White Papers

Written by leading industry professionals and the experts at Alert Logic, our white papers offer insight into improving security by assessing vulnerabilities and employing effective log and threat management. Learn about the best practices used in identifying internal and external threats, dealing with PCI compliance, and more.
It’s Not You, It’s Me: Understanding the Shared Responsibility of Cloud Security

Although the public cloud comes with great financial and technical benefits, like any other infrastructure, it also has its share of threats. Over the years, we have seen a rise in both attack frequency and diversity of malicious software used. With increases in cloud incidents related to vulnerability scanning, web application attacks and brute force attacks, it is crucial for you to understand the types of threats potentially targeting you on the cloud. A key to being secure is a solid understanding of the shared security model that exists between you and your cloud provider so you can build a security-in-depth strategy to defend your environment from malicious attacks.
View white paper

Cloud Security Spotlight

Cloud adoption is increasing quickly as organizations are looking to reduce IT cost, increase agility and better support business functions. However, security of data and systems in the cloud remains a key issue and critical barrier to faster adoption of cloud services.

This report is the result of comprehensive research in cooperation with the 250,000+ member Information Security Community on LinkedIn to explore the specific drivers and risk factors of cloud infrastructure, how organizations are using the cloud, whether the promise of the cloud is living up to the hype, and how organizations are responding to the security threats in these environments.
View white paper

Vulnerability Response Best Practices

The number of vulnerabilities identified in servers, operations systems, applications, and databases has increased at an alarming rate in the past several years—and the outlook going forward is no better. Systems, networks, and applications will continue to be susceptible to vulnerabilities, so it is important to be prepared for response when a vulnerability is identified.

Alert Logic is not immune to vulnerabilities, and in the fall of 2014 our teams responded to three major vulnerabilities (heartbleed, shellshock, and POODLE) and a number of minor ones. These instances enabled us to further developed our response plan, which outlines an approach that can be used as a template for defining any organization’s action plan when faced with vulnerability.

Throughout this paper, we will discuss Alert Logic’s step-by-step approach to responding to a vulnerability, using the company’s response to the shellshock vulnerability as our case study.
View white paper

Strategies For Guarding Against Healthcare Cyber Threats

Healthcare data is approximately 50 times more valuable on the black market than credit card data because it exposes information such as a person’s height, eye color and other physical characteristics, which can be used to create comprehensive fake identities.

By implementing strategies that prioritize anti-virus, encryption, file integrity and data management, healthcare organizations can leverage in-depth security solutions that will lock down the workstations and mobile devices holding patient data and enforce compliance with HIPAA privacy, breach notification and security rules.

Download this paper to learn more about the emerging cyber threats and strategies to defend against attacks.
View white paper

PCI DSS 3.0 Guidebook

An overarching theme of Payment Card Industry Data Security Standard (PCI DSS) 3.0 is the evolution of security compliance to a day-to-day practice, instead of a once-a-year event that happens just before an audit. It is clear that many of the new and expanded testing and auditing requirements directly support this goal. Planning and execution of the new 3.0 requirements should be a top priority, and while many of the changes are clarifications, several requirements could take some time to address. This e-book will guide you through the compliance process from the beginning and includes additional resources to help you prepare for the January 2015 deadline.
View white paper

PCI DSS Reporting

The Payment Card Industry Data Security Standard (PCI DSS) Requirements 6, 10 and 11 can be costly and resource intensive to meet as they require proof that you have log management, vulnerability assessment, intrusion detection and web application protection in place. The purpose of this white paper is to illustrate key data and reports that are generated from Alert Logic’s security & compliance services and solutions that help you maintain and demonstrate PCI DSS compliance.
View white paper

Defense Throughout the Vulnerability Life Cycle

New security threats are emerging all the time and defending against these risks is an ongoing battle. In response, the array of security technologies available has also grown. While many are familiar with essential defenses, more sophisticated solutions are harder to evaluate. In this white paper you will learn how vulnerability assessment, network intrusion detection and log management work together to protect your IT assets and how you can use these different technologies to identify and prevent attacks as well as remediate successful attacks.
View white paper

Pragmatic WAF Management:Giving Web Apps a Fighting Chance

Web Application Firewalls (WAFs) can significantly improve security, blocking dangerous web application attacks such as SQL injection, cross-site scripting, and cross-site request forgeries. However, managing a WAF to realize these benefits can be an overwhelming challenge. This white paper from Securosis lays out the requirements for effective WAF management, providing detailed information to help scope out the resources required for this critical task. (Cosponsored by Alert Logic.)
View white paper

Log Management Best Practices

To comply with today’s government and industry mandates, such as PCI, SOX, HIPAA, and GLBA, log data must be collected, reviewed, and archived. The challenges of effective log management in increasingly-complex and distributed environments are significant; this paper outlines best practices for a log management initiative and the benefits of automated log management solutions.
View white paper

Configuring Log Sources for Best Practice Reports

A well-defined log management process enables organizations to deal with the large volumes of computer-generated log messages generated each day. By collecting, aggregating, parsing and analyzing these messages, you can better understand what’s happening with systems in your IT environment and extract real value from the information for performance, security, compliance and other purposes.
View white paper

The Inevitability of Security-as-a-Service

The move to the cloud is a transformation in IT delivery, and it has important implications for security. The same requirements that have driven the growth of service-based IT delivery are driving service-based security. Virtualization, elastically-scalable infrastructure, big data, and other factors are discussed in this overview of the movement toward Security-as-a-Service.
View white paper

Buyer’s Guide to Log Management: Comparing On-Premise and On-Demand Solutions

Examines and compares two solutions to log management — traditional on-premise log management handled by the in-house infrastructure team, and a cloud-based log management solution, which moves the infrastructure footprint for log management to a physically and organizationally separate company.
View white paper

How to Improve Network Security without Extra Staff or Busting Your Budget

The responsibilities of network administrators and security managers at today’s mid-size companies can seem like a no-win situation. They are accountable for securing their organization’s network technologies with limited budgets and even more limited staff resources. This white paper explores how a cloud-powered threat management solution can ease the burden on administrators’ time, money and resources.
View white paper

Increasing Profit Margins with Network Security Services

Alert Logic’s Network Protection On-Demand solution helps service providers increase profit margins with highly differentiated network security services and no upfront investment or dedicated security staff.
View white paper

Contact Us
  • Toll Free: +1.877.484.8383
    Corporate: +1.713.484.8383
    UK: +44 (0) 203 011 5533
    Fax: +1.713.660.7988
  • Alert Logic, Inc.
    1776 Yorktown, 7th Floor
    Houston, TX 77056

E-mail: info@alertlogic.com

Support: support@alertlogic.com