The Energy Logserver solution was created in response to real market demand, driven primarily by customers from the financial sector. They needed a tool that would allow them to analyze log data at petabyte scale. The challenge was taken on by a team of developers who leveraged the potential of open-source projects and expanded their basic functionality to include data access control, auditability, and reporting. Seven years ago, that project became the foundation of Energy Logserver – a company that went on to build a partner network spanning dozens of countries and carry out many noteworthy implementations.

Today, the core product in Energy Logserver’s portfolio is a SIEM class solution that successfully competes with vendors such as IBM (Qradar), Elastic, and Splunk. The platform is built around several distinctive principles, the most important of which is its ability to analyze any event generated across the organization. Thanks to its simple, scalable architecture, the platform is a good fit for both small local government facilities and larger environments that handle more than 200,000 events per second. It’s a great option for organizations that need to align their IT environments with the requirements of the NIS2 Directive and national cybersecurity regulations.

Acting as a source-of-truth repository, the platform gathers event logs, syslog data, SQL procedure queries, Netflow or SPAN traffic, application performance telemetry, inventory data, and integrated reports from external environments. Energy combines all these datasets in a single analytics environment. Its built-in alert engine can correlate virtually any type of message, ensuring that no data is overlooked.

Łukasz Nieborek, Business Development Manager, Energy Logserver Łukasz Nieborek, Business Development Manager, Energy Logserver  

Energy Logserver is an on-premises software available either as a subscription or under a perpetual license model. We also run an MSSP program for companies who want to provide SOC services based on our platform. We focus on close cooperation with our partners at every step of the way, from building awareness of customer needs, through product sales and implementation, to environment scaling. No matter the project, we approach it ready to meet both the partner’s needs and the customer’s expectations. One of our top priorities is transferring knowledge to partners who want to offer professional services. We’re also open to collaborate on marketing initiatives such as training sessions and conferences.

  

The platform’s SIEM capabilities include Energy-developed mechanisms for source system integration, built-in correlation rules, and technical reporting. In addition, the UEBA module enables you to analyze the collected data from the perspective of the user and their workstation. The Intelligence module is particularly worth mentioning, as it is currently evolving into Empowered AI. A team of scientists and engineers is working on advanced mathematical functions for predicting numerical data, single- and multi-dimensional anomaly detection in quantitative data, and a unique mechanism for detecting anomalies in textual data. Thanks to their work, it will be possible to deliver customized behavioral models for different data sources and provide more precise analysis of unwanted events.

The platform enables the automation of incident response and remediation workflows. Energy SOAR can fetch incident data from any SIEM system, then execute standardized, automated response procedures using built-in analyzers and responders. One example of this is automated spam verification. After retrieving emails marked as spam from a designated company inbox, the system assesses the sender’s reputation, analyzes attachments, and uses classification mechanisms to deliver information about the nature of the email content, all without involving SOC analysts. What’s more, SOAR supports integration with domain-specific security systems by triggering automated actions within those systems. This not only ensures faster incident response, but also allows organizations to make better use of their most valuable resource: people.

To find out more, please contact: Łukasz Nieborek, Business Development Manager, Energy Logserver, lukasz.nieborek@energylogserver.com, energylogserver.com