Frequently Asked Questions
Common questions about LightShield SIEM.
How long does deployment take?
Typically 2-4 hours for standard deployments. Complex environments with multiple log sources may take 1-2 days for full configuration. Low-spec mode available for minimal resources.
Does LightShield SIEM send data to the cloud?
No. LightShield SIEM is 100% self-hosted. Data stays on your infrastructure unless you explicitly enable optional external integrations. AI features can run entirely on-premise.
What compliance frameworks are supported?
10 frameworks: CERT-In (including 6-hour incident reporting), RBI IT Framework, DPDP Act 2023, ISO 27001, SOC 2, NIST CSF, PCI DSS, HIPAA, GDPR, and Custom. Pre-built templates with evidence collection workflows.
Are AI features production-ready?
AI features are in BETA. They work well but require LLM configuration. All AI suggestions require human review before deployment. Core SIEM features are production-ready.
What are the hardware requirements?
Minimum: 4GB RAM, 2 CPU cores (low-spec mode). Recommended: 8GB+ RAM, 4+ cores for production workloads. Docker is required.
Do you support Sigma rules?
Yes. Full Sigma rule support with MITRE ATT&CK mapping. Import and export in standard Sigma format.
What threat intelligence feeds are supported?
VirusTotal, AbuseIPDB, AlienVault OTX, MISP, and TAXII/STIX 2.1 are all built-in. IOC management includes confidence scoring, TLP classification, and automatic enrichment of indicators.
Does LightShield have an EDR agent?
Yes. LightShield includes a lightweight endpoint agent with real-time telemetry: Event Log collection, File Integrity Monitoring, Process Monitoring, and Registry Monitoring. It also supports remote response actions like process kill, host isolation, and forensic collection.
What is AI Tool Security?
LightShield monitors AI coding tools like GitHub Copilot, Cursor, and Claude for security risks. Comprehensive detection capabilities help organizations manage shadow AI risks. Request a demo to learn more.
How much does LightShield cost?
Pricing depends on your environment — number of endpoints, users, log sources, and compliance needs. Tell us about your setup using the contact form or email us at contact@lightshieldsiem.in and we'll send you a custom quote.
What deployment options are available?
LightShield is 100% self-hosted on your own infrastructure. Deploy with Docker using a single command. Low-spec mode available for resource-constrained environments.
How many compliance frameworks are supported?
LightShield supports 10 built-in compliance frameworks: CERT-In (6-hour incident reporting), RBI Cyber Framework, DPDP Act, ISO 27001, SOC 2, NIST CSF, PCI DSS, HIPAA, GDPR, and Custom. Each includes automated evidence collection, control attestation, and scoring dashboards.
What is the Smart Confidence Engine?
Smart Confidence is LightShield's AI scoring engine that evaluates alerts using contextual signals to separate real threats from noise. It significantly reduces false positive alerts so analysts can focus on real threats.