Advanced Threat Detection
Our threat detection and response solution cuts through noise for you 24x7
Advanced Threat Detection For Cloud-Relevant Threats
In addition to common cyber threats affecting workloads including malware, brute force, system level cyber attacks, and privilege escalations, ActiveWatch provides threat detection of specific web applications such as
- Exploits against known vulnerabilities in popular web application frameworks and other app stack components such as WordPress, Magento, PHP, Apache, ASP.Net, MongoDB and Hadoop
- Web application attack methods, including those in the OWASP Top 10 such SQL injection, cross-site scripting, cross-site request forgery, information lead/disclosure, path traversal, code inspection, input validation and authentication issues.
Web Application & Infrastructure Stack
Vulnerability, threat detection and blocking logic use deep understanding of 3rd party frameworks and libraries that span your application and infrastructure stack.
"IT security leaders should use managed detection and response services to augment existing security monitoring capabilities to address gaps in advanced threat detection and incident response before investing in more security monitoring tools (e.g., security information and event management [SIEM], network, and host-threat detection), and associated staff and expertise."
Gartner, "Market Guide for Managed Detection and Response Services", May, 2016, Bussa. Lawson, Kavanagh
Multiple Layers Of Detection Analytics Improve Accuracy
Technology and experts are combined to apply three levels of analytics to reduce false positives, increase true positives and provide more context for clear action.
Signatures & Rules
Inspecting data for matching one or more criteria, e.g. patterns of exploits against known vulnerabilities or transactions that violate specified parameters.
Supervised Machine Learning
Using computer-generated algorithms that iteratively learn and improve detection accuracy under the supervision of data scientists and security analysts. Machine learning finds new ways of detecting threats without being explicitly programmed where to look. By finding mathematical patterns too complex for humans to see, machine learning is particularly good at detecting multi-stage, multi-vector attacks that don’t match existing signature patterns or anomaly parameters.
Real-time identification of historically unusual behavior, e.g. HTTP requests and responses with characteristics far beyond the normal range previously observed.
Network, log and HTTP data are remotely collected by agents and instances running inside your AWS, Azure, hosted and on-premises environments.
''Alert Logic provides the perfect mix of artificial intelligence from their product suite and human intelligence from their security operations center to give us fast remediation actions that keep us secure and compliant.''
Marcus Kern, Chief Technology Officer
Managed Expert Detection Lets You Focus On Your Business
24x7 Monitoring: GIAC-certified analysts in our Security Operations Center monitor customer environments globally 24x7. Alerts generated by detection technologies are vetted by analysts to reduce false positives for customers.
Incident Reports: Machine-generated incidents are enriched by experts with intelligence on the attack type and/or attacker, additional alert and incident correlation, affected resource IDs, suggested actions and other information designed to make your remediation actions more efficient and effective.
Personal Notifications: ActiveWatch analysts call, text or e-mail you within 15 minutes of high- and critical-priority attacks and can advise you on remediation options.
Full-Stack Security, Experts Included
Alert Logic invests in proprietary research and threat intelligence to understand vulnerabilities, exploits, methods and attack behaviors across each layer of your application and infrastructure stack and the open source and commercial components within them. The result: vulnerability scans, incident reports and live consultations that give you context and confidence to know when and where to act.
Detection Capabilities in Alert Logic Products
Alert Logic® Cloud Defender®
Includes our full suite of managed threat detection services together with vulnerability management.
Alert Logic® Threat Manager™
Inspects and sends network data to the ActiveWatch service as well as provides vulnerability management.
Alert Logic® Log Manager™
Inspects and sends log data to the ActiveWatch service.
"Partnering with Alert Logic allows me to keep a leaner team. Also, instead of drowning in false positives, we only have to wake up at night when there’s an actual problem."
Wayne Moore, Head of Information Security, Simply Business
SCHEDULE A DEMO
Alert Logic's cloud security solution experts can help you.
Complete this form to reach our experts or you may call us direct at 877.960.3383, for the UK call +44 (0) 203 011 5533.
SCHEDULE A DEMO
Want to learn about Alert Logic products in more detail? Call us direct at +1.877.484.8383, for the UK call +44 (0) 203 011 5533, or complete this form. An Alert Logic representative will contact you soon.