It would be really good to have SIEM able to ingest logs from MSP documentation platforms to help monitor and secure the usage.

This would be taking the logs of engineers and internal staff usage, and co-managed resources within the RMM tool and identifying things like source login location, and actions within the tool - bulk changes, deletions, rapid password access etc. anything that could be deemed as unusual / unsafe behaviour.

We're on IT Glue so would like that to be first cab off the rank