Zoho Corporation Limited

ManageEngine Log360 Cloud: Cloud-based SIEM and compliance management solution

ManageEngine Log360 Cloud is a unified cloud SIEM solution with compliance management and integrated CASB capabilities. Detect, investigate, respond to, and neutralise security threats with effective threat analytics, workflow capabilities, and incident management console. Ease compliance audits with audit-ready templates, violation alerts, and effectievly drive down operational costs.

Features

• Log monitoring.
• Threat detection, investigation, and response (TDIR).
• Cloud compliance.
• Log archival.
• Incident management.
• Security analytics.
• Real-time correlation.
• ML-based behaviour analytics.
• CASB.
• Cloud security.

Benefits

• Continuously monitor logs from devices, servers, applications, and cloud infrastructure.
• Scalable architecture with flexible pricing for dynamic security needs.
• Get audit-ready reports and compliance violation alerts for various regulations.
• Gain visibility into shadow IT and block malicious app access.
• Detect APTs using correlation, UEBA, and MITRE framework adoption.
• Hunt and investigate threats with guided security analytics platform.
• Real-time updation of threat feeds and IoCs to detect threats.
• Comply with PCI DSS, HIPAA, GDPR, Cyber Essentials, etc.
• Security monitoring over SaaS, PaaS, and IaaS models.
• Custom log retention: Archive log data for effective forensic analysis.

£476 a licence a year

• Education pricing available
• Free trial available

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

376530191415633

Contact

Sreyas Benjamin
+44 2038072092
zohouk-gcloud@eu.zohocorp.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Public cloud
• Service constraints: In an on-premises environment, Log360 Cloud necessitates the installation of an agent on a Windows machine for log collection. Furthermore, customers are required to whitelist Log360 Cloud URLs to enable seamless communication between the agent and the cloud. This communication relies on specific ports: 443 (TCP), 513, 514 (UDP), and 514 (TCP). The solution is compatible with the Windows platform and seamlessly operates with popular web browsers such as Google Chrome, Microsoft Edge, and Mozilla Firefox.
• System requirements:
  • Agent installation in Windows machine
  • For 64 bit: 2.80GHz,x64Xeon LV processor or equivalent,2GB RAM
  • Manageengine.com/cloud-log-management/help/setting-up/prerequisites.html

