managed detection &
Response (MDR)

What is MDR?

Growing numbers of more sophisticated cybersecurity attacks threaten your web applications, cloud infrastructure, networks, and endpoints. Failure to protect these resources results to costly penalties once a data breach occurs.

This means traditional defences are no longer enough. If your first line of defence is your only line of defence, you’re in trouble. Managed Detection and Response (MDR) is a specialist security solution that combines multiple services to keep your systems and critical data safe from attack to your business.

Managed Detection and Response combines multiple layers of defence to keep your systems and critical data safe from cyber threats.

Driven by a unique, human led approach, we bring together threat intelligence, 24/7 monitoring and incident response. You’ll always be on the front foot when it comes to hunting, detecting and responding to cyber threats.

Cyber attacks are constantly evolving. We are always watching, so breaches and gaps never cause real damage. 

Managed Detection & Response Benefits:

Accelerate Your Threat Detection & Response

Your company’s security depends on being able to detect threats and respond to attacks quickly. But most organizations investigate less than 4 percent of all events they receive.

Alert Logic has a better way.

  • A managed connected solution that brings an award-winning platform, cutting-edge threat intelligence, and expert defenders together
  • Flexible coverage tailored to your individual business needs
  • 24/7 SOC and expert remediation advice
  • Simple pricing with a lower total cost than assembling your own solutions or traditional outsourcing

Compliance Without Complexity

With highly-qualified security professionals and compliance experts on staff, we help businesses understand which leading practices to adopt to ensure that the steps they take to become compliant also make them more secure.

Our solution can help you achieve compliance across multiple requirements and accelerate your audit preparation.

  • Quickly understand your state of compliance without hiring new staff
  • Reduce risk and eliminate vulnerabilities to improve your security posture
  • Leverage automated scanning and asset discovery to help keep data safe
  • Easily respond to changing requirements, auditor’s requests and mandates
  • Free up resources and implement compliance best practices with informed advice and remediation steps from our compliance experts

Three Levels of Managed Detection and Response (MDR) Coverage for a Tailored Approach to Security

The Right Coverage for the Right Resources

ESSENTIAL

Vulnerability and Asset Visibility with Extended Endpoint Protection.

 

Hybrid Asset and Risk Discovery

The Alert Logic MDR platform has been built to provide a common view on asset vulnerabilities and configurations on all your environments.

Through Alert Logic’s dashboards, customers can rapidly see relevant information that allows targeted response and analysis of those things that affect security posture.

In-depth insights into vulnerabilities, attacker behavior, and validated security incidents are just one click away.

    Endpoint Detection and Response

    Alert Logic’s Endpoint protection thwarts multiple attack techniques that try to compromise your endpoints. Our multi-vector attack monitoring and isolation recognizes these techniques and stops them early before any damage is done.

    Alert Logic uses signature-less machine learning to stay ahead of attackers and zero-day attacks, identifying malicious techniques and ransomware in real-time and isolating the payload.

      Essential Compliance Coverage

      Alert Logic provides complete compliance solutions that give customers peace of mind and deliver on best practices for PCI DSS Compliance, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2 Compliance, NIST, ISO, COBIT, and other mandates.

      Cloud industry best practices can be reported on in real-time through certified CIS Benchmarking for AWS and Azure; demonstrate improvements and target activities that will improve security posture in the cloud.

        Capabilities
        • 24/7 Platform Support

        Alert Logic’s support personnel are on hand at any time to help you get the most from the solution.

        •Hybrid Asset Discovery

        Alert Logic continuously gathers information about the quantity, location, and condition of assets across your enterprise in the cloud, on-premises, or in hybrid environments.

        •Vulnerability Scanning

        Alert Logic conducts a continuous exposure assessment and provides prioritized remediation steps based on our own intelligence research and multiple third party sources.

        •PCI ASV Support

        Get help with the intricacies of scanning, and interpretation of our PCI-accredited scan results to help you work through remediation and exception management to achieve compliance easily.

        •Topology Map

        Visualize your systems and their relationship to each other combined with status for vulnerabilities and coverage. Easily prioritize which area of your environment needs focus to improve security posture.

        •Cloud Configuration Assessment

        Integrations with public cloud, network, and application technologies feed the Alert Logic MDR Platform with valuable discovery, change, and configuration data to give a holistic view of your security status.

        •Endpoint Protection

        Cover endpoints whether online or offline, gain deep visibility across endpoints, including low-level system activity, and identify malicious techniques and ransomware in real-time.

        •Real-time Reporting

        Dashboards and reporting provides real-time visualizations of vulnerabilities, configuration issues, and vulnerabilities, including audit-ready reports for PCI DSS Audit and HIPAA.

        •CIS Benchmarking

        Alert Logic conducts a continuous exposure assessment and provides prioritized remediation steps based on our own research and intelligence, third party sources, and industry standards like CIS Benchmarks.

          PROFESSIONAL

          Includes Essentials
          24/7 Managed Threat Detection and Incident Management.

          24/7 Expert Threat Management

          Alert Logic scans, monitors and assesses your systems 24/7 to detect threats and risk before they cause real damage. Our global SOC is staffed by over 150 experts in security and information technology disciplines. They combine the Alert Logic MDR platform and purpose built SOC tooling with decades of experience.

          Powered by machine learning and advanced analytics, the platform, combined with our expertise, takes broad data ingestion and sifts through the data so you don’t have to.

          With Alert Logic MDR Professional you will be assigned your personal MDR Concierge. Their goal is simple: ensure customers are receiving the best possible service by understanding their unique needs and facilitating those within Alert Logic.

