Alert Logic has launched a fully-managed cloud-based security and compliance suite to protect organisations from cyber threats targeted at business critical infrastructure.
Named Cloud Defender, it combines the functionality of a managed security and incident event management (SIEM) solution without the cost and complexity of a traditional, on-premise and in-house box. Available as an on-premise, in a public cloud or in a hybrid data centre, it offers an ActiveAnalytics platform which applies threat intelligence, analytics and advanced correlation rules to automatically identify incidents impacting a company’s IT infrastructure. This platform processes over 450 million security events each month resulting in over 60,000 identified incidents for Alert Logic customers.
Also offered is Alert Logic ActiveIntelligence, a dedicated team of security experts who monitor a variety of sources to identify new and emerging threats and feed this data back into the system in the form of content such as network signatures, correlation rules and watch lists. Finally Alert Logic ActiveWatch is a managed service that provides customers with continuous, around-the-clock monitoring, investigation, and custom notification of security and compliance issues as they arise in their data centre infrastructure.
Gray Hall, CEO of Alert Logic, said: “Unlike traditional SIEM solutions that require organisations to purchase hardware, implement complex software, configure correlation rules and provide their own security content, Alert Logic Cloud Defender provides advanced technology, real-time threat detection, and automated security analytics, all managed by a team of dedicated security experts, to companies of any size.”
Misha Govshteyn, vice president of strategy and emerging products at Alert Logic, told IT Security Guru that the intention was to wrap the SIEM service around all the other products it was offering.
He said: “The problem we are trying to solve, and most of the industry has struggled with, is that we have built security products as the security market evolved; and when a new threat comes out, we build a new layer of defence for it and thus more products are formed.
“Our customer asks what IDS and WAF are, we explain and they ask us which to buy. We need to put a different product proposition in over time; so we said to our best developers to build the best thing that gives an outcome.”
Javvad Malik, senior analyst at 451 Research, told IT Security Guru that a lot of companies have trouble tuning and maintaining their SIEMs and having the in-house expertise to monitor and manage alerts that they generate.
“With that in mind, there is a market for managed SIEM, particularly if such an offering can provide context around alerts to a company,” he said.
“It’s not just enough to say to a company that there’s something suspect happening on a particular IP address, but rather package up the information in a meaningful manner e.g. something suspicious is happening, and just before that we saw a file being downloaded and this type of activity looks a lot like malware that’s been spotted elsewhere so our recommendation is to do x, y or z.
“If that can be provided (which the plan is) by a managed SIEM provider like Alert Logic, the benefit to customers will be quite significant.”