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: ManageEngine offers 24/5 support. Depending on the severity of the issue we acknowledge it between 6-18 regional business hours. Severity level 1 (S1) tickets will be acknowledged in 6 regional business hours and a problem workaround will be provided in 24 regional business hours. A permanent resolution to the issue will be provided within 30 days. S2 tickets will be acknowledged in 12 regional business hours and a workaround will be provided in 48 regional business hours. A permanent resolution to the issue will be provided within 180 days. S3 tickets will be acknowledged in 18 regional business hours.
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: Web chat
• Web chat support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support accessibility standard: None or don’t know
• How the web chat support is accessible: Our webchat can be accessed directly from support page. Users can access our web chat support by clicking on the support icon located at the bottom left of our product website. This allows them to seek technical assistance. Alternatively, users can initiate web chat from the product portal's 'Support' tab for access to resources, custom features, support tickets, and personalised pricing quotes.; 1) Mouseless intervention-: The application has been designed to be entirely usable without the need for a mouse device. It supports mouseless intervention, enabling navigation using the following keys: Tab- Forward navigation; Shift+Tab-Backward navigation; Enter/Return- Option selection. 2) Zoom Controls and font size: The application is fully adaptable with Zoom control support ranging from 80% to 125%, regardless of the device (whether small or large) being used. This enhances overall product visibility. Additionally, it supports maximum readability by allowing users to adjust the font size of the content/text within (small, medium, or large) as desired, thereby enhancing clarity and legibility. 3) Screen Reader Compatibility: Our text-only application is compatible with screen reader extensions. These extensions enable the focus area on the screen (either through the tab key or mouse click) to be read aloud, making all content accessible.
• Web chat accessibility testing: The application has undergone manual testing for navigation and readability. Compatibility with screen readers has been tested using the Chromevox extension, which reads aloud the focused content on the screen.
• Onsite support: Yes, at extra cost
• Support levels: We provide three service levels: classic support, premium support, and onboarding/implementation services. Classic support, available 24x5, responds to requests based on severity levels:; ; Severity Level 1 (S1): The Licensed Software does not function without a fix being provided and the problem has significant effect on the revenue or business operations of the Licensee. Acknowledged within 6 regional business hours, with a workaround provided within 24 hours and a permanent fix within 30 days.; Severity Level 2 (S2): The Licensed Software can function. However, the Licensed Software functions providing incorrect results or its performance is inconsistent pursuant to the ManageEngine user documentation. Acknowledged within 12 regional business hours, with a workaround provided within 48 hours and a permanent fix within 180 days.; Severity Level 3 (S3): The functionality of the Licensed Software is not affected by the problem or can be accomplished by using other features of the Licensed Software. Acknowledged within 18 regional business hours, with resolution handled through future software releases or special support cases. Premium support, available 24x7 for an extra charge, offers rapid response times.; ; For comprehensive onboarding and implementation, we offer services at a nominal charge.
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: In the onboarding journey for Log360 Cloud, our approach revolves around empowering users with comprehensive resources while offering optional professional services. Our extensive knowledge base (KB) articles and guides provide step-by-step instructions, best practices, and troubleshooting tips for setup and configuration. If customers desire additional support, our professional services are available at a nominal cost. These services include a preliminary consultation to align with the client's requirements, implementation assistance, and thorough post-implementation acceptance testing. Documentation such as business requirements, standard operating procedure, and scope of work ensure transparent communication and a clear understanding of the process. Training sessions, lasting up to 4 hours and accommodating a maximum of 5 participants, are offered in English, with options for on-site training at a customised package rate. Product expert certification is also available for desired customers.
• Service documentation: Yes
• Documentation formats:
  • HTML
  • PDF
• End-of-contract data extraction: Seamless off-boarding is our top priority. Customers will be transitioned to the free edition of Log360 Cloud but will retain access until their contract is terminated. To ensure data continuity, log-forwarding should be set up before the end of the subscription. We do offer support for exporting data in PDF and CSV formats even in the free edition.
• End-of-contract process: Upon contract expiration, customers will retain access to existing log data within the free edition of Log360 Cloud. However, they won't be able to add new log sources, and the application won't process configured sources. Access to resources will remain free, with ongoing support available to customers. Customers have the option to utilise our professional services, wherein a ManageEngine Log360 Cloud technical specialist will manage the entire off-boarding process from start to finish. This service incurs an additional cost.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: Yes
• Compatible operating systems: Windows
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The user interface and user experience of Log360 Cloud differ notably between desktop and mobile devices. While accessing the platform on a mobile phone, although there is no reduction in functionalities, users might encounter navigation challenges. Our product is optimised for mobile use, yet it excels particularly when viewed in portrait mode. Our user interface ensures seamless interaction, enhancing accessibility and functionality. Whether on a desktop or mobile device, users can expect an intuitive and efficient experience while navigating through Log360 Cloud's features.
• Service interface: Yes
• User support accessibility: None or don’t know
• Description of service interface: Log360 Cloud offers an intuitive interface for easy navigation and a comprehensive overview of network activities. It features robust tools for managing and analysing logs and security events. Users can effortlessly explore the dashboard, accessing insights into log sources, events, alerts, correlation, compliance, and cloud protection. They can conduct searches, access reports, and configure alert criteria to monitor security events effectively. Detailed breakdowns of log sources, severity events, and recent alerts are readily available, facilitating proactive threat detection and response. Overall, the interface streamlines data organisation, enabling efficient network monitoring, anomaly identification, and threat mitigation.
• Accessibility standards: None or don’t know
• Description of accessibility: Log360 cloud is accessible through major web browsers such as Google Chrome, Microsoft Edge, Safari, and others.
• Accessibility testing: We have not done any interface testing with users of assistive technology. However, we are committed to doing it near future.
• API: Yes
• What users can and can't do using the API: Log360 cloud uses APIs to collect logs from cloud sources like AWS and M365.
• API documentation: No
• API sandbox or test environment: No
• Customisation available: Yes
• Description of customisation: Log360 Cloud offers extensive customisation options to suit the unique requirements of our customers. Administrators and operators have the flexibility to personalise dashboards, set up custom alerts, and tailor various aspects of the solution to align perfectly with their needs. Users can customise a wide range of features including dashboards, alert settings, notification preferences, correlation rules, compliance reports, report scheduling, log retention policies, regional business hours, domains, workgroups, cloud accounts, application restrictions, and much more.

Scaling

• Independence of resources: Log360 Cloud puts a throttle limit on each user to ensure that they don't overload the servers with requests so that other users don't get affected by the demand. We however have a network of servers spread across the globe to make sure such a crisis doesn't occur.

