managed detection &
Response (MDR)
What is MDR?
Growing numbers of more sophisticated cybersecurity attacks threaten your web applications, cloud infrastructure, networks, and endpoints. Failure to protect these resources results to costly penalties once a data breach occurs.
This means traditional defences are no longer enough. If your first line of defence is your only line of defence, you’re in trouble. Managed Detection and Response (MDR) is a specialist security solution that combines multiple services to keep your systems and critical data safe from attack to your business.
Managed Detection and Response combines multiple layers of defence to keep your systems and critical data safe from cyber threats.
Driven by a unique, human led approach, we bring together threat intelligence, 24/7 monitoring and incident response. You’ll always be on the front foot when it comes to hunting, detecting and responding to cyber threats.
Cyber attacks are constantly evolving. We are always watching, so breaches and gaps never cause real damage.
Managed Detection & Response Benefits:
Accelerate Your Threat Detection & Response
Your company’s security depends on being able to detect threats and respond to attacks quickly. But most organizations investigate less than 4 percent of all events they receive.
Alert Logic has a better way.
- A managed connected solution that brings an award-winning platform, cutting-edge threat intelligence, and expert defenders together
- Flexible coverage tailored to your individual business needs
- 24/7 SOC and expert remediation advice
- Simple pricing with a lower total cost than assembling your own solutions or traditional outsourcing
Compliance Without Complexity
With highly-qualified security professionals and compliance experts on staff, we help businesses understand which leading practices to adopt to ensure that the steps they take to become compliant also make them more secure.
Our solution can help you achieve compliance across multiple requirements and accelerate your audit preparation.
- Quickly understand your state of compliance without hiring new staff
- Reduce risk and eliminate vulnerabilities to improve your security posture
- Leverage automated scanning and asset discovery to help keep data safe
- Easily respond to changing requirements, auditor’s requests and mandates
- Free up resources and implement compliance best practices with informed advice and remediation steps from our compliance experts
Three Levels of Managed Detection and Response (MDR) Coverage for a Tailored Approach to Security
The Right Coverage for the Right Resources
ESSENTIAL
Vulnerability and Asset Visibility with Extended Endpoint Protection.
Hybrid Asset and Risk Discovery
The Alert Logic MDR platform has been built to provide a common view on asset vulnerabilities and configurations on all your environments.
Through Alert Logic’s dashboards, customers can rapidly see relevant information that allows targeted response and analysis of those things that affect security posture.
In-depth insights into vulnerabilities, attacker behavior, and validated security incidents are just one click away.
Endpoint Detection and Response
Alert Logic’s Endpoint protection thwarts multiple attack techniques that try to compromise your endpoints. Our multi-vector attack monitoring and isolation recognizes these techniques and stops them early before any damage is done.
Alert Logic uses signature-less machine learning to stay ahead of attackers and zero-day attacks, identifying malicious techniques and ransomware in real-time and isolating the payload.
Essential Compliance Coverage
Alert Logic provides complete compliance solutions that give customers peace of mind and deliver on best practices for PCI DSS Compliance, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2 Compliance, NIST, ISO, COBIT, and other mandates.
Cloud industry best practices can be reported on in real-time through certified CIS Benchmarking for AWS and Azure; demonstrate improvements and target activities that will improve security posture in the cloud.
Capabilities
• 24/7 Platform Support
Alert Logic’s support personnel are on hand at any time to help you get the most from the solution.
•Hybrid Asset Discovery
Alert Logic continuously gathers information about the quantity, location, and condition of assets across your enterprise in the cloud, on-premises, or in hybrid environments.
•Vulnerability Scanning
Alert Logic conducts a continuous exposure assessment and provides prioritized remediation steps based on our own intelligence research and multiple third party sources.
•PCI ASV Support
Get help with the intricacies of scanning, and interpretation of our PCI-accredited scan results to help you work through remediation and exception management to achieve compliance easily.
•Topology Map
Visualize your systems and their relationship to each other combined with status for vulnerabilities and coverage. Easily prioritize which area of your environment needs focus to improve security posture.
•Cloud Configuration Assessment
Integrations with public cloud, network, and application technologies feed the Alert Logic MDR Platform with valuable discovery, change, and configuration data to give a holistic view of your security status.
•Endpoint Protection
Cover endpoints whether online or offline, gain deep visibility across endpoints, including low-level system activity, and identify malicious techniques and ransomware in real-time.
•Real-time Reporting
Dashboards and reporting provides real-time visualizations of vulnerabilities, configuration issues, and vulnerabilities, including audit-ready reports for PCI DSS Audit and HIPAA.
