Search company, investor...

Founded Year



Acq - Fin | Alive

Total Raised


Mosaic Score
The Mosaic Score is an algorithm that measures the overall financial health and market potential of private companies.

+10 points in the past 30 days

About LogPoint

LogPoint specializes in the provision of cybersecurity services. It offers solution for infrastructure and cloud security, compliance, security operations, SAP security, and threat detection. It serves education, retail, public administration, financial services, healthcare, manufacturing, and hospitality sectors. The company was founded in 2012 and is based in Copenhagen, Denmark.

Headquarters Location

Bryggervangen 55

Copenhagen, 2100,


+45 70 60 61 00

CB Insights
Looking for a leg up on competitive, customer and technology insights?
CB Insights puts confidence and clarity into your most strategic decisions.
See how. Join a demo.
Join a demo
Trusted by the world's smartest companies to:
  • Predict emerging trends
  • See competitors' playbooks
  • Stalk the smart money
  • Identify tomorrow's challengers
  • Spot growing industries
  • Kill analyst data work
Let's see how we can help you!
MicrosoftWalmartWells Fargo

LogPoint's Product Videos

ESPs containing LogPoint

The ESP matrix leverages data and analyst insight to identify and rank leading companies in a given technology landscape.

Enterprise Tech / Information Security

The user behavior analytics (UEBA) market provides solutions to organizations trying to mitigate the risk from cybersecurity incidents or insider threats. UEBA leverages behavioral analytics technology to reduce noise, prioritize high fidelity alerts, and enable fast and precise response to insider and cyber threats. It helps customers accelerate threat detection, investigation, and response by au…

LogPoint named as Challenger among 10 other companies, including Exabeam, LogRhythm, and Securonix.

LogPoint's Products & Differentiators

    Converged SIEM platform

    A converged security operations platform that protects the entire business by providing comprehensive threat detection, investigation and response across clients, servers, network systems, cloud workloads and business-critical applications. A converged SIEM platform eliminates the complexity of operating SIEM-SOAR-UEBA-BCS siloed products Flexible deployment: Available on-prem, in the private cloud or as SaaS. Native integration of different components of Logpoint converged platform makes it possible to fuse weak signals and focus on what matters most. Automatic updates to product capabilities, security content and playbooks on SaaS platform.

You're one click away from the most comprehensive, unmatched analyst expertise in tech, in-depth private company data and a platform that brings it all together.
Click Now. Join a live demo
Join a demo

Expert Collections containing LogPoint

Expert Collections are analyst-curated lists that highlight the companies you need to know in the most important technology spaces.

LogPoint is included in 3 Expert Collections, including Regtech.



1,453 items

Technology that addresses regulatory challenges and facilitates the delivery of compliance requirements. Regulatory technology helps companies and regulators address challenges ranging from compliance (e.g. AML/KYC) automation and improved risk management.


Conference Exhibitors

5,302 items



6,865 items

These companies protect organizations from digital threats.

