Cloud Defender combines existing Alert Logic solutions with new analytics and security services to provide a fully managed SIEM solution which addresses the entire stack rather than specific applications.
Houston-based Alert Logic, a long-time provider of SaaS-based security products, has announced Alert Logic Cloud Defender, which becomes the company’s new flagship product. Designed for today’s more aggressive threat landscape, Cloud Defender combines existing Alert Logic solutions with new analytics and security services to provide a fully managed Security Information and Event Management (SIEM) solution which addresses the entire stack rather than specific applications.
“Cloud Defender is a suite that includes existing capabilities that we have delivered in the past, as well as new capabilities and more managed services,” said Rahul Bakshi, Alert Logic’s Senior Director of Product and Solution Marketing. “The other net new is broader analytics and security content, such as new log and correlation rules that can analyze over 100 different incidents across 10 different threat domains. It can log data from all of that and analyze the data across the entire application stack.”
In the SaaS security business since 2002, and with over 2800 customers, Alert Logic’s focus is on the enterprise and midmarket. While they started out direct, over 70 per cent of their business now goes through channel partners. This includes MSPs like Rackspace, some of whom white-label the product, although Bakshi said that the end customer usually knows Alert Logic is the back end. They also have reseller, systems integrator and consulting organization partners.
Cloud Defender offers four specific detection and protection capabilities based on Alert Logic’s existing product lines. Their intrusion detection capability comes from their Threat Manager solution, and identifies and mitigates threats as they move across an organization’s network. Vulnerability scanning capability comes from both Threat Manager and Scan Watch services, and inspects servers for known vulnerabilities and misconfigurations. Web application threat detection utilizes Alert Logic’s Web Security Manager, which protects web applications with web application firewall technology and ActiveWatch management, monitoring and tuning services. Finally, log and security event analysis from Alert Logic’s Log Manager solution analyzes log messages to identify threats.
“Cloud Defender brings all these capabilities together, so the customer can focus on the outcome,” Bakshi said. “Before Cloud Defender, our sales teams would talk about these individual products, like Threat Manager or Web Security Manager and its firewall. Cloud Defender doesn’t address single layers of the application stack, but the entire stack, and we will now lead with that. It better addresses the current dynamics of cybersecurity, which have become much more complicated.”
Cloud Defender also adds some new services, that provide big data security analytics, security monitoring, threat intelligence research and security content management.
The Alert Logic ActiveAnalytics Platform applies threat intelligence, analytics, and advanced correlation rules to automatically identify incidents impacting a company’s IT infrastructure, processing over 450 million security events each month to identity over 60,000 incidents.
Alert Logic ActiveIntelligence is a dedicated team of security experts that monitor a variety of sources to identify new and emerging threats and feed this data back into the system in the form of content such as network signatures, correlation rules and watch lists.
Alert Logic ActiveWatch is a managed service that provides customers with continuous, around-the-clock monitoring, investigation, and custom notification of security and compliance issues.
“These Active services give faster incident response process than before,” Bakshi said.
The pricing, which starts at $USD 2,999 list, is roughly a 25 per cent discount over the prices of all the previous Alert Logic products and services.
“This becomes our ‘go to’ product for most customers, although there will always be some customers who just want one point solution, because they have already addressed application security products with multiple point products, or who don’t need something like a web application firewall,” Baskshi said. “The pricing for the whole suite is designed so that customers don’t have to make budget-based tradeoffs.”