•CIS Benchmarking
Alert Logic conducts a continuous exposure assessment and provides prioritized remediation steps based on our own research and intelligence, third party sources, and industry standards like CIS Benchmarks.
PROFESSIONAL
Includes Essentials
24/7 Managed Threat Detection and Incident Management.
24/7 Expert Threat Management
Alert Logic scans, monitors and assesses your systems 24/7 to detect threats and risk before they cause real damage. Our global SOC is staffed by over 150 experts in security and information technology disciplines. They combine the Alert Logic MDR platform and purpose built SOC tooling with decades of experience.
Powered by machine learning and advanced analytics, the platform, combined with our expertise, takes broad data ingestion and sifts through the data so you don’t have to.
With Alert Logic MDR Professional you will be assigned your personal MDR Concierge. Their goal is simple: ensure customers are receiving the best possible service by understanding their unique needs and facilitating those within Alert Logic.
Hybrid Threat and Risk Visibility
The Alert Logic MDR platform has been built to provide a common view on threats, vulnerabilities and configurations into all your environments.
Continuous vulnerability scanning provides a view of exposure across all your cloud, hybrid and on-premises systems, through Alert Logic’s dashboards rapidly see relevant information that allows targeted response and analysis of those things that affect your security posture.
In-depth insights into vulnerabilities, attacker behavior, and validated security incidents are just one click away.
Emerging Threat Response
Alert Logic’s MDR Platform gives our security experts an unparalleled view of attacker behavior across hundreds of thousands of systems. Threat researchers work with this data and intelligence gathered from the security community and industry feeds to identify emerging threats that can affect our customers.
The experts in our security operations center use threat hunting methods to search through massive data sets to identify customers who can be affected by these threats and alert them to vulnerable systems and work with them to stop attacks before they happen.
With hundreds of new vulnerabilities discovered every week, this capability, combined with detection of well-known and established threats, is critical to protect your organization.
Compliance Covered
Alert Logic provides complete compliance solutions that give customers peace of mind and deliver on best practices for PCI DSS Compliance, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2 Compliance, NIST, ISO, COBIT, and other mandates.
Cloud industry best practices can be reported on in real-time through certified CIS Benchmarking for AWS and Azure; demonstrate improvements and target activities that will improve security posture in the cloud.
Endpoint Detection and Response
Alert Logic’s Endpoint protection thwarts multiple attack techniques that try to compromise your endpoints. Our multi-vector attack monitoring and isolation recognizes these techniques and stops them early before any damage is done.
Uses signature-less machine learning to stay ahead of attackers and zero-day attacks, Identifying malicious techniques and ransomware in real-time and isolating the payload.
Capabilities
•24/7 Threat Management
The Alert Logic SOC operates from the USA and UK to provide round-the-clock coverage for our customers, staffed by over 150 security experts.
•15-minute Escalation SLA
Alert Logic analysts have 15 minutes to triage threats raised through hunting or the Alert Logic MDR platform, and determine if the threat requires escalation.
•Named MDR Concierge
The MDR Concierge is an expert in Alert Logic’s delivery and solutions, they provide a single point of contact and service management for customers.
•Cloud Change Monitoring
Integrations with public cloud, network and application technologies feed the Alert Logic MDR Platform with valuable discovery, change and detection data to give a holistic view on your security.
•Real-time Reporting
Dashboards and reporting provides real-time visualizations of vulnerabilities, configuration issues, and vulnerabilities, including audit-ready reports for PCI DSS Audit and HIPAA.
•Intrusion Detection
Security monitoring and threat analysis from certified security defenders to help you detect threats quickly. Receive expert guidance to quickly respond to incidents.
•Anti-Virus Integration
Alert Logic ingests AV logs and analyzes them to provide key insights for alerting and Security Operations Center (SOC) support, such as detection of known hack tools, writing to privileged locations on the local system.
•User Behavior Anomaly Detection
User behavior anomaly detection (UBAD) helps to detect and alert on suspicious user activity in enterprise environments. Machine-learning determines baseline user behavior in AWS, Azure and Office 365.
•Container Intrusion Detection
With Alert Logic, you get the industry’s only network intrusion detection solution and log management for containers – with support for AWS, Azure, Google Cloud Platform, hybrid, and on-premises environments.
ENTERPRISE
Includes Professional
Assigned SOC Analyst with Threat Hunting
Designated Security Expert
With Alert Logic MDR Enterprise, you get access to a veteran security expert in the Alert Logic Security Operations Center (SOC).
Focused on your security and business requirements, your designated security expert works as a member of your team to level up your security maturity.
