Latest Features and Capabilities

What Is It?

GuardDuty findings are now assessed using Alert Logic's most recent analytic capabilities, allowing for better tuning of incidents generated and updated incident formatting aligned with other Alert Logic incidents.

What Are The Benefits?

• Improved rating of GuardDuty incidents to adopt the MITRE ATT&CK framework
• Analytic updates that allow better tuning of GuardDuty incidents

What Is It?

MDR customers now have access to enhancements in the Alert Logic console for configuring vulnerability scans

What Are The Benefits?

• Finely tuned control of vulnerability assessment scope and configuration for increased efficiency and accuracy.
• Improved health diagnostics to help customers troubleshoot common scan problems
• More consistent tracking of the lifecycle of vulnerability discovery and remediation, even in highly dynamic cloud environments

What Is It?

Threat Intelligence Center provides insight into Alert Logic threat coverage by displaying security content details in an interactive, tabular list.

What Are The Benefits?

• Learn technical details about how Alert Logic analyzes data to produce security outcomes using different types of security content
• Gain visibility to all customer agnostic security content and coverage details provided by Alert Logic
• Help determine if the environment is configured to maximize security value

What Is It?

Alert Logic agent-based scanning improves overall scanning efficiency and efficacy with minimal impact on the host.

What Are The Benefits?

• Flexibility to tune scanning requirements to match business requirements
• Complete vulnerability picture without special credentials required
• Less bandwidth consumption and fewer false positives

What Is It?

Through this integration with AWS, Alert Logic is making it easier to deploy our solution by automating the agent deployment process.

What Are The Benefits?

• Automate and streamline deployment of our Alert Logic MDR Platform agent
• Deploy Alert Logic agent directly through AWS System Manager without having to go to Alert Logic console
• Monitor Agent deployments through AWS Systems Manager

What Is It?

Machine Learning Log Review allows you to maintain your compliance requirements of log-review while unlocking greater security value. By applying machine learning we accelerate detection of log-based anomalies based on your organization’s trends and patterns at the account, user, and host levels at scale. Machine learning log review anomaly detection will detect anomalies for Windows, LINUX, AWS, Azure, Network and Database logs.

What Are The Benefits?

• Get customized and trained results quickly with higher accuracy
• Receive incident notification via email or automated connector
• Quickly identify security outcomes with enhanced incident console experience

What Is It?

New Scan reports help manage scanning-related business requirements by providing the flexibility to focus on vulnerabilities found on hosts in the scope of a specific scan schedule. In the console these are called Scan Host Summary, Scan Details, and Scan Variance.

What Are The Benefits?

• Increase efficiency by focusing remediation efforts determined from summarized overview
• Meet organizational reporting and tracking needs with scan details of vulnerabilities found
• Track remediation progress with comparisons of new, resolved, and unresolved vulnerabilities

What Is It?

Alert Logic is extending container security leadership to include serverless workloads with the integration with AWS Fargate. By deploying our agent-container as a sidecar to the AWS Fargate cluster, we can identify each container uniquely deployed in AWS Fargate, allowing us to collect the isolated traffic.

What Are The Benefits?

• Maintain data integrity collecting only network traffic and container logs from the identified containers
• Solve the data contamination challenge of deploying containers on shared infrastructure
• Meet compliance such as PCI and HIPAA requirements by detecting threats through IDS and analyzing logs of container workloads in Fargate

What Is It?

Collect, parse and correlate AWS Network Firewall activity within the Alert Logic console for enhanced visibility and threat detection coverage.

What Are The Benefits?

• Collect, parse, search, and create customer-defined correlations from AWS Network Firewall
• Increase visibility to web application attack vector
• Leverage a curated set of Alert Logic signatures covering thousands of web application exploits for an additional point of threat visibility into environments

What Is It?

Use the Alert Logic collector to collect and configure multiple log types from Amazon S3. This is a simple and straight-forward process using our marketplace-style Application Registry.

What Are The Benefits?