Latest LogPoint News

Why 8base ransomware is a wake-up call to SMEs

Sep 20, 2023

20th September 2023 By Anish Bogati, below, Security Research Engineer, Logpoint SMEs are increasingly a target for ransomware operators, with one in four (26%) targeted in the UK last year and almost half (47%) then paying to regain access to their data, according to research from Avast. In the current climate, with budgets stretched and cybersecure personnel hard to come by, they are even more at risk, so the emergence of a new and rapidly growing ransomware operator focused on SMEs should ring alarm bells. 8base emerged in March 2022 and has become a persistent and formidable adversary with activity levels increasing significantly since June. It’s now in the top five most active ransomware groups, with the UK the third most active region during the three months from June-August. So far, our analysis found it’s predominantly targeting SMEs offering business services (53%), followed by finance (16%), manufacturing (14%) and IT (7.2%). Phishing emails are the primary method of obtaining access, although attacks frequently use spear phishing too which sees them target a specific individual. 8base uses multiple malware families, including SmokeLoader and SystemBC, but has also been found to use a customised version of the Phobos ransomware variant. It also resorts to using the services of Initial Access Brokers (IABs), who specialise in selling illegal network access. How 8base infects the business The malware uses Windows Command Shell and Power Shell to run the ransomware payload, before querying registry keys, modifying registry values and initiating discovery. The modifications mean that every time the system is restarted the malware prevents normal operations, allowing the attacker to achieve what’s known as persistence. Modification of the keys that control access to the internet can also allow the malware to bypass security measures and connect to malicious websites or servers. The discovery phase sees the attackers use the registry keys to discover system names and default settings and, in common with other ransomware attacks, 8base also makes use of the Windows Native API function. This allows it to crawl over other network resources accessible from the user’s device to expand the footprint of the attack. To evade defences, 8base uses a number of techniques, from process injection which sees the malware code hide in a legitimate program, to pretending to be a bona fide binary process. It also terminates the very security processes that have been put in place to detect and stop it. This includes, for example, disabling Windows Firewall, effectively creating a cloak of invisibility that allows the attack to progress unhindered. When it comes to the data, 8base encrypts the files and inhibits system recovery. It deletes other copies and any backups and disables auto recovery services, effectively preventing any restoration. Spotting the signs of an attack It’s easy to see how devastating such an attack would be for the victim organisation and why many struggle to recover. But it’s crucial to understand the infection chain in order to detect and mitigate such attacks. The spear phishing attacks employed by 8base, for instance, will typically use Microsoft Office products which trigger suspicious child processes, such as spawning shells or other binaries to execute attached command and code, which can be detected. Proper logging, visibility of assets, and monitoring of systems for combatting ransomware. Monitoring and auditing the network regularly makes it possible to keep track of user activity, network traffic and identify any unusual behaviour, so logs must be collected from every system. Establishing a log retention policy can then ensure log data is available for analysis in the event of an incident. Log data should be retained for at least six months but this may need to be longer, depending on regulatory or compliance requirements. One of the principal tools used to collate and analyse logs and defend against such ransomware attacks is a Security Incident and Event Management (SIEM) platform. These are no longer the preserve of large corporates and are now well within the reach of SMEs. Additional solutions can be integrated into the SIEM to provide enhanced threat hunting capabilities. These include Security Orchestration Automation and Response (SOAR) for automated detection and response, User Entity Behaviour Analytics (UEBA) capable of applying machine learning and AI to qualify threats, and Endpoint Detection and Response (EDR) for monitoring endpoints such as user devices. If the SIEM also integrates with SOAR, the business is able to use pre-configured playbooks for investigation and response. Playbooks are crafted to respond to specific threats. In the case of 8base, multiple playbooks would need to be deployed, from phishing to ransomware to one to specifically delete suspicious registry values and another to detect communication with malicious servers (referred to as command and control or C2 servers). Cyber hygiene Of course, there are other steps that the business can take to help limit the potential for a ransomware attack. Examples of effective cybersecurity hygiene include providing regular phishing training to employees on how to recognise and respond to social engineering attacks such as phishing, smishing, pretexting, and baiting. A formal process should also be put in place for employees to report if they have fallen victim to such an attack. Access controls should include strong password policies and the use of multi-factor authentication (MFA) for all user accounts, especially for remote access or cloud-based services. If it is not feasible to implement MFA for all user accounts, prioritise those accounts that can be accessed from the internet. Consider also setting up MFA for high risk, privileged activity. And implement the principle of ‘least privilege’ which restricts user access and permissions to only what is necessary for them to perform their job. Privileged accounts should also be audited and this can provide valuable insights into how these accounts are being used, allowing organisations to make informed decisions about access control, resource allocation, and risk management. Data should also be routinely backed up using the 3-2-1 backup policy. This sees the creation of three copies of important data, two of which are stored in different formats or locations, with another copy kept offsite. It’s also advisable to keep an offline backup that is not accessible from the internet. Likewise, it pays to perform network segmentation to keep important systems and sensitive data apart from the rest of the network. This helps to confine possible breaches and minimise attacker lateral movement. Seek to prevent points of ingress by regularly updating devices, browsers, and other software applications. Keeping software up to date ensures the latest security patches are installed, which can help prevent potential malware infections and data breaches. Where patching is not available or is not feasible, mitigations provided by vendors should be applied. Finally, conduct regular incident response tests to help identify gaps in the incident response plan and improve the organisation’s preparedness for a real-world incident. Because ransomware attacks for the SME sector are becoming more commonplace and the best way of defending against them is to be prepared. 8base hasn’t come out of nowhere – it signifies that ransomware operators are capitalising on a weak spot in the market – and its emergence shouldn’t be ignored. The fact that we’re now seeing operators specialise in targeting the sector is a wake-up call to SMEs. One hopes it can also be the catalyst needed to spur them into adopting more stringent controls. Related

LogPoint Frequently Asked Questions (FAQ)

  • When was LogPoint founded?

