Protecting your infrastructure requires detecting threats, identifying suspicious network traffic, and responding quickly – whether the problem is in a data center, a hosted environment, or the cloud. Alert Logic Threat Manager with ActiveWatch provides 24×7 network threat detection for the entire IT environment. Our patented expert system, driven by global threat data, identifies potential problems for our Security operations Center (SOC) to investigate. Our SOC analysts act as an extension of your team, day and night, keeping an eye on suspicious activity.
How Threat Manager Works
Threat Manager identifies suspicious activity in network traffic, quickly identifying threats to your IT assets so that you can respond. Using intelligent multifactor correlation, we identify security events requiring attention. After validation by a Level 1 SOC analyst, we notify you with recommended actions/responses.
We give you insight into the real threats in your environments, so you can make more informed security investment and resource decisions. When your security program is driven by a clear understanding of the real threats affecting your network, your efforts and investments will provide more benefit and significantly enhance your security posture.
We help you meet compliance challenges. Threat Manager’s intrusion detection and vulnerability scanning capabilities provide key elements to address the requirements of PCI DSS, HIPAA/HITECH, GLBA, Sarbanes-Oxley, and other mandates. Compliance-specific reporting makes it easy to evaluate and document your compliance stance. Alert Logic is a PCI-Approved Scanning Vendor (ASV).
You get these benefits without a large investment, staff burden or distractions from your strategic IT initiatives. Security-as-a-Service delivery gives you Threat Manager with ActiveWatch for a fixed monthly fee, including all monitoring, software and our 24×7 Security Operations Center (SOC) to validate incidents and provide support.
Deploys in any environment: Providing a single view into cloud, hosted, and on-premises infrastructure, with support for elastic scaling.
Leading-edge threat awareness: Threat Manager’s 45,000+ IDS signature database is updated weekly, based on rules consolidated from the Alert Logic security team, emerging threats, and open source, third-party collaboration.
Integrated vulnerability assessment and intrusion detection: Unlimited internal and external scans, with broad scanning and detection visibility into network infrastructure, server infrastructure, business-critical applications, SSL traffic, and Web technologies (IPV6, Ajax, SQL injection, etc.).
Analysis and reporting: Dozens of dashboards and reports available out of the box, plus custom reporting capabilities, Common Vulnerability Scoring System (CVSS) to assess risks, and detailed vulnerability and host reports providing detailed descriptions and lists of impacted hosts, risk levels and remediation tips.
Integrated ActiveWatch managed security services: 24×7 state-of-the-art security operations center staffed by GIAC-certified security analysts and researchers providing monitoring, analysis and expert guidance capabilities.
Compliance support: Threat Manager supports compliance mandates including PCI DSS 2.0, HIPAA, SOX, GLBA, CoBIT, and others. Alert Logic is a PCI Approved Scanning Vendor (ASV) and PCI Level 2 Audited Vendor with SSAE 16 Type II Verified data centers. Raw IDS event data is stored for 6 months and incident analysis and cases are stored indefinitely.