• Detect threats found in your Amazon S3 logs
• Utilize a step-by-step wizard to configure new sources
• Easily find S3 logs collected using keyword search in the Alert Logic console

What Is It?

Detect difficult-to-detect Windows-based “Living off the Land” ransomware attacks in which attackers use legitimate programs and processes to pull off stealthy exploits.

What Are The Benefits?

• Add additional protection to harden your environment against Windows-based ransomware attacks
• Utilize Windows PowerShell logs to discover difficult-to-detect “living off the land” attacks that appear to be legitimate processes but are actually attacker activities that precede ransomware demands
• Rely on a phone call within 15 minutes from the Alert Logic SOC when this pre-ransomware attack activity is detected, and discuss recommended remediation steps

What Is It?

Custom web applications are everywhere with small to mid-sized organizations easily having over 20 custom web apps and many more for larger companies. However, custom web applications are a highly targeted attack surface, plagued by vulnerabilities and exacerbated by blind spots caused by modern transport encryption. Web Log Analytics enhances our web app threat detection capabilities by adding log-based threat detection and addresses encryption visibility issues.

What Are The Benefits?

• Solve the security blind spot issues in web applications while virtually eliminating false positives
• Understand your most vulnerable and most attacked applications with an intuitive dashboard
• Stop attacks targeting web applications before they cause harm

What Is It?

Natively ingest logs from your Sophos endpoint detection and response solution. Easily setup and quickly configure your Sophos Intercept X logs in the Alert Logic MDR platform application registry.

What Are The Benefits?

• Meet security and compliance needs by protecting the environments and assets you rely upon
• Granularly search endpoint logs for audit and investigation purposes
• Easily find, visualize, and configure new sources

What Is It?

You can now natively ingest cloud platform logs with AWS Organizational Cloudtrails and automate the collection of AWS Cloudtrails. Additionally, native support is available for access management logs from Cisco Duo, and for endpoint logs from Sophos and Cisco AMP. You can easily setup and configure these new log sources from the Alert Logic application registry.

What Are The Benefits?

• Meet security and compliance needs by protecting the environments and assets you rely upon
• Granularly search cloud platform, access management, and endpoint logs for audit and investigation purposes
• Easily find, visualize, and configure new sources

What Is It?

Customers and partners are increasingly relying on authentication tools, so Alert Logic is expanding the types of incidents upon which you could receive alerts for OKTA, Auth0, Salesforce, Azure sign-in, O365 sign-ins, and Cisco Duo logs. Some of the incident types include brute force activity, multifactor authentication disabled, sign-ins and attempts from risky IP's, user-granted admin privileges, credential stuffing, users attempting access to admin applications, sign-ins from multiple countries within a single day, and logins from geographies that are not typical of that user.

What Are The Benefits?

• Provide increased protection by detecting and responding to new incident types
• Detect risky sign-in behavior
• Recognize when users are signing on location from unusual and/or impossible locations

What Is It?

Protect more of your endpoints with added support for Windows Server 2019 systems. Additionally, for our international customers and partners, Spanish and German language support is now available.

What Are The Benefits?

• Thwart multiple endpoint attack techniques for more systems and users
• Set your Windows system to Spanish or German and directories and reg keys will follow suit
• Use machine learning to stay ahead of attackers and zero-day attacks

What Is It?

Many of our customers leverage Istio to secure, connect, and monitor their microservices. As part of Alert Logic’s mission to integrate with and provide coverage to the assets our customers rely upon, we are pleased to announce that Alert Logic now provides integration and support for Istio.

What Are The Benefits?

• Add a layer of security and visibility to your Istio distributed microservices
• Zero touch setup - automatically inspect traffic at a deeper level when Alert Logic detects Istio is in use
• Leverage your existing security platform to cover more of your critical systems

What Is It?

Meet your security and compliance needs with native ingestion of multiple new log sources via our new Application Registry. These include Okta, AuthO, Cisco Duo, Salesforce, G Suite, Google Cloud Platform, Carbon Black, SentinelOne, Cylance, and Office 365. Also, use syslog to ingest firewall application logs including Cisco Firewalls, Fortinet firewall, Palo Alto firewall, Checkpoint firewall, Cylance

What Are The Benefits?