          Hybrid Threat and Risk Visibility

          The Alert Logic MDR platform has been built to provide a common view on threats, vulnerabilities and configurations into all your environments.

          Continuous vulnerability scanning provides a view of exposure across all your cloud, hybrid and on-premises systems, through Alert Logic’s dashboards rapidly see relevant information that allows targeted response and analysis of those things that affect your security posture.

          In-depth insights into vulnerabilities, attacker behavior, and validated security incidents are just one click away.

          Emerging Threat Response

          Alert Logic’s MDR Platform gives our security experts an unparalleled view of attacker behavior across hundreds of thousands of systems. Threat researchers work with this data and intelligence gathered from the security community and industry feeds to identify emerging threats that can affect our customers.

          The experts in our security operations center use threat hunting methods to search through massive data sets to identify customers who can be affected by these threats and alert them to vulnerable systems and work with them to stop attacks before they happen.

          With hundreds of new vulnerabilities discovered every week, this capability, combined with detection of well-known and established threats, is critical to protect your organization.

            Compliance Covered

            Alert Logic provides complete compliance solutions that give customers peace of mind and deliver on best practices for PCI DSS Compliance, HIPAA HITECH, GDPR, Sarbanes-Oxley (SOX), SOC 2 Compliance, NIST, ISO, COBIT, and other mandates.

            Cloud industry best practices can be reported on in real-time through certified CIS Benchmarking for AWS and Azure; demonstrate improvements and target activities that will improve security posture in the cloud.

            Endpoint Detection and Response

            Alert Logic’s Endpoint protection thwarts multiple attack techniques that try to compromise your endpoints. Our multi-vector attack monitoring and isolation recognizes these techniques and stops them early before any damage is done.  

             Uses signature-less machine learning to stay ahead of attackers and zero-day attacks, Identifying malicious techniques and ransomware in real-time and isolating the payload. 

            Capabilities
            •24/7 Threat Management

            The Alert Logic SOC operates from the USA and UK to provide round-the-clock coverage for our customers, staffed by over 150 security experts.

            •15-minute Escalation SLA

            Alert Logic analysts have 15 minutes to triage threats raised through hunting or the Alert Logic MDR platform, and determine if the threat requires escalation.

            •Named MDR Concierge

            The MDR Concierge is an expert in Alert Logic’s delivery and solutions, they provide a single point of contact and service management for customers.

            •Cloud Change Monitoring

            Integrations with public cloud, network and application technologies feed the Alert Logic MDR Platform with valuable discovery, change and detection data to give a holistic view on your security.

            •Real-time Reporting

            Dashboards and reporting provides real-time visualizations of vulnerabilities, configuration issues, and vulnerabilities, including audit-ready reports for PCI DSS Audit and HIPAA.

            •Intrusion Detection

            Security monitoring and threat analysis from certified security defenders to help you detect threats quickly. Receive expert guidance to quickly respond to incidents.

            •Anti-Virus Integration

            Alert Logic ingests AV logs and analyzes them to provide key insights for alerting and Security Operations Center (SOC) support, such as detection of known hack tools, writing to privileged locations on the local system.

            •User Behavior Anomaly Detection

            User behavior anomaly detection (UBAD) helps to detect and alert on suspicious user activity in enterprise environments. Machine-learning determines baseline user behavior in AWS, Azure and Office 365.

            •Container Intrusion Detection

            With Alert Logic, you get the industry’s only network intrusion detection solution and log management for containers – with support for AWS, Azure, Google Cloud Platform, hybrid, and on-premises environments.

            ENTERPRISE

            Includes Professional
            Assigned SOC Analyst with Threat Hunting

            Designated Security Expert

            With Alert Logic MDR Enterprise, you get access to a veteran security expert in the Alert Logic Security Operations Center (SOC).

            Focused on your security and business requirements, your designated security expert works as a member of your team to level up your security maturity.

            In depth individualized evaluation, protection  and customized response services enhance the other Alert Logic MDR services for greater insight into data exfiltration and discovery of Advanced Persistent Threats.

            To achieve a truly customized experience, they work closely with the analysts in our SOC and your MDR Concierge, to get to know your business and technical environment through weekly reviews and constant communication.

            This option extends your existing security team with threat research, exclusive knowledge and research on the latest attacks, all without the expense and hassle of keeping expensive cybersecurity experts, on staff.

              Threat Hunting

              Threat hunting is a proactive approach to threat detection that identifies and disrupts cyber threats that target your business. Multiple teams enable Alert Logic to deliver complex threat analysis. Informed by research and intelligence and based on known attack methods, and unusual activity indicators, experts in our security operations centers work to identify persistent threats.

              Network telemetry, logs from security devices, applications and systems are all analyzed using custom methods and purpose-built tools to find indicators that for our hunters follow to identify threats.

              From there they collect more data to rapidly uncover time-sensitive insights about active threats to reduce dwell time and stop attacks before they start.

                Tailored Reporting and Consultation

                Your assigned security expert performs proactive daily security reviews to identify incident and threat trends unique to your environment. Tailored reports detail key findings and recommendations, threat trends, and risk analysis.

                Weekly meetings with IT and security employees in your organization are utilized to learn, understand and advise on what is critical to your business to help guide and prioritize your operations and delivery programs.

                Depending on your needs, you will benefit from periodic on-site training and advice from your security expert, providing valuable insights into projects and strategy to strengthen your security programs.

                  Proactive Tuning and Sensor Optimization
                  Thanks to their intimate knowledge of your organization, systems and security controls, your designated security expert can act as an extension of your team, working in the background to configure, tune, and optimize the Alert Logic technologies and processes based on your unique profile and change programs.

                  Through