Log360's roadmap

Key highlights

• Default playbooks and visual builder: Access more than 60 default playbooks and build new ones through a visual playbook builder.
• Custom functions: Extend automation workflows with custom functions written in Python and Deluge, enabling deeper customization and complex response logic.
• Integrations: Connect with more than 15 marketplace integrations, including CrowdStrike Falcon, BitDefender, Microsoft Defender for Endpoint, and Okta to orchestrate response actions across your security ecosystem.
• Automated investigation: Playbooks can run automated checks such as command-line analysis, parent process reputation checks, user detail and user risk checks, and artifact validation.
• Parallel execution: Investigation steps can run simultaneously instead of sequentially, enabling faster triage.
• Multi-tool remediation: Playbooks can quarantine dumped files, terminate suspicious processes, disable and log off user sessions, remove persistence, and notify stakeholders.

Key highlights

• Expanded integrations: Coverage is increasing across network detection and response, identity threat detection and response, and endpoint detection and response platforms. EDR integrations are upcoming for Bitdefender and CrowdStrike. These additions improve event collection, correlation, and detection across the network.
• Compliance-specific extensions: New region-focused and sector-specific compliance packs are being introduced, including multiple frameworks for Brazil and updated coverage for financial, healthcare, aviation, telecommunications, and EU cybersecurity regulations. These extensions strengthen alignment with national requirements and industry mandates across different geographies.

Key highlights

• Instant answers from your logs: Ask questions in plain English and get clear, actionable insights from your security data.
• Smart follow-up suggestions: The assistant recommends relevant next steps or questions to help you dig deeper with minimal effort.
• Natural language actions: Perform critical tasks, like investigating attacks or creating incidents, directly through conversational prompts.

Key highlights

• Unified visibility: Centralized dashboards that bring together security events and OpManager alarms for better operational and security awareness.
• Data enrichment: Correlate performance data with security events from the SIEM to enhance threat investigations with operational insights.
• Response: Execute response actions in OpManager Nexus, such as adding alarm notes or running configlets, directly from the Log360 console.

Key highlights

• Alert prioritization engine: A context-aware scoring system that ranks alerts based on user behavior, asset importance, and threat signals. It reduces noise and guides analysts toward high-impact incidents first.
• Reduces alert fatigue: Analysts will see fewer dead-end alerts and more meaningful correlations, improving response speed and focus.
• SOC dashboard: Purpose-built operational views that surface real-time insights into alerts, investigations, timelines, and response actions. Designed for teams that need instant clarity during active incidents.

Key highlights

• Consolidated alert dashboard: MSSPs will be able to view alerts from all clients on a single screen.
• Client-specific filtering: Analysts will be able to switch between clients to drill down into individual alert data as needed.

This upcoming enhancement will help MSSPs respond faster, prioritize incidents more effectively, and streamline multi-tenant security operations.

Key highlights

• Select client widgets and monitor metrics directly from the MSSP dashboard.
• Eliminate the need to switch between client spaces frequently.
• Enhances visibility and control for MSSPs handling multiple environments.

Key highlights

• Bundle and manage multiple ManageEngine and Zoho solutions in one place.
• Deliver comprehensive security services under a single platform.
• Supports MSSPs in scaling and simplifying multi-product management.