• Meet security and compliance needs by protecting the environments and assets you rely upon
• Granularly search cloud platform, application, network, and endpoint logs for audit and investigation purposes
• Easily find, visualize, and configure new sources

What Is It?

Alert Logic MDR is now certified by the Center of Internet Security (CIS) for the Microsoft Azure Foundations Benchmark. Assess your Azure and AWS environments against an industry standard CIS Benchmark, identify misconfigurations, and receive step-by-step remediation guidance.

What Are The Benefits?

• Leverage comprehensive assessments about how your environment conforms to configuration guidelines developed by security experts
• Quickly understand areas in which your organization has work to do to in order to meet CIS Foundations Benchmark objectives
• Search for remediations that specifically apply to the CIS Foundations Benchmark

What Is It?

Alert Logic has implemented a series of enhancements to the Incident Console to streamline work within the Alert Logic console.

What Are The Benefits?

• Overall new and improved incidents page including additional search and filter support
• Expanded adoption of the MITRE ATT&CK framework, connecting the up and down flow of an attack flow to better understand and get ahead of attackers prior to major disruption.
• Additional search support allows you to create complex queries that can combine with selected filters to further refine your incident search results.

What Is It?

Alert Logic console navigation improvements for enhanced user experience

What Are The Benefits?

• Improved navigation speed and visual consistency
• Reduction of third party cookie issues
• Consolidation of domain names and URLs utilized by Alert Logic within the console

What Is It?

Alert Logic Intelligent Response provides a flexible, scalable, and integrated approach to protect their entire IT estate.  Embedded SOAR capabilities minimize breach impact with workflows to enable response actions across network, endpoints, and cloud environments.

What Are The Benefits?

• Increased security posture providing a backstop when attacks bypass prevention tools
• Flexibility allowing customers to adopt automation at their own pace
• Simplified instant human-approval via mobile app

What Is It?

Health Exposure Notifications shorten time of notifications so users can maintain current and accurate awareness of console health status.

What Are The Benefits?

• Quickly identify collectors, appliances, and agents that are either offline, in error, or not collecting
• Receive real-time alerts when offline status is detected for agents and appliances
• Receive email notifications that guide you to the remediation of the exposure and impacted assets, reducing investigation time by focusing on the assets that require priority attention

What Is It?

Crowdstrike is the latest EDR vendor whose logs we can ingest. Easily setup and quickly configure your Crowdstrike logs in the Alert Logic MDR platform application registry.

What Are The Benefits?

• Easily create custom correlation alerts
• Run scheduled or ad hoc searches on Crowdstrike logs
• Use Crowdstrike logs to validate incidents during triage

What Is It?

For a simplied workflow, users will now see a consolidated view of 3rd party log integrations into single tile per vendor, making it quicker and easier to identify & access 3rd party log integrations

What Are The Benefits?

• Simplify user experience by making it easier to identify and configure 3rd party log collection integrations​
• Quickly leverage additional services to improve security value
• Addition of “Coming Soon” for preview of planned application releases

What Is It?

Nine new reports are now available to help demonstrate compliance of NIST 800-171. These reports can be leveraged to demonstrate compliance with the following specific control categories and objectives: NIST 800-171 3.1 Access Control, NIST 800-171 3.3 Audit and Accountability , NIST 800-171 3.4 Configuration Management, NIST 800-171 3.5 Identification and Authentication, NIST 800-171 3.6 Incident Response, NIST 800-171 3.11 Risk Assessment, NIST 800-171 3.12 Security Assessment, NIST 800-171 3.13 System and Communications Protection, NIST 800-171 3.14 System and Information Integrity

What Are The Benefits?

• In preparation for your next audit, monitor progress of compliance on an ongoing basis
• Demonstrate ongoing compliance to NIST 800-171
• Leverage the reports to minimize time required to prepare, document and demonstrate compliance

What Is It?

