Containers Page Log Data

Ingest and Analyze Antivirus Data

Antivirus (AV) scanning is an essential part of an organization’s security monitoring and provides valuable data for security teams to handle potential compromise and improve their security posture. With integration, analysis, and detection of AV logs from third-party tools, Alert Logic helps place threats identified from your AV data into a more comprehensive threat management view.

Alert Logic ingests and analyzes antivirus logs to provide key insights for alerting and Security Operations Center (SOC) support, such as:

  • Detection of known hack tools such as pwdump, wincred, and mimikatz whose presence is highly correlated with malicious post-compromise activity
  • Detection of writing to privileged locations on the local system, which is indicative of a user or malware with administrative privileges – often a later stage action in the attack cycle

Add an Additional Layer of Defense

In addition to antivirus analysis and detection, Alert Logic’s Managed Detection and Response platform also provides an extended endpoint protection capability. With this capability, we block endpoint attacks through a combination of machine-learning attribute analysis and real-time behavioral analytics.

Additional Layer of Defense
Additional Layer of Defense
Additional Layer of Defense
Additional Layer of Defense

Alert Logic Cloud Security Solution Benefits

SECURITY PLATFORM

SECURITY PLATFORM

  • Asset discovery
  • Vulnerability Scanning
  • Threat monitoring and visibility
  • Intrusion detections
  • Security analytics
  • Log Collection and Monitoring
  • Always-on WAF defense against web attacks
THREAT INTELLIGENCE

THREAT INTELLIGENCE

  • Threat Risk Index
  • Remediation guidance
  • Comprehensive vulnerability library
  • Event insights and analysis
  • Threat frequency, severity, and status intelligence
  • Attack prevention capabilities
  • Verified testing 2.1 million + web application attacks
EXPERT DEFENDERS

EXPERT DEFENDERS

  • 24/7 SOC with incident management, escalation, and response support
  • PCI Scanning and ASV support
  • Service health monitoring
  • Incident response assistance
  • Threat hunting
  • Help with tuning strategies, customized policies, and best practices

Get Started

call us directly at 844.816.1051, for the UK call +44 (0) 203 011 5533.