rapidly growing business and the evolving threat landscape, we switched from a SIEM to Hunters XDR. Hunters now serves as our core SOC (Security Operations Center) platform. It enabled us to shift from manual to automated incident investigation and focus on incident resolution instead of tool management and IT complexity,” said Mihir Shah, Vice President of Information Technology at NETGEAR, one of the world’s leading network solution manufacturers, with offices in 25 countries.

”Hunters represents the future of security architectures, leveraging the performance and cost advantages of cloud data warehouses and Open XDR technology to deliver detection and response capabilities that were not historically possible on-premise. Hunters’ unique ability to identify low-fidelity signals of an attack that are traditionally missed and automatically stitch them together into a contextual attack story is a game-changer that helps organizations better address their cybersecurity risk, specifically for companies undergoing rapid cloud expansion and business growth,” said Alex Ferrara, Partner at Bessemer Venture Partners.

Ofer Schreiber, Partner at YL Ventures, that co-led Hunters’ seed round alongside Blumberg Capital said, “Today’s security operations have to support mixed multi-cloud and on-prem environments, as well as handle security data at cloud-scale. Its breakthrough technology and recent growth positions Hunters to disrupt the $4.3 billion SIEM market that’s predominantly built on pre-cloud technologies.”  

“Hunters’ innovation stems from its focus on SOC analysts which is especially critical in light of the shortage in security talent. Unlike other tools, the platform was purpose-built to offload non-mission-critical tasks, automate detection and investigation, and provide SOC analysts with a clear understanding of every detected security incident, helping achieve faster resolution,” said Yodfat Harel Buchris, Managing Director at Blumberg Capital, who co-led Hunters’ Seed round.

“This investment takes us one step closer to building a pillar security company, becoming the centerpiece of the future SOC of the world’s leading organizations. The investment will be used to further drive innovation, enhance our customer satisfaction, increase our market reach, support partner expansion and hire exceptional talent,” said May.

Security Information and Event Management (SIEM) – An Overview

Security Information and Event Management (SIEM) is a branch of computer security that combines Security Information Management (SIM) with Security Event Management (SEM) in software products and services. Security devices, network equipment, systems, and applications all provide event data, which SIEM technology aggregates. They analyse security alarms generated by applications and network devices in real time. Contextual information on people, assets, threats, and vulnerabilities is linked with event data for compliance or security audit purposes.

SIEM (Security Information and Event Management) is a security system that assists enterprises in identifying potential security threats and vulnerabilities before they interrupt business operations. It identifies suspicious user behaviour for threat detection and incident response.

Log Management

SIEM (Security Information and Event Management) gathers event data from a variety of sources across an organization’s network. Logs and flow data from various users like employees or clients, applications, cloud environments, assets and networks are collected, saved, and analysed in real-time, allowing IT and security teams to monitor their network’s event log and network flow data from a single centralised location. Some SIEMs link with third-party threat intelligence channels to correlate their internal security data with previously identified threat signatures and profiles. Security teams can block or identify new attack signatures by integrating with real-time threat sources.

Security Alerts and Incident Monitoring

SIEM systems can identify all devices in the IT environment since they provide centralised control of on-premise and cloud-based infrastructure. SIEM technology monitors for security incidents across all connected individuals, devices, and applications, identifying suspicious activity as it occurs in the network. SIEM systems reduce IT security teams’ average time to detect and average time to respond by offloading the manual operations involved with in-depth security event analysis.

Analytics and Event Correlation

Any SIEM solution must include event correlation as a component. Event correlation gives insights to swiftly find and mitigate possible threats to enterprise security by utilizing advanced analytics to identify and analyse complex data patterns. Administrators can be warned promptly using customizable, specified correlation rules and take appropriate action to mitigate the incident before it escalates into more serious security risks.

Investigating for Forensic Purposes

When a security issue happens, SIEM systems are suitable for performing digital forensic investigations. SIEM systems enable businesses to collect and analyse log data from all of their digital assets in one central location. This enables them to reproduce previous occurrences or evaluate new ones in order to examine suspicious activity and improve security systems.

Compliance and Regulation

SIEM solutions are a popular choice for businesses that must comply with a variety of regulations. SIEM is a powerful tool for gathering and verifying compliance data across the whole corporate infrastructure since it allows automated data collection and analysis. SIEM solutions create real-time compliance reports for compliance requirements, easing security management and detecting any violations early. 

New Advanced Real Time Threat Detection

Organizations must be able to rely on solutions that can detect and respond to both known and new security threats, given how quickly the cybersecurity environment changes. SIEM solutions can successfully mitigate newer security breaches by utilizing integrated threat intelligence feeds.

SIEM products are available as software, equipment, or managed services, and they are used to log security data and generate compliance reports. Clients’ need to analyse activity data in real time for early identification of cyberattacks, data breaches, as well as collect, store, investigate, report on log data for incident management, forensic analysis and regulatory compliance, are the Security and Information Event Management (SIEM). Taking proactive actions to check and mitigate IT security risks is critical, regardless of how big or small your company is. Enterprises benefit from SIEM solutions in a variety of ways and they’ve become an important part of optimizing security procedures.