Increased visibility outside the protection scope providing a more holistic view of your environment and simplifying the experience to apply the right protection to match intent

What Are The Benefits?

• Gain additional granularity and control of entitlements to maximize value
• Simplify experience by applying the right protection on the Topology View
• Safely change or delete subnets to address orphaned appliances

What Is It?

Machine Learning Log Review allows you to maintain your compliance requirements of log-review while unlocking greater security value. By applying machine learning we accelerate detection of log-based anomalies based on your organization’s trends and patterns at the account, user, and host levels at scale. Machine learning log review anomaly detection will detect anomalies for Windows, LINUX, AWS, Azure, Network and Database logs.

What Are The Benefits?

• Get customized and trained results quickly with higher accuracy
• Receive incident notification via email or automated connector
• Quickly identify security outcomes with enhanced incident console experience

What Is It?

Alert Logic improves the search experience by making it more intuitive and flexible allowing you to gain context quickly.

What Are The Benefits?

• Quickly understand security incidents, allowing you to make decisions around response
• Filter with lots of granularity to perform your own investigations on general security events
• Easily share data we collect across the organization with recurring reports to satisfy compliance requirements

What Is It?

There are several new reports in the Alert Logic console to improve visibility into managed accounts and help address compliance requirements.

What Are The Benefits?

• Incident Account Summary Reports – View and drill down into incident data of all your managed accounts
• HIPAA - Document integrity controls from Alert Logic File Integrity Monitoring (FIM) to help demonstrate compliance with 164.312(c)(1)
• GDPR – Proactively monitor progress prior to your next audit and demonstrate compliance with Articles 25, 32, 33, 34, and 35

What Is It?

Additional features have been added to the vulnerability scanning experience to make it easier to meet your scanning-related business objectives. More scheduling options have been added, including quarterly and specific weekday of the month (i.e. third Wednesday of the month) options. A last scanned breakdown report has also been added, which allows you to get a tabular view of when your assets were last scanned - or not scanned - so you can adjust your scan schedules accordingly.

What Are The Benefits?

• Meet your scanning-related business objectives
• Adjust your scans to fit within the optimal windows for your business
• Better understand which assets haven't been scanned recently, particularly in large environments

What Is It?

Streamline your remediations experience with new features including CSV file exports, selecting a subsegment of assets for disposition, organizing by expiration date, and counting filtered exposures. Additionally, exposures and remediations related to Alert-Logic capability configuration have been moved to the Health Console.

What Are The Benefits?

• Streamline your remediations workflow
• Share remediation tasks with other groups in a CSV files
• Track progress and determine focus areas

What Is It?

Many IT and security organizations are using multiple ticketing or messaging platforms which require manual processes to create notifications and tickets. The new connector capability links your Alert Logic console with your IT Service Management (ITSM) or messaging system (both via webhooks) to open tickets automatically and streamline your workflow. Alert Logic connectors automate incident, observables and report notifications directly to your chosen collaboration or ticketing system. We have introduced native support for popular 3rd party ticketing & messaging platforms including Jira, Jira Service Desk (JSD), ServiceNow, PagerDuty, Slack and Microsoft Teams.

What Are The Benefits?

• Send vital security data and notifications to your favorite ITSM, email, and messaging platforms
• Streamline workflows with automated ticketing and notification based on what is most important to your business (characteristics such as severity and type)
• Gain enhanced flexibility by leveraging and customizing native templates and simplify connector configuration experience

What Is It?

We regularly talk to customers and partners who are looking for a way to extend and automate their MDR capabilities. The new Alert Logic DevNet developer portal enables you to build automation and integrations to extend and embed the Alert Logic's platform. This developer portal includes a comprehensive toolkit of command-line tools and programming language integrations, as well as a rich library of use cases so you can get started quickly.

What Are The Benefits?

• Extend, build, and integrate your MDR efforts at scale
• Integrate with any tool using comprehensive API documentation
• Rely upon clear, concise documentation help you solve common problems

What Is It?

Two new dashboards help you quickly understand your authentication application activities and incidents.

What Are The Benefits?