Analytics

• Service usage metrics: Yes
• Metrics types: Log360 Cloud is licensed based on storage consumed on a daily basis. The users can view the used and free storage. These insights are provided within the product, and inside settings, which gives valuable data and information gathered from monitoring and analysing user interactions and access activities within systems, applications, and resources. All of the reports are placed under the technician audit tab.
• Reporting types:
  • Real-time dashboards
  • Regular reports

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: Up to Baseline Personnel Security Standard (BPSS)

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: European Economic Area (EEA)
• User control over data storage and processing locations: No
• Datacentre security standards: Managed by a third party
• Penetration testing frequency: At least once a year
• Penetration testing approach: In-house
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Encryption of all physical media
  • Other
• Other data at rest protection approach: Sensitive customer data at rest is encrypted using 256-bit Advanced Encryption Standard (AES). The data that is encrypted at rest varies with the services you opt for. We own and maintain the keys using our in-house Key Management Service (KMS). We provide additional layers of security by encrypting the data encryption keys using master keys. The master keys and data encryption keys are physically separated and stored in different servers with limited access.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: A third-party destruction service

Data importing and exporting

• Data export approach: Log360 Cloud has a data export feature through which users can export their data in PDF and CSV formats.
• Data export formats:
  • CSV
  • Other
• Other data export formats: PDF
• Data import formats: Other
• Other data import formats: Log sources

Data-in-transit protection

• Data protection between buyer and supplier networks:
  • TLS (version 1.2 or above)
  • Other
• Other protection between networks: All customer data transmitted is safeguarded via robust encryption protocols over public networks. We require TLS 1.2/1.3 encryption for web, API, mobile apps, and email client connections, ensuring secure data transfer and mutual authentication. Email services utilise opportunistic TLS for secure delivery between servers. Perfect Forward Secrecy (PFS) ensures past communications remain encrypted even if compromised. HTTP Strict Transport Security (HSTS) directs modern browsers to only use encrypted connections, while authentication cookies are flagged as secure. This comprehensive approach fortifies data protection, mitigating risks of eavesdropping and unauthorised access, providing peace of mind to our users.
• Data protection within supplier network: Other
• Other protection within supplier network: Our network security includes firewalls and segmented systems for data protection. Firewalls prevent unauthorised access and undesirable traffic. Testing and development systems are separate from production infrastructure. Firewall access is rigorously monitored, with daily engineer reviews and biannual rule updates. Our Network Operations Centre ensures infrastructure integrity, monitoring for anomalies with proprietary tools. Notifications alert to any suspicious activities in the production environment.

Availability and resilience

• Guaranteed availability: Our monthly service uptime is 99.9%. The live service availability status can be seen at status.manageengine.uk or status.manageengine.com or status.manageengine.eu depending on the hosting location. Upon customer request, Zoho will, as per the terms and conditions of its Service level agreement, provide service credits.
• Approach to resilience: Application data is stored on resilient storage that is replicated across data centres. Data in the primary DC is replicated in the secondary in near real time. In case of failure of the primary DC, secondary DC takes over and the operations are carried on smoothly with minimal or no loss of time. Both the centres are equipped with multiple ISPs.; We have power back-up, temperature control systems and fire-prevention systems as physical measures to ensure business continuity. These measures help us achieve resilience. In addition to the redundancy of data, we have a business continuity plan for our major operations such as support and infrastructure management.
• Outage reporting: We have a dedicated incident management team. We notify you of the incidents in our environment that apply to you, along with suitable actions that you may need to take. We track and close the incidents with appropriate corrective actions. Whenever applicable, we will identify, collect, acquire and provide you with necessary evidence the form of application and audit logs regarding incidents that apply to you. Furthermore, we implement controls to prevent recurrence of similar situations.; ; We respond to the security or privacy incidents you report to us through incidents@zohocorp.com, with high priority. For general incidents, we will notify users through our blogs, forums, and social media. For incidents specific to an individual user or an organisation, we will notify the concerned party through email (using their primary email address of the Organisation administrator registered with us). Service outages can be viewed at status.manageengine.uk or status.manageengine.com or status.manageengine.eu depending on your hosting location.

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Identity federation with existing provider (for example Google Apps)
  • Username or password
• Access restrictions in management interfaces and support channels: Log360 Cloud offers three tiers of roles: administrator, operator, and guest. Access can be limited depending on the user's role.
• Access restriction testing frequency: At least every 6 months
• Management access authentication:
  • 2-factor authentication
  • Username or password
  • Other
• Description of management access authentication: We employ technical access controls and internal policies to prohibit employees from arbitrarily accessing user data. We adhere to the principles of least privilege and role-based permissions to minimise the risk of data exposure.; Access to production environments is maintained by a central directory and authenticated using a combination of strong passwords, two-factor authentication, and passphrase-protected SSH keys. Furthermore, we facilitate such access through a separate network with stricter rules and hardened devices. Additionally, we log all the operations and audit them periodically.

