What framework does Inopli use for the incident management?
Inopli is built upon the incident response concepts and best practices defined by the SANS Institute, ensuring that its processes align with internationally recognized methodologies for detection, analysis, containment, and recovery.
Does Inopli use the term “incident,” considering the industry trend of moving away from it?
Yes, Inopli continues to use the term “incident” in alignment with established information security frameworks.
Some vendors have moved away from the term to position their products as broader solutions that merge alerts, events, and incidents under a single category. This naming shift is primarily a marketing or product-scope decision and does not change the fundamental concept of an incident, which remains well-defined and widely adopted across recognized security frameworks and standards.
How are audit logs and incident/request trails protected in Inopli?
All platform logs in Inopli including security logs, audit logs, incident and request handling trails, and configuration change records are treated as immutable data and are protected against unauthorized access and tampering.
Diazero Technologies performs an annual audit based on ISO 27001 controls to verify that these protections are correctly implemented, operating effectively, and remain active over time, ensuring the integrity and reliability of all audit-related information stored in the platform.
How does licensing work for data ingestion and alert processing in Inopli?
Inopli licensing is not based on data ingestion volume within the Astral SIEM. There are no licensing restrictions related to the amount of data ingested, indexed, or stored by Astral.
The licensing model is defined by the number of alerts processed per month by the Inopli platform. This approach allows organizations to scale data ingestion freely, without concerns about ingestion-based licensing limits, while maintaining predictable licensing aligned with operational workload.
For military and sovereign organizations, licensing models may be configured to support unlimited alert processing, depending on the deployment and contractual scope. This flexibility ensures that high-volume or mission-critical environments can operate without artificial limitations imposed by licensing constraints.