• Understand who is successfully and unsuccessfully attempting to log into your critical applications
• Identify patterns and trends that require immediate response or further investigation
• Streamline your workflow by starting at a high-level view and drilling down to get additional information as needed

What Is It?

Gain additional insight into configuration issues that might impact your service. Streamline your workflow with all configuration-related exposures and remediations in one central location, and quickly drill down to descriptive metadata. See automatically generated exposures and remediations for expiring SSL certifications within the health console, and in a new certification expiration report.

What Are The Benefits?

• Know with high confidence that the health state of your assets is accurate
• Address issues with high priority assets first, utilizing descriptive asset metadata for each protected node
• Easily prioritize remediation tasks based upon severity scores applied to identified exposures

What Is It?

The Threat Risk Index dashboard visually illustrates the progress you have made to improve your security posture and gives you the information you need to prioritize your efforts.

What Are The Benefits?

• Gain insight into your current threat risk
• Understand your threat risk trends over time
• Quickly recognize which of your deployments, VPCs, or networks are most exposed and susceptible to a security attack or breach

What Is It?

Easily find, visualize, and configure log sources in a new marketplace-style page within the Alert Logic MDR console. This helps you stay up to date on the latest log sources and incident types available, and what is coming soon.

What Are The Benefits?

• Configure native new log sources in three simple steps – name your application, specific the location, and supply your credentials
• Understand what log sources are active in your deployments
• Click through to get comprehensive application configuration details

What Is It?

Efficiently manage child-accounts and make decisions on where to focus your resources for maximum benefit. View aggregated security data summary and easily navigate through child-account level scorecards.

What Are The Benefits?

• Quick view of the security posture of the assets under your responsibility
• Quickly identify risky child-accounts that require immediate response or investigation
• Pinpoint unhealthy accounts, patterns, and anomalies that require immediate attention

What Is It?

The two new firewall dashboards give you insight into trends and patterns within your firewall logs. The firewall log volume dashboard showcases the total log volume processed, including number of messages, observations, and incidents generated. The firewall log security dashboard highlights incident threat levels, most frequent incident types, top targeted hosts, and more.

What Are The Benefits?

• Point-in-time snapshot of firewall security content
• View detected incidents, analyze the effectiveness of your current firewall incident response efforts, and learn about emerging threats
• Identify patterns, trends, and anomalies that require immediate response or further investigations

What Is It?

The endpoint protection dashboard gives you insight into the endpoint activity within your environment. Use this intuitive dashboard summary to quickly see: endpoint status, active platforms, malware attacks detected, most attacked users and endpoints, top attack types, blocked attacks, and responses to attacks.

What Are The Benefits?

• Understand endpoint activity
• Learn about attack patterns
• Identify users with high risk security hygiene

What Is It?

The coverage and health dashboard gives you insight into your entitlement usage and statuses in your environment. Use this intuitive dashboard to quickly see: open configuration exposures, network and collection statuses, node count and percentage usage, and unprotected node counts.

What Are The Benefits?

• Improve network protection
• Fix configuration issues
• Support optimization efforts

What Is It?

The threat summary dashboard gives you visibility into threats and incidents in your environment. Use this intuitive dashboard to quickly see: open incidents, incident threat levels and trends, classification of your incidents, countries where incidents originate, most attacked deployments and hosts, top attackers, and peer comparisons.

What Are The Benefits?

• Gain insights into types of incidents detected
• Analyze effectivness of incident response efforts
• Learn about emerging threats

What Is It?

The vulnerability summary dashboard gives you visibility into vulnerable software and cloud infrastructure in your environment. Use this intuitive dashboard to quickly see: exposure and remediation counts, severity trends, threat levels, deployments, top security remediations, most seen exposures, and most vulnerable hosts

What Are The Benefits?

• Gain insights into the effectiveness of your vulnerability management efforts
• Help prioritize remediation plans
• Early warning of new vulnerabilities

What Is It?

With the discontinuation of CentOS version 6 and 8, this update will allow customers to make appropriate adjustments that are no longer supported in the older operating system.