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: Between 1 month and 6 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: BSI
• ISO/IEC 27001 accreditation date: 09-08-2022
• What the ISO/IEC 27001 doesn’t cover: Our data centers
• ISO 28000:2007 certification: No
• CSA STAR certification: Yes
• CSA STAR accreditation date: 01-03-2023
• CSA STAR certification level: Level 1: CSA STAR Self-Assessment
• What the CSA STAR doesn’t cover: N/A
• PCI certification: No
• Cyber essentials: No
• Cyber essentials plus: No
• Other security certifications: No

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards:
  • ISO/IEC 27001
  • Other
• Other security governance standards: Security is a key component in all our offerings, and is reflected in our people, processes, and products.; ; Our Security strategy involves component like data security, operational security, Infrastruture security , Identity & Access Control and physical security to; offer security to our customers. https://www.manageengine.com/security.html
• Information security policies and processes: We have a dedicated compliance team that conducts internal risk assessments to confirm if the policies are being followed. Zoho has an established governance framework that supports relevant aspects of information security with policies and standards. Roles and responsibilities for the governance of information security within Zoho are formally documented and communicated by management. Zoho shall establish, implement, and maintain an information security program in accordance with the international standard ISO 27001, which includes technical and organisational security measures, physical measures, as well as policies and procedures to protect customer data processed by Zoho against accidental loss, destruction, or alteration, unauthorised disclosure or access, or unlawful destruction. Zoho maintains documented information security and data privacy policies and requirements, and periodically communicates them to employees responsible for the design, implementation, and maintenance of security and privacy controls. The policies are reviewed annually to keep them up-to-date. This policy is verified during our third-party audits such as ISO and SOC.

Operational security

• Configuration and change management standard: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Configuration and change management approach: We have Change Management procedures in place that include, but are not limited to, all changes to the organisation, applications, systems, people, technology, and processes, as well as information processing facilities that affect information security/privacy. For every change, the security impact is analysed. We maintain audit logs as evidence for all changes. Fall-back procedures, including procedures and responsibilities for aborting and recovering from unsuccessful changes and unforeseen events, are documented and communicated. Zoho shall notify the customer of any changes that may affect the customer adversely.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We have a dedicated vulnerability management process that actively scans for security threats using a combination of certified third-party scanning tools and in-house tools, along with automated and manual penetration testing. Furthermore, our security team reviews inbound security reports and monitors public mailing lists, blog posts, and wikis to spot security incidents that might affect the company’s infrastructure.; ; Once we identify a vulnerability requiring remediation, it is logged, prioritised according to severity, and assigned to an owner. We identify the associated risks and track the vulnerability until it is closed by either patching the vulnerable systems or applying relevant controls.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We monitor and analyse information gathered from services, internal traffic in our network, and usage of devices and terminals. We record this information in the form of event logs, audit logs, fault logs, administrator logs, and operator logs. These logs are automatically monitored and analysed to a reasonable extent to help us identify anomalies, such as unusual activity in employees’ accounts or attempts to access customer data. We store these logs on a secure server isolated from full system access to manage access control centrally and ensure availability.
• Incident management type: Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
• Incident management approach: We maintain an incident management team to handle and communicate relevant incidents promptly. Actions and necessary evidence are provided to affected parties, with incidents tracked and closed with corrective measures. Controls are implemented to prevent future recurrences. Security or privacy incidents reported to us receive high-priority responses via incidents@zohocorp.com. General incidents are notified through our public channels, while individual or organisational-specific incidents are communicated via email to the registered administrator's primary email address.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Social Value:

  Social Value

  • Fighting climate change
  • Covid-19 recovery
  • Tackling economic inequality
  • Equal opportunity
  • Wellbeing

  Fighting climate change

  We've partnered with Equinix to host our UK data centres in London and Manchester. Equinix is also committed to sustainability and is compliant with the Climate Neutral Data Centre Pact, ISO 14001, LEED, etc. The energy supply for the Zoho UK’s workspace at Bletchley is derived from renewable sources, accounting for 21% of total power consumption. LED retrofits have been implemented to enhance energy efficiency throughout the building. Designed with a focus on energy efficiency, data centres that support Zoho UK are powered by renewable energy. Further, these data centres are progressing towards integrating with a solar grid to reduce environmental impacts. All purchased energy for the data centres is sourced from green energy providers. This enables us to minimise the carbon footprint associated with our operations. The United Kingdom has committed to achieving carbon neutrality by 2050. Supporting this pledge, we have taken steps to monitor greenhouse gas (GHG) emissions from our operations and implement measures to mitigate them. We account for Scope 2 and Scope 3 emissions and exclude Scope 1 emissions as our work does not involve fuel combustion within operational boundaries. We've switched completely to electric vehicles for movement within the campus.

