top of page
Writer's pictureSellico Consulting

#Zoho's #ManageEngine Log360: SIEM Gains Automated Incident Response


by Dan Kobialka • Aug 12, 2019


ManageEngine, the IT management division of Zoho, has integrated automated incident response into its Log360 security information and event management (SIEM) solution. The company showcased the Log360 update at last week’s Black Hat USA 2019 conference in Las Vegas, Nevada.


Log360 automated incident response enables IT teams to link predefined or custom workflows to security alerts to automate standard incident response measures, according to ManageEngine. Log360 performs automated responses via incident workflows, which outline the steps to be taken after a security incident.


Automated incident response for Log360 is now available.



What Is Log360?

Log360 is a log management and security solution that helps organizations protect their networks against cyber threats. In addition to automated incident response, Log360 offers other capabilities to help organizations detect and respond to security incidents, including:


  • Incident Management: Provides a built-in ticketing console that allows organizations to assign and track incident tickets or forward incident information to third-party help desk software.

  • Security Analytics: Uses over 1,200 predefined report and alert profiles and more than 30 predefined correlation rules to provide insights into networking events.

  • Threat Intelligence: Identifies malicious entities interacting with networks based on the latest threat intelligence from various threat feeds.

  • User Entity and Behavior Analytics (UEBA): Leverages machine learning-based analytics to identify high-risk users and devices, along with potential threats, compromised accounts or data exfiltration attempts.


Pricing for Log360 starts at $795 per year.


SIEM for MSSPs and MSPs

A growing number of SIEM platforms specifically target MSPs and MSSPs. The offerings include SOC-as-a-Service tools that deliver SIEM features and functions. Still, MSP and MSSP business models for SIEM services can vary widely. Some options require complete SOC (security operations center) build-outs. Others are available as white-label services from master MSSPs and software companies.


Partners should study the models and associated talent costs closely before signing on the dotted line for such capabilities.


Additional insights from Joe Panettieri.

Related Content

 

FREE CONSULTATION

The goal of Sellico Consulting is, through sales mentoring to help companies and people move to the next level in their sales success and performance.​


If you are wondering if your company can achieve a fuller pipeline, potentially a shorter close timeline, an increase in income and make friends as the outcome, schedule a free consultation.


We always give a one time free consultation which traditionally lasts 45-60 minutes. This consultation is a dual-discovery conversation between you and me. At the conclusion a mutual decision is made regarding next steps.


Schedule the free consultation NOW https://calendly.com/sellico-consulting


7 views0 comments

Comments


bottom of page