What Are The Benefits?

• Allows for teams to undergo security patches, vulnerabilities and bug fixes within the OS
• To ensure you maintain a robust security posture, you must complete the upgrade of your virtual appliances as outlined in our documentation resources

What Is It?

Support for verson 3.1 of the Common Vulnerability Scoring System (CVSS) now available

What Are The Benefits?

• Vulnerabilities found will correlate with current CVSS 3.1 scoring and severity thresholds
• Allows security teams to make informed decisions based on latest available security scaling and rankings

What Is It?

Alert Logic expands support for AWS Jakarta region

What Are The Benefits?

• Enables customers to spin up new instances in AWS Jakarta to protect them with products and services from Alert Logic MDR.
• Suport buildout for new regions is regularly done by Alert Logic, either triggered by customer request or by early notification from AWS.

What Is It?

Security content is now available for Mimecast.  An email security dashboard is now available and provides a visualization of the current state of top Mimecast analytics and alerts.  This provides users the ability to capture lists of top offenders and victims in a single page view/report

What Are The Benefits?

• Have introduced security related observations for use in search and correlations. Use cases include:  Malicious email detection | Apply watchlist against links/domains in Mimecast logs  | Malware email detection
• Provides a single pane of glass view for security insights, collating the information and presenting it in an easy to consume manner with the ability to investigate further.

What Is It?

Alert Logic has expanded its security use cases to include another popular EDR vendor - Crowdstrike. These following incidents can now be generated from Crowdstrike endpoint log data: Possible Malware file(s) Detected, Possible Ransomware file(s) Detected, Possible Hacktool Usage Detected

What Are The Benefits?

• Endpoint security incidents enhances your security content by providing greater visibility into threats in your environment

What Is It?

Incidents found in the Alert Logic console will continue to show Alert Logic incident classifications and now include classifications defined in the MITRE ATT&CK® framework.

What Are The Benefits?

• Visible in the Threat Intel Center, all analytics are now classified using MITRE ATT&CK framework
• Leveraging a familiar taxonomy across our analytics, incident classification, dashboards, and reporting helps security teams make impactful decisions regarding threat management

What Is It?

Alert Logic has expanded it's endpoint incident detection capabilities to include Cisco FirePower IDS/IDP, providing greater visibility into threats. Use cases include: Infected Traffic Allowed/Blocked, Server Attack Traffic Allowed/Blocked and Client-side Attack Traffic Allowed/Block

What Are The Benefits?

• Help save you time by analyzing, aggregating, and summarizing finding
• Provide better insights into Cisco Firepower events
• Inform you about any suggested actions

What Is It?

For greater visibility into threats, Alert Logic has expanded it's endpoint incident detection capabilities to include additional 3rd party endpoint and log sources such as Carbon Black, SentinelOne, Cisco Endpoint, Cylance, Sophos and Office 365. Endpoint incidents can be generated for the following incidents: Endpoints for ransomware detected, Audit and remediation (potential new malware or suspicious event detected), Outbreak of non-mitigated suspicious threats, Non-mitigated malicious threats across multiple hosts, Outbreak of malicious threats mitigated across multiple hosts, Agent that failed to remediate, and Agent with a high severity alert (malicious and non-mitigated).

What Are The Benefits?

• Create security content for 5 additional endpoint security log sources plus coverage to Office 365
• Gain geater visiblity into your environment and more extensive threat coverage
• Maintain your security posture with single pane of glass view of security incidents generated from these expanded log sources

What Is It?

Sophisticated users can now leverage expert mode search to build custom correlations to supplement the risks automatically detected by the Alert Logic platform

What Are The Benefits?

• Create more powerful custom rules
• Access additional file types such as FIM (file change events)
• Enhance alerts with cloud metadata and geo-IP lookup using expert search features

What Is It?

Organizations are leveraging multiple tools to satisfy compliance requirements, ensuring critical files maintain their integrity. Each tool has added costs in licensing, implementation, ongoing management, and training. To combat this bloat, Alert Logic is adding File Integrity Monitoring (FIM) to our MDR platform in order to detect unauthorized change events to critical files that may hide attacks or malicious insider activity. This includes integrity of system directories, registry keys, and values on the operation system.