    LogPoint was founded in 2012.

  • Where is LogPoint's headquarters?

    LogPoint's headquarters is located at Bryggervangen 55, Copenhagen.

  • What is LogPoint's latest funding round?

    LogPoint's latest funding round is Acq - Fin.

  • How much did LogPoint raise?

    LogPoint raised a total of $40M.

  • Who are the investors of LogPoint?

    Investors of LogPoint include Summa Equity, IT Europa Channel Awards, Evolution Equity Partners, Yttrium and DICO.

  • Who are LogPoint's competitors?

    Competitors of LogPoint include Splunk, Sumo Logic, Securonix, Siemplify, Exabeam and 7 more.

  • What products does LogPoint offer?

    LogPoint's products include Converged SIEM platform and 4 more.

  • Who are LogPoint's customers?

    Customers of LogPoint include Family Building Society, Lancaster University and Region Värmland.

CB Insights
Looking for a leg up on competitive, customer and technology insights?
CB Insights puts confidence and clarity into your most strategic decisions.
See how. Join a demo.
Join a demo
Trusted by the world's smartest companies to:
  • Predict emerging trends
  • See competitors' playbooks
  • Stalk the smart money
  • Identify tomorrow's challengers
  • Spot growing industries
  • Kill analyst data work
Let's see how we can help you!
MicrosoftWalmartWells Fargo

Compare LogPoint to Competitors

Logz Logo

Logz provides a cloud observability platform for engineering teams. It offers log management solutions, infrastructure monitoring solutions, application performance monitoring solutions, and more. It serves industries such as gaming, financial services, digital media and entertainment, and more. The company was founded in 2014 and is based in Tel Aviv, Israel.

Devo Logo

Devo operates as a cloud-native security analytics platform. The platform identifies and mitigates threats and reduces the company's cybersecurity risks. Devo was formerly known as Logtrust. The company was founded in 2011 and is based in Cambridge, Massachusetts.

Securonix Logo

Securonix provides enterprises with a security analytics platform. It uses Hadoop and machine learning technology to consume, enrich and analyze data to detect and prioritize insider threats, cyber threats, cloud threats, and fraud attacks automatically. The company was founded in 2007 and is based in Addison, Texas.

Swimlane Logo

Swimlane centralizes an organization's security alerts, automates resolution, and produces metrics-based dashboards and reports. It responds to alerts, automates the implementation of security controls, and protects the organization from future attacks. It was founded in 2014 and is based in Louisville, Colorado.

Seceon Logo

Seceon has created an open architecture based data center/cloud security software platform to address the critical cyber security challenges faced by every organization: Real-time Visibility, Detection and Remediation of all forms of cyber threats. This includes attacks that have never been seen before as well as detection of insider threats. The company's solution presents a simplified view of threats in real-time as they develop and provides actionable intelligence for immediate remediation.

CyCognito Logo

CyCognito develops cloud-based network security analysis solutions. It acts as an attacker simulator, designed to uncover organizational security weaknesses. The platform offers services such as attack surface protection, exploit intelligence, analytics and trends, cloud security, and more. The company was founded in 2017 and is based in Palo Alto, California.

Discover the right solution for your team

The CB Insights tech market intelligence platform analyzes millions of data points on vendors, products, partnerships, and patents to help your team find their next technology solution.

Join a demo

CBI websites generally use certain cookies to enable better interactions with our sites and services. Use of these cookies, which may be stored on your device, permits us to improve and customize your experience. You can read more about your cookie choices at our privacy policy here. By continuing to use this site you are consenting to these choices.