Beginning
This article will provide information about Logsign license modules.
License Types
Essential, Business, Guard, Advanced, Premium, Platinium
License Modules
You can check your current license as follows:
Basic Level License Modules
Capacity - Log Sources: A license module with options for a total number of log sources or unlimited.
Capacity - EPS: We do not have a licensing module that includes any restrictions based on EPS status.
Search, Report, Dashboard, Compliance: Analysis, reporting, Dashboard, Compliance (27001 reporting, etc.).
Delegation: A user delegation module that allows you to authorize your users with admin rights or simple usage rights with the roles you want.
Support: The case of Logsign Technical team support.
Software Upgrade: A module that includes Logsign security and system updates.
Other License Modules Besides Essential License
Alerts Management: A module that includes services such as alarm, correlation, event behavior status controls, or log enrichment.
Data Collection Framework: A module that allows you to add many types of log sources.
.
Asset and Identity Management: A module where you can keep an inventory of your users and assets.
Response Integration Framework: A system automation module that allows you to take action in case of an alarm or any event. You can take action in 94+ security or system (Ldap, Ads, Firewall, IDS, IPS, Tickets, etc.).
Incident Response Module: Offers many features that automate and facilitate incident response. Provides an event management and response solution prepared with ready-made analysis cards and MITRE Matrix approaches for quick intervention with a single click.
Risk Scoring: Produces a numerical result associated with the criticality level of assets and the priority level of alerts. With this numerical result, the importance of events is raised to higher levels, visibility is increased, and it becomes easier to read.
Threat Intelligence: Quickly investigates hidden threats, IoCs, and suspicious attack vectors by combining global threat intelligence data and uses internal threat feeders for risk prioritization. Logsign Unified Security Operations Platform Threat Intelligence Services are supported by over 45 Threat Intelligence Feeds.
UEBA: Detects abnormal and risky behavior by evaluating events. It allows you to filter the event count and urgency score, a risk score with a customized mathematical structure for malicious detection, and the risk trend in daily timelines by comparing usage behaviors for users and devices. Users and assets create profiles based on their "normal" behavior using Data Analytics. System administrators present unusual behaviors by applying statistical models.
LEAF Collectors: An ideal solution for organizations that want to collect data from distributed locations or reduce the load on their central systems.
Cluster-HA-Scalability-Availability: A module necessary for transitioning to a cluster structure to provide backup, large data processing, performance, and long-term live data retention for many features.