What Are The Benefits?

• Understand when critical files have been modified or removed
• Augment an investigation with additional context
• Address PCI compliance mandates DSS 10.5.5 & 11.5

What Is It?

SOC 2 compliance is a crucial framework for cloud computing and technology organizations. To make it easier to comply with SOC 2 security requirements, Alert Logic is releasing six new reports that will help avoid surprises by proactively monitoring progress prior to your next audit. Use these reports to demonstrate compliance with specific control categories and objectives: CC 6.2 – User Registration, CC 6.3 – Access Modification and Removal, CC 6.6 – Boundary Protection, CC 6.8 - Unauthorized and Malicious Code Protection, CC 7.1 - Configuration and Vulnerability Management, CC 7.2 – Security Event and Anomaly Detection, CC 7.3 – Incident Detection and Response, and CC 7.4 – Incident Containment and Remediation. The six new SOC 2 reports will be available in the reports section of the user interface.

What Are The Benefits?

• Demonstrate ongoing security processes for complying with SOC 2
• Avoid surprises by proactively monitoring progress prior your next audit
• Lighten the operational burden and minimize the time required to prepare evidence and documentation

What Is It?

Schedule multiple scans at different intervals and duration windows, stop in-progress scans, and adjust scan intensity within the Alert Logic user console to optimize your scan performance. Leverage existing scan scope selections to perform on-demand scans for more immediate verification of your remediation efforts. New vulnerability reports are available that provide detailed asset-centric lists of your current vulnerabilities, and the variance of resolved and new vulnerabilities for a given day, week or month.

What Are The Benefits?

• Schedule multiple scans at different intervals and duration windows to meet the demands of your business
• Quickly understand the risk of new assets as they come online
• Investigate vulnerabilities by day and discover what changed between two points in time

What Is It?

Many of our customers and partners in the healthcare industry use the HITRUST Common Security Framework (HITRUST CSF) to address their information security risk and implement controls to secure protected health information. Alert Logic is releasing six reports that will help you understand how your efforts can demonstrate compliance with specific HITRUST CSF control categories and objectives.

What Are The Benefits?

• Utilize Alert Logic reports to demonstrate compliance with various regulations in the HITRUST Framework
• Gain easy access to reports specific to applicable HITRUST security controls
• Quickly understand areas in which your organization has work to do to in order to meet HITRUST objectives

What Is It?

Alert Logic and AWS are bringing automated Managed Detection and Response (MDR) deployment into AWS Control Tower managed accounts. With this new capability, AWS Control Tower users can seamlessly deploy and configure Alert Logic MDR using their existing AWS Control Tower setup, reducing the number of steps required for deployment and ensuring consistency across accounts.

What Are The Benefits?

• Tag your VPC with Alert Logic MDR Professional and automate deployment on all existing and future AWS accounts
• Accelerate the onboarding process for Alert Logic MDR and realize faster return on investment
• Ensure security controls are enforced consistently across AWS environments and confidently accelerate innovation

What Is It?

Quickly build policies that route notifications to the proper internal team members based upon threat level and escalation preference. This helps ensure that the right people always get the right notifications, so they can take action.

What Are The Benefits?

• Demonstrate to leadership point-in-time snapshot of security posture
• Move towards more proactive approach to security to minimize impact to business disruption
• Customize rules based on the unique demands of your business

What Is It?

Ingest logs and generate security incidents from some of the industry’s leading firewall providers, including Fortinet, Palo Alto, and Cisco ASA. Uncover multiple incident types including connections to blacklisted IPs and bad ASNs, remote connection application usage, new services discovered, and more.

What Are The Benefits?

• Detect threats found in your firewall network traffic
• Uncover numerous incident types including activity with blacklisted IPs and bad autonomous system numbers (ASN)
• Get alerts on high and critical firewall traffic-related incidents within 15 minutes by our 24x7 security operations center