Logpoint Strengthens SIEM by Buying Muninn AI-Powered NDR
Security Information & Event Management (SIEM)
,
Security Operations
Buy Provides Superior AI Community Detection to Logpoint’s Risk Response Toolbox
Logpoint purchased a network detection and response startup founded by a former consultant to the Danish Ministry of Defence to detect complex attacks more effectively.
The Copenhagen, Denmark-based SIEM stalwart mentioned Copenhagen-area Muninn’s AI-driven detection is particularly helpful in environments the place conventional signature-based detection strategies fall quick comparable to in industrial management techniques or throughout a ransomware assault. Combining Logpoint’s log evaluation with Muninn’s real-time community monitoring will improve safety posture and enhance risk detection and response.
“The extra cautious you’re and the extra information sources you monitor and reply to, the extra probably you’re to maintain protected,” Logpoint CEO Mikkel Drucker advised Data Safety Media Group. “Including the NDR piece to our present SIEM is kind of apparent when it comes to making a extra full and protected answer for our clients.”
Advantages of Bringing SIEM, NDR Collectively
Muninn, based in 2016, employs 20 folks and raised $2.8 million in an August 2022 seed funding spherical led by Luminar Ventures. The corporate has been led since inception by Andreas Wehowsky, who obtained a grasp’s diploma from MIT in pc science and aerospace and spent three years as an IT guide on the Danish Ministry of Defence. All of Muninn’s workers will be part of Logpoint, Drucker mentioned (see: New Logpoint CEO Mikkel Drucker Seeks Growth Via M&A, MSSPs).
The acquisition of Muninn is Logpoint’s first since Swedish sustainable development fund Summa Fairness purchased a majority stake in Logpoint in March 2023 and put in former Netigate CEO Drucker as its prime boss in Might 2024. Muninn’s trendy structure and AI capabilities will assist Logpoint provide a extra full and superior safety answer to clients, and is aligned with the corporate’s development plans, he mentioned.
“We additionally see as a profit that Muninn is in Denmark,” Drucker mentioned. “From an integration perspective and from a price seize perspective, it makes it somewhat simpler as properly.”
Integrating SIEM with NDR helps present a complete view of each software and network-level behaviors, permitting for a greater detected of subtle threats in addition to extra correct responses, mentioned Chief Know-how Officer Christian Have. The combination will assist Logpoint provide proactive risk detection and prevention instruments and guarantee nothing on the software or community degree goes unnoticed.
“You possibly can’t essentially belief what the purposes are telling you, however the community by no means lies,” Have advised ISMG. “Getting each the view on the appliance degree from logs mixed with what that software conduct then manifested itself into on the community layer provides us that completeness of the assault, of the conduct, of the posture that enables us to make higher essential choices on what really occurs.”
Why Units Muninn’s Use of AI Aside
Muninn’s AI expertise enhances risk detection by figuring out anomalies and deviations in community visitors, even in environments with unknown protocols comparable to industrial management techniques, Have mentioned. The potential goes past conventional signature-based detection, which Have mentioned makes it extremely precious for detecting superior persistent threats and focused assaults.
“Muninn’s AI appears at visitors flows and anticipated patterns. Each time there may be adversarial conduct, it lights up like a Christmas tree,” Have mentioned. “The way in which you’ll nearly consider that is that your total community turns into a deception expertise. So we are going to know when visitors that falls out of the norm seems within the community, and we will detect and react on it instantly.”
AI permits for detection of beforehand unknown threats by analyzing irregular visitors patterns, which is essential to setting the place conventional signature-based strategies wrestle like OT networks, Have mentioned. The becoming a member of of network-level visibility and software logs can detect lateral motion throughout a ransomware assault, whereas correlating community visitors and app vulnerabilities can considerably cut back triage time.
“Our finish clients fear about focused assaults which are complicated in nature, and getting indicators from each purposes and networks helps us paint that extra full image of what is going on on, giving us situational consciousness,” Have mentioned. “The use circumstances will focus extra on rising that analyst effectivity, lowering the time spent on triage, and enhancing the output of safety operations groups.”
The Muninn deal is the primary of a number of that Logpoint plans to make to broaden the corporate’s capabilities and buyer base. Drucker mentioned this technique will assist Logpoint develop sooner by shopping for small, revolutionary corporations and integrating their expertise and expertise. The present market atmosphere offers alternatives to accumulate corporations which are struggling to scale, in response to Drucker (see: Summa Equity Buys Majority Stake in Logpoint to Bolster M&A).
“It is a good state of affairs proper now to accumulate, particularly smaller gamers that do not have the size,” Drucker mentioned. “Within the present atmosphere, you must accomplice up. It’s totally troublesome to make it by yourself. So, positively, you will note extra coming.”