  Covid-19 recovery

  During the COVD-19 pandemic, Zoho worked to minimise the impact of COVID on our customers, other business and our local community. At the start of the pandemic, Zoho created and distributed a Secure Remote Access Toolkit to help organisations quickly adapt to and work securely during the pandemic. This toolkit was made free for the first 100 days. To assist organisations impacted by the pandemic, Zoho offered free licences of flagship products, and offered discounts and waivers on licences on a case-by-case basis. While most of our employees worked from home, we kept the kitchen at our Chennai headquarters running with a skeletal staff to provide food to underprivileged people in the local area, many of whom were impacted due to a loss of employment during the lockdown. We converted one of our office buildings into a temporary COVID-19 ward to accommodate citizens who were required to quarantine. We ran vaccination camps to our employees, their dependents and the support staff who worked in Zoho.

  Tackling economic inequality

  Zoho has always aimed to tackle economic inequality and give back to the community. This is reflected in the following: Coined by our CEO, transnational localism is the philosophy that underpins our staffing and office location plans. Instead of focusing on crowded urban centres, we've been opening spoke offices in smaller towns and villages. The goal is to improve local infrastructure, boost the economy of these smaller towns and villages, and provide more employment opportunity. As part of our philosophy of transnational localism, we believe in hiring locally for each spoke office. This helps promote local talent and bring high-paying jobs back to the villages and towns where we are based.

  Equal opportunity

  As part of our efforts to tackle inequality, Zoho Corporation Limited have made efforts to provide equal opportunities and tackle workforce inequality. All roles at Zoho Corporation are open to all people irrespective of gender, sex, race, ability, or religion. We hire solely based on skill and have a diverse team. We eschew discrimination on any grounds, including age, colour, disability, ethnicity, family or marital status, gender identity or expression, language, national origin, physical and mental ability, political affiliation, race, religion, sexual orientation, socio-economic status, and other unique characteristics that define our associates. Instead, we espouse, fairness, striving to ensure that a merit-based approach allows wage parity among associates with comparable experiences and responsibilities, irrespective of their gender. Our campus has been designed to be accessible to all, including differently- abled colleagues. The layout design includes ramps and lifts in every building, allowing ease of mobility and access to all. Apart from the usual shuttle facilities, special cab service covering a certain distance is given for women during their third trimester.

  Wellbeing

  Zoho Corporation Limited adheres to industry standards in remuneration, ensuring that compensation is equitable across genders. Recognising the diverse needs of our people, we provide essential support such as parental leave, aligning with our efforts to build an organisation that values and cares for every individual. We have trained medical practitioners and a dedicated medical clinic available on all days of the week. Employees can freely avail their services. The Hazard Identification & Risk Assessment (HIRA) Framework is followed rigorously at the premises. We provide in-house counselling to our employees for free via our team of trained and qualified therapists. We organise free medical check-ups for our employees on an annual basis. We organise regular blood donation camps in association with various blood banks. We have open house sessions conducted by the CEO periodically where employees can raise any concerns. Day Care facilities provided for employees kids. The compliance monitoring framework involves ongoing reviews and enhancements of occupational health programmes, guided by feedback, data analysis, and emerging best practices.

Pricing

• Price: £476 a licence a year
• Discount for educational organisations: Yes
• Free trial available: Yes
• Description of free trial: We understand the importance of allowing potential customers to evaluate our service before making a commitment. Log360 Cloud offers a 30 day free trial to enable the customers to evaluate the product in real time. We also offer complimentary license for the customers to see our solution in full action.
• Link to free trial: https://log360cloud.manageengine.com/rest/v1/signup?utm_source=Gcloud

Service documents

• Pricing document

  PDF

• Skills Framework for the Information Age rate card

  PDF

• Service definition document

  PDF

• Terms and conditions

  PDF

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at zohouk-gcloud@eu.zohocorp.com. Tell them what format you need. It will help if you say what assistive technology you use.