Alert Logic

Alert Logic ActiveWatch

Alert Logic ActiveWatch builds upon the Threat Manager foundation to provide 24×7 monitoring and expert guidance services from Alert Logic’s state-of-the-art security operations center (SOC). The ActiveWatch team augments your existing IT team to ensure rapid detection and response to network incidents around the clock.

In addition to monitoring the network traffic flows for incidents, the SOC team reviews suspicious network traffic to identify zero-day attacks, which might not otherwise trigger an alert. This intelligent review and response by industry professionals not only increases the overall visibility into your network, but also reduces the potential for false-positive alarms.

When an incident or suspicious network activity is detected, the ActiveWatch team will conduct an analysis of the situation. The Alert Logic SOC will notify your staff directly by phone and/or e-mail based on predetermined escalation procedures. They will work with your team to perform in-depth analysis and assessment of the incident, and recommend containment and mitigation actions.

ActiveWatch also includes integrated incident and case management capabilities that allow customers to track and report on incident trends across their entire enterprise, including the services hosted outside of the internal perimeter. This capability provides an audit trail of suspicious findings and gives a historical record of the response and actions from start to finish.

To satisfy regulatory requirements, incident and case reports can be generated and provided to auditors and other stakeholders for forensic analysis.

The ActiveWatch team is staffed by GIAC-certified analysts and other industry-certified security experts. In addition to GIAC certifications, these analysts have specialized certifications including CISSP, Microsoft Certified System Engineer, Cisco CCNA, PCI ASV Security Engineer and others.

Because the ActiveWatch team has a singular focus on network intrusion detection and diagnosis, they are able to stay up-to-date on the most current attack techniques and countermeasures. This gives customers the benefits of an around-the-clock security operations staff, while retaining the freedom to focus on projects that enhance their business.

Key Benefits

• Offers a round-the-clock turnkey security solution at the fraction of the cost of a dedicated, in-house security operations center.
• Improves the breadth of coverage for network security monitoring to include off-hours time windows when attacks are more likely to happen.
• Enables staff to focus on business-critical initiatives without the capital expenditures, deployment headaches, training and other commitments required for self-managed solutions.