In addition to common threats affecting workloads including malware, brute force, system level attacks, and privilege escalations, ActiveWatch provides detection of threats specific to web applications such as
Vulnerability, threat detection and blocking logic use deep understanding of 3rd party frameworks and libraries that span your application and infrastructure stack.
"IT security leaders should use managed detection and response services to augment existing security monitoring capabilities to address gaps in advanced threat detection and incident response before investing in more security monitoring tools (e.g., security information and event management [SIEM], network, and host-threat detection), and associated staff and expertise."
Gartner, "Market Guide for Managed Detection and Response Services", May, 2016, Bussa. Lawson, Kavanagh
Technology and experts are combined to apply three levels of analytics to reduce false positives, increase true positives and provide more context for clear action.
Inspecting data for matching one or more criteria, e.g. patterns of exploits against known vulnerabilities or transactions that violate specified parameters.
Using computer-generated algorithms that iteratively learn and improve detection accuracy under the supervision of data scientists and security analysts. Machine learning finds new ways of detecting threats without being explicitly programmed where to look. By finding mathematical patterns too complex for humans to see, machine learning is particularly good at detecting multi-stage, multi-vector attacks that don’t match existing signature patterns or anomaly parameters.
Real-time identification of historically unusual behavior, e.g. HTTP requests and responses with characteristics far beyond the normal range previously observed.
Network, log and HTTP data are remotely collected by agents and instances running inside your AWS, Azure, hosted and on-premises environments.
''Alert Logic provides the perfect mix of artificial intelligence from their product suite and human intelligence from their security operations center to give us fast remediation actions that keep us secure and compliant.''
Marcus Kern, Chief Technology Officer
24x7 Monitoring: GIAC-certified analysts in our Security Operations Center monitor customer environments globally 24x7. Alerts generated by detection technologies are vetted by analysts to reduce false positives for customers.
Incident Reports: Machine-generated incidents are enriched by experts with intelligence on the attack type and/or attacker, additional alert and incident correlation, affected resource IDs, suggested actions and other information designed to make your remediation actions more efficient and effective.
Personal Notifications: ActiveWatch analysts call, text or e-mail you within 15 minutes of high- and critical-priority attacks and can advise you on remediation options.
Alert Logic invests in proprietary research and threat intelligence to understand vulnerabilities, exploits, methods and attack behaviors across each layer of your application and infrastructure stack and the open source and commercial components within them. The result: vulnerability scans, incident reports and live consultations that give you context and confidence to know when and where to act.
Includes our full suite of managed threat detection services together with vulnerability management.
Inspects and sends network data to the ActiveWatch service as well as provides vulnerability management.
Inspects and sends HTTP data to the ActiveWatch service.
"Partnering with Alert Logic allows me to keep a leaner team. Also, instead of drowning in false positives, we only have to wake up at night when there’s an actual problem."
Wayne Moore, Head of Information Security, Simply Business
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.