Delivering the functionality, security content and actionable intelligence that organisations need to uncover and remediate active threats, Alert Logic Cloud Defender protects organisations from cyber threats targeted at business critical infrastructure, wherever it’s deployed – on-premises, in a public cloud or in a hybrid datacentre.
Continuous Threat Protection in the Cloud
Alert Logic Cloud Defender is a tightly integrated security and compliance suite that provides businesses with deep security insight into their IT environment and continuous protection against attacks, at a fraction of the cost of traditional security solutions. Through a combination of market-leading technologies and human expertise in the form of 24x7 monitoring by security and compliance specialists, Alert Logic Cloud Defender delivers four critical detection and protection capabilities that datacenters require. These include:
Intrusion detection that identifies and mitigates threats as they move across an organisation’s network,
Vulnerability scanning that inspects servers for known vulnerabilities and misconfigurations that expose them to potential takeover by cyber attackers,
Web application threat detection that observes traffic destined for web applications identifying malformed requests that are indicative of a web application attack, and,
Log and security event analysis that, through a combination of threat intelligence and purpose-built correlation rules, can analyse seemingly unrelated log messages from operating systems, applications, databases, and other security products to identify threats.
In addition to these capabilities, Alert Logic Cloud Defender includes a series of Alert Logic Active Services that provide big data security analytics, security monitoring, threat intelligence research and security content management, resulting in strong protection for customers.
Alert Logic Cloud Defender Active Services include:
Alert Logic ActiveAnalytics Platform: Automated Incident Identification
The Alert Logic ActiveAnalytics platform ingests security events and other information such as network traffic, log data, web server activity and security product activities from across an organisation’s datacentre infrastructure, and applies threat intelligence, analytics, and advanced correlation rules to automatically identify incidents impacting a company’s IT infrastructure. This platform processes over 450 million security events each month resulting in over 60,000 identified incidents for Alert Logic customers.
Alert Logic ActiveIntelligence: Dedicated Threat Research and Content
Alert Logic ActiveIntelligence is a dedicated team of security experts that monitor a variety of sources to identify new and emerging threats and feed this data back into the system in the form of content such as network signatures, correlation rules and watch lists.
Alert Logic ActiveWatch: Continuous Monitoring by Security Experts
Alert Logic ActiveWatch is a managed service that provides customers with continuous, around-the-clock monitoring, investigation, and custom notification of security and compliance issues as they arise in their datacenter infrastructure.
“For years organisations have been torn between the need to identify and respond to security incidents impacting their datacentre infrastructure with the challenge of bringing a complex and high-maintenance SIEM solution in-house,” said Gray Hall, CEO of Alert Logic. “Unlike traditional SIEM solutions that require organizations to purchase hardware, implement complex software, configure correlation rules and provide their own security content, Alert Logic Cloud Defender provides advanced technology, real-time threat detection, and automated security analytics, all managed by a team of dedicated security experts, to companies of any size.”