What is Cloud Insight Essentials?
Alert Logic® Cloud Insight™ Essentials is an Amazon Web Services (AWS)-native security service that shows you why, where, and how to respond to Amazon GuardDuty findings while continuously assessing your AWS configurations to find exposures and recommend actions that prevent future compromise.
With Cloud Insight Essentials you can:
You can sign up for Cloud Insight Essentials in the AWS Marketplace.
What is the difference between Cloud Insight and Cloud Insight Essentials?
Cloud Insight Essentials includes:
Cloud Insight includes all the features in Cloud Insight Essentials, plus continuous scanning for software vulnerabilities and software configuration issues found throughout your application stack. Cloud Insight Essentials includes Amazon GuardDuty Finding enrichment and continuous monitoring of security configurations in AWS. Cloud Insight includes all of the features in Cloud Insight Essentials, plus vulnerability scanning that provides Users with continuous monitoring of vulnerabilities impacting their full application stack.
Where can you buy Cloud Insight Essentials?
Cloud Insight Essentials is available through AWS Marketplace.
Where can you buy Cloud Insight?
The full version of Cloud Insight can be purchased through AWS Marketplace or directly from Alert Logic.
Customers who start with Cloud Insight Essentials can upgrade to the full version of Cloud Insight in the application and AWS Marketplace billing will be updated automatically.
How much does Cloud Insight Essentials cost?
Cloud Insight Essentials is $49.00 month (USD) per AWS account.
How much does Cloud Insight cost?
Cloud Insight is $49 month (USD) per AWS account per month plus charges for the number of EC2 instances scanned for vulnerabilities (configurable)—ranging from $0.011 to $0.004 (USD) for each EC2 instance per hour. Examples:
Cloud Insight Essentials for one AWS account, without vulnerability scanning = $49 per month
Cloud Insight Essentials for two AWS accounts, without vulnerability scanning = $98 per month
Cloud Insight for two AWS accounts with vulnerability scanning for up to 50 EC2 instances = $98 per month plus vulnerability scanning charges of $200.75 (total $298.75)
Are there any upfront commitments with Cloud Insight Essentials?
No. Cloud Insight Essentials uses the AWS Marketplace SaaS metering service, which allows you to use the service and pay an hourly fee with no commitments. You can cancel at any time and you only pay for what you use.
What is Amazon GuardDuty?
Amazon GuardDuty is a continuous security monitoring service that requires no customer-managed hardware or software. GuardDuty analyzes and processes VPC Flow Logs and AWS CloudTrail event logs. GuardDuty uses security logic and AWS usage statistics techniques to identify unexpected and potentially unauthorized and malicious activity. This can include issues like escalations of privileges, uses of exposed credentials, or communication with malicious IPs, URLs, or domains. GuardDuty informs you of the status of your AWS infrastructure and applications by producing security findings. - post launch add.
How does Cloud Insight enrich Amazon GuardDuty Findings?
Cloud Insight adds threat descriptions, response recommendations and suggestions for configuration improvements to address fundamental security flaws. Users will also have access to daily operational reports, trending reports and summary reports of the GuardDuty findings to support work activities and sharing security status.
What configuration checks does Cloud Insight Essentials perform on my AWS environment?
Cloud Insight Essentials performs over 90 checks on your AWS account including 20 CIS AWS Benchmark checks. Examples of some of the configuration checks performed are:
Misconfigurations in NACL, RDS, REDSHIFT, ROUTE53
How do I launch Cloud Insight Essentials?
Note: one of the first remediation recommendations you will see in the portal will be to enable Amazon GuardDuty and deploy Alert Logic collectors for the Guard Duty findings. Once the collectors are in place, Cloud Insight Essentials will be full provisioned.
For more detailed instructions, including key screenshots, please access Provisioning Amazon GuardDuty with Cloud Insight Essentials
How do I upgrade to the full version of Cloud Insight?
Cloud Insight Essentials provides in-app step-by-step instructions to add vulnerability scanning to enable the full version of Cloud Insight.
Note: Vulnerability scanning requires that an Alert Logic instance be deployed in each VPC
Does Cloud Insight have customer facing API’s?
You can make REST API calls to:
The top-level API areas include:
Do I need Amazon GuardDuty to use Cloud Insight Essentials?
No. You can use Cloud Insight Essentials for automatic environment discovery and configuration exposure management to prevent compromises. You can enable incident response support for GuardDuty at a later time.
Who is Cloud Insight Essentials for?
Anyone who wants to improve the security posture of their AWS environments without having to become an advanced security expert. The user interface and RESTful APIs make it ideal for Application, DevOps and other IT professionals to get started in minutes.
How long does it take to start seeing results?
Configuration issues are typically presented minutes after provisioning (depending on your traffic). If subscribed to Amazon GuardDuty, findings will appear in the Incident Console minutes after launching the Alert Logic collectors for Amazon GuardDuty findings.
What credentials are required?
You will need a valid AWS account, Alert Logic account and IAM Roles for configuration checks and GuardDuty incidents.
What is the Cloud Insight Essentials footprint in my environment?
Nothing is added to your environment for Cloud Insight Essentials - it operates on output from AWS CloudTrail and Amazon GuardDuty.
What is the software vulnerability scanning footprint in my environment?
Cloud Insight vulnerability scanning adds a scanning appliance to each subnet in each protected VPC. No agents are added to instances.
Does Cloud Insight meet PCI requirements?
Cloud Insight delivers internal vulnerability scanning functionality as required by PCI DSS 11.2.1. Customers with PCI ASV requirements should consult Alert Logic for addition of external scanning and quarterly reports of attestation.
Do I need approval from AWS prior to scanning for software vulnerabilities?
No. Cloud Insight has pre-approval from AWS, so you can scan continuously and immediately after CloudTrail reports changes or new additions to your environment.
How soon are new instances scanned for vulnerabilities?
New instances are usually scanned within an hour, sometimes sooner. After that they will be scanned once every 24 hours unless a change is reported by CloudTrail, in which case the instance will be rescanned ahead of normal schedule, usually within an hour.
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.