Select Page
Home / Why Alert Logic / Intelligent Response

Alert Logic Intelligent Response™

Expert-Enabled Embedded SOAR capabilities

Comprehensive Intelligent Response

Alert Logic MDR® with Alert Logic Intelligent Response™ provides a flexible, scalable and integrated approach to protect your entire IT estate. Through a combination of automated response and expert guidance, Alert Logic delivers the options you need to reduce time-to-resolution for security-strapped teams before any serious damage impacts your business.

Use Cases

Align the correct use cases to the needs of the business.  These include: 

  • Isolate Host — Block incoming and outgoing network activity of an endpoint 
  • Disable Credentials — Block usernames and passwords from accessing the network 
  • Shun Attacker — Block an external IP attack by updating a rule at the network edge 

User Experiences

Tailored user experiences for knowledge-gapped and sophisticated security teams. 

  • Simple Mode — Wizardbased GUI to enable common response outcomes 
  • Mobile App — Simplify and accelerate human response with Alert Logic’s mobile app 
  • Expert ModeConfigurable playbooks for power users 

Risk Profile

Gain the right insights and context for your assets for the best course of action 

  • Threat Intel Center — Security content insights 
  • Asset Groups — Classify assets with similar profiles to apply policies 
  • Workflow — Sequential tasks and conditions

Broad Coverage

Execute actions on security controls across your IT estate.  

  • Endpoint — Laptops, desktops 
  • Cloud — AWS, Azure, GCP 
  • Network — Firewall, WAF 
  • Identity — Active Directory, SSO 

Detection Strength

Alert Logic MDR provides visibility into pre- and post-breach environments, analyzing data, and producing actionable insights to enable response actions through the use of: 

  • Machine Learning 
  • Analytics Engines 
  • Incident Enrichment 

Level of Automation

Adopt automation at your pace with the right balance of human interaction. 

  • Human-Guided — Add decision points within workflow where human intuition is required 
  • Fully Automated — Execute workflow 

Actions Taken

Blend multiple actions depending on the type of incident, criticality, and desired outcome. The actions consist of the following: 

  • Notify — Inform appropriate personnel 
  • Contain — Limit access to the compromised entity 
  • Eliminate — Disrupt and block access to vulnerable service
247 Threat Detection

Detection Strength and Broad Coverage

Broad Detection underpins any response strategy and its capabilities, requiring depth and breadth of coverage. Alert Logic detection leverages threat research and intelligence to conduct deep analysis of threats, as well as utilizing machine learning and incident enrichment to understand risk. This is coupled with coverage everywhere you operate by ingesting logs and gathering telemetry data across your entire environment (endpoint, cloud, network, and identity providers).

Embedded SOAR Capabilities

Alert Logic Intelligent Response™ provides you with the ability to:

  • Trigger response actions including blocking, containment, and host isolation based on the type of attack and asset targeted 
  • Notify appropriate personnel for human decision before executing action 
  • Complete audit trail of all automated actions taken 

You determine the appropriate response and Alert Logic makes it happen. 

View Simple Mode

Simple-Mode

Balancing Automation and
Human-Guided Response

In multi-cloud environments, organizations require solutions that minimize damage of a breach with the right balance of automation and human interaction. This flexibility enables you to adopt automation at your own pace: full automation streamlines workflows to enable response actions across network, endpoints, and cloud environments while human-guided automated provides much-needed context to deliver better outcomes.  Alert Logic Intelligent Response provides: 

  • Wizard-based workflow templates 
  • Timely human approval using Alert Logic’s mobile app 
  • Test integration points for response action 

Ready to Protect Your Company with Alert Logic MDR?