We’re excited to announce the evolution of our SIEM solution, Log360, into a unified security platform. ManageEngine Log360 has adopted an open API-compatible architecture, allowing for expanded capabilities, seamless integration, and the ability to customize both data reporting and the underlying framework. This upgrade empowers you to extend the solution beyond its predefined functionalities, helping you unify and streamline security operations. Say goodbye to juggling multiple security tools—ManageEngine Log360 provides the opportunity to ingest data points into a single console, simplifying your security management like never before.

The transformation of Log360, a unified SIEM solution, into a security platform 

A platform offers an extensible, integrable, programmable, and customizable architecture, enabling you to enhance the capabilities of your existing solutions. Log360’s platform capabilities allow you to add new functionalities by extending the core structure of the solution. This is made possible through SDKs and open APIs, which work together to facilitate the seamless integration of various systems. Once the data flow is streamlined, you can customize the solution to visualize data narratives tailored to your specific requirements.

The importance of a security platform  

A siloed approach to security makes it easier for threat actors to bypass security systems. This is primarily due to the lack of communication between security tools. For instance, your MFA tool helps you push additional authentication to secure user accounts. It might not provide a holistic identity security view nor provide an option to correlate the failed MFA authentications with other activities.

Traditionally, to bridge this gap, integrating the MFA provider with a SIEM solution was adopted. A traditional integration such as this will only focus on connecting the individual security tools, often requiring custom-built bridges to translate the data between them. This can be complex, time-consuming, and prone to breakage when either tool is updated. While it allows the tools to share information, it doesn’t fundamentally change how they operate. Platform-based integration, on the other hand, reimagines the relationship between these tools. The security platform becomes a central component platform, and integrations with other tools are prebuilt and standardized.

Instead of just sharing data, the platform approach fosters a deeper level of interoperability. The platform understands the context of data from all integrated tools, enabling more sophisticated correlation and analysis. It’s not just about connecting two points; it’s about creating a holistic security environment where all the tools work together seamlessly, sharing a common language, and contributing to a unified security posture. This simplifies management, reduces complexity, and ultimately leads to more effective threat detection and response.  

What can you do with the Log360 platform?

Custom widgets: You can now build custom widgets for specific data streams across key areas of the product, such as the Dashboard, Reports, and Incident Workbench. Additionally, you can create an exclusive web tab for the data source.

Custom extensions: You can now create custom extensions for a specific data source, including custom reports, alerts, correlation profiles, and widgets. These extensions can be used privately or published in the ManageEngine Marketplace.

Predefined extensions: Over 10 predefined extensions are available in the ManageEngine Marketplace for you to install and explore.

Challenges addressed by the Log360 platform

Log360’s transition into a security platform has been a step-by-step process. Most of the releases in 2024, including the dark web monitoring capabilities, have been laying the groundwork to enhance the platform’s capabilities.

This release, in particular, addresses a range of security challenges faced by security teams, including:

Data silos: Log360 helps mitigate siloed data issues that security teams often encounter. The platform facilitates the ingestion of data from various security tools into a single interface, enabling correlation, analysis, and a unified view of your organization’s security posture.

Alert fatigue: Log360 reduces obvious false positives by providing contextual information during threat investigations. Additionally, it keeps you informed of critical security events through alerts, allowing you to address threats before they escalate into severe cyberattacks.

Fragmented visibility and orchestration: Future enhancements to this feature will include automated remediation and workflows. These will be facilitated through custom functions triggered by strategically placed buttons across the product. 

Interested in learning more? 

Schedule a personalized demo with our experts at your convenience to explore the new capabilities in Log360 and learn how to tailor the solution to meet your organization’s specific requirements.

Raghav Iyer
Sr. Product Marketing Specialist