Tuğce Durmaz, Director of Business Development, Strategic Alliances, and Marketing at Logsign, recently met with Aviva Zacks of Safety Detectives to talk about her company’s SIEM and SOAR solutions
Safety Detectives: Tell me how you got started in the cybersecurity industry and what you love about it.
Tuğce Durmaz: I worked in B2B marketing and revenue management for a long time at one of the world’s leading e-commerce sites, which turned me into a techie. I realized the importance of cybersecurity in the B2B world in which cyberattacks cause huge losses and problems for companies, and consequently, became interested in the field of cybersecurity. Additionally, since I value the feeling of being safe and secure, cybersecurity is a perfect fit for me. The need for ever-evolving technology, deciding the right defense, determining a strategy, identifying a posture, and taking preventive measures are the most critical points of this subject, in my opinion.
SD: What is the main product your company offers?
TD: We develop robust and clutter-free products. Our focal point is detection and response. We are very experienced in this sector and we provide more than 600 customers with our SIEM and SOAR solutions.
Logsign Next-Gen SIEM provides comprehensive visibility and control of data lakes. It allows security analysts to collect, store, and backup unlimited data, and investigate and detect threats and anomalies in real-time. Focusing on comprehensive and security analytics-oriented visibility, we support many log collection methods, classify and normalize data, and enrich it with embedded threat intelligence services in real-time. We can correlate data, detect threats in real-time, and lower the number of false positives according to the Mitre Att&ck framework. This is what I can say about SIEM.
As for SOAR, I could say that it automates the workflows and also orchestrates the tools and the security teams. Our Logsign SOAR solution is 100% vendor-free and seamlessly integrates all your security technologies. In addition to hundreds of built-in integrations, the API-first approach enables Logsign SOAR to be deployed quickly without any vendor concern. With pre-defined bots and playbooks, you can easily automate your workflows. Our SOAR solution automates the investigation, detection, triage, and response, allowing security analysts to start working on assigned tasks. Security Case management improves response processes, workbench focuses the analysts on the right task at the right time.
SD: How do you stay ahead in the face of numerous other cybersecurity companies?
TD: Just one word: innovation. Well, frankly speaking, there is a lot of competition. But as we’ve always said, we believe that innovation comes from the future, not from competition. At Logsign, we attach importance to efficiency as well as security and the key to this is automation. SOAR software is at the heart of security operations. It enhances security teams by enabling them to work in a smart, collaborative and effective environment. All these keep us one step ahead.
What else could I say? Well, you can’t protect before you see and detect. Collecting, visualizing, and turning any data into actionable intelligence are possible via our infinitely scalable and cluster SIEM. With 10 years of experience, Logsign is a sincere team player for all internal & external parties, trusted by more than 600 enterprises, ministries, and state agencies.
SD: What is the worst cyberthreat today?
TD: This is a tough question because the pandemic has severely changed the nature of cyberthreats. Well, ransomware is far from a new threat, but these attacks skyrocketed last year.
Besides, since more employees work from home, insider threats become a more prominent concern. Most of these incidents aren’t due to malicious insiders but are instead caused by ignorance or complacency, which remote work can nurture.
Nonetheless, ransomware, I believe, remains the worst type of malware out there.
SD: How do you see cybersecurity developing now that we are living in this pandemic?
TD: As I’ve said before, one of the primary issues to be resolved is insider threats. This is a situation that occurs directly with the pandemic, as it is closely linked to remote work. Dealing with such threats becomes a serious burden if the right solutions are not used. Undoubtedly, it is not just about insider threats, but remote working also has made the SOC management much more difficult and has decreased the employees’ motivation and therefore productivity. Why is this point important? Because all this process has led to an increase in the budgets in our sector. The need to use more robust products has increased, clutter-free products make cybersecurity operations more efficient, and taking the workload off the shoulders of employees is no longer an option.