In depth individualized evaluation, protection and customized response services enhance the other Alert Logic MDR services for greater insight into data exfiltration and discovery of Advanced Persistent Threats.
To achieve a truly customized experience, they work closely with the analysts in our SOC and your MDR Concierge, to get to know your business and technical environment through weekly reviews and constant communication.
This option extends your existing security team with threat research, exclusive knowledge and research on the latest attacks, all without the expense and hassle of keeping expensive cybersecurity experts, on staff.
Threat Hunting
Threat hunting is a proactive approach to threat detection that identifies and disrupts cyber threats that target your business. Multiple teams enable Alert Logic to deliver complex threat analysis. Informed by research and intelligence and based on known attack methods, and unusual activity indicators, experts in our security operations centers work to identify persistent threats.
Network telemetry, logs from security devices, applications and systems are all analyzed using custom methods and purpose-built tools to find indicators that for our hunters follow to identify threats.
From there they collect more data to rapidly uncover time-sensitive insights about active threats to reduce dwell time and stop attacks before they start.
Tailored Reporting and Consultation
Your assigned security expert performs proactive daily security reviews to identify incident and threat trends unique to your environment. Tailored reports detail key findings and recommendations, threat trends, and risk analysis.
Weekly meetings with IT and security employees in your organization are utilized to learn, understand and advise on what is critical to your business to help guide and prioritize your operations and delivery programs.
Depending on your needs, you will benefit from periodic on-site training and advice from your security expert, providing valuable insights into projects and strategy to strengthen your security programs.
Proactive Tuning and Sensor Optimization
Through continual analysis of threat indicators and behavioral data, we identify false positives and events of no relevance to the customer, which feed into the tuning procedure.
Match Alert Logic Offerings to the Criticality and Security Requirements of Your Assets
ESSENTIALS
Combat your risk of exposure to threats and protect your endpoints.Service Aspects
Implementation Support
24/7 Platform Support
PCI Dispute and PCI DSS and ASV Program Support.
Features
Hybrid Asset Discovery
Internal and External Vulnerability Scanning
Cloud Configuration Checks
Endpoint Detection and Response
PCI Scanning
Real-time Reporting
PROFESSIONAL
Comprehensive 24/7 security visibility, protection, and reporting.Service Aspects
Implementation Support
24/7 Platform Support
PCI Dispute and PCI DSS and ASV Program Support
MDR Concierge
24/7 Threat Management
15-minute Escalation SLA
Emerging Threat Response
On-Demand Tuning and Sensor Optimization
Expert Log Review
Features
Hybrid Asset Discovery
Internal and External Vulnerability Scanning
Cloud Configuration Checks
Endpoint Detection and Response
PCI Scanning
Network Monitoring
Log Data Monitoring
Log Collection and Search with 12 Month Retention*
Real-time Reporting
Cloud Security Service Integration
Cloud Change Monitoring
User Behavior Monitoring
ENTERPRISE
Enterprise Threat Hunting, individualized protection and customized response.Service Aspects
Implementation Support
24/7 Platform Support
PCI Dispute and PCI DSS and ASV Program Support
MDR Concierge
24/7 Threat Management
15-minute Escalation SLA
Emerging Threat Response
On-Demand Tuning and Sensor Optimization
Expert Log Review
Designated Security Expert
Threat Hunting
Proactive Tuning and Sensor Optimization
Extended Security Investigations
Custom Response Processes
Security Posture Reporting
Weekly Posture Review
Annual On-site
Features
Hybrid Asset Discovery
Internal and External Vulnerability Scanning
Cloud Configuration Checks
Endpoint Detection and Response
PCI Scanning
Network Monitoring
Log Data Monitoring
Log Collection and Search with 12 Month Retention*
Real-time Reporting
Cloud Security Service Integration
Cloud Change Monitoring
User Behavior Monitoring
Not sure which solution suitable for your IT Assets? Why not schedule a demo with our consultant. We will help you to choose the right coverage for you.
download brochure
Download our brochure to find out more details on each solutions.
Alert Logic Essential
Brochure
Alert Logic Container Security
Brochure
Alert Logic For Hipaa
Compliance Brochure
Siemless Threat Management Built
For AWS Brochure
Alert Logic Professional
Brochure
Alert Logic Essentials Extended
Endpoint Protection Brochure
Alert Logic Security Operations
Center As A Service Brochure
Siemless Threat Management Built
For Microsoft Azure Brochure
Alert Logic Enterprise
Brochure
Alert Logic For General Data
Protection Regulation Brochure
Security As A Service For AWS
Workloads Brochure