Logsign: New Approach to SIEM, SOC Combined Solution
Veysel Ataytur, CEOIn an interview with CIO Applications, Veysel Ataytur, CEO of Logsign shares his insights on how his firm caters to security issues of businesses and governmental agencies.
How has Logsign become a game changer in the cybersecurity landscape?
Logsign, a next-gen SIEM is combined with Security Orchestration, Automation and Response (SOAR) system and healthcare services. With its well-designed architecture, it processes operational security of systems, shortening incident response times, improving team efficiency, and decreasing a number of repetitive tasks and false-positives. Also, it improvises and provides automatic actions and detection of indicators via API integrations. Moreover, it enables not only security teams and machines but also all departments and users’ orchestration. Consequently, playbooks and workflows help teams to shorten incident response times.
We also ensure control over both IT and OT infrastructures to prevent numerous attacks before they occur via comprehensive soc solution. We help enterprises, and SMBs improve their information security processes and procedure, review and create new ones in real time. Therefore, we provide continuous improvement of security procedures, remediation and monitoring operations against every single incident.
Cyber attacks—phishing, ransomware, and exploits—are on the rise, and though IoT, SCADA security has been increasing, the challenge lies in the shortage of security professionals, repetitive attacks, tasks and alerts. There are numerous security tools and devices but monitoring systems with full performance, real-time detection, and remediation procedures are complicated. We focus on 'Orchestration, Early Detection, Automation and Response', providing a comprehensive solution for some cybersecurity incidents.
We focus on 'Orchestration, Early Detection, Automation and Response', providing a comprehensive solution for a number of cyber security incidents
How does Logsign correlate internal and external data in a behavioral context and curb vulnerabilities through its solution?
We statistically make lists of external and internal potential vulnerabilities and tag them in the related categories. At the same time, we make controls over real-time incident data and enrich them in a behavioral context. Simultaneously these data are combined with global threat intelligence feeds which make it easier to compromise and give responses on time to targeted users and hosts.
How has Logsign helped a client overcome business challenges and attain desired outcomes with its solutions?
We have provided SOC services to one of the biggest Energy Companies of Turkey. Our Logsign threat intelligence service has detected incidents and slow attacks—SMBV1 vulnerabilities, MS17-010 attacks, XSS and SQL injection attacks—and automated incident response processes are preventing vulnerabilities. This approach has led to automatic prevention of external attackers and real-time, automatic responses and automatic management of internal users.
Do you foresee any trends in the future that could be utilized to amplify your cybersecurity capabilities?
Cybersecurity automation, machine learning based systems and efficient team members are what could amplify cybersecurity. Besides, we believe that present solutions should have better designed UX and be human-oriented as SOCs are where technology and human beings blend in. Security professionals have to ensure they work more efficiently and, efficiently.
How does the future look regarding the company’s offerings and geographical expansion?
In addition to SIEM, SOAR and UEBA solutions that we provide, machine learning and mobile SOC management are the new technologies that we are looking to incorporate. This apart, regarding geographical expansion, after Turkey and USA, we are looking cater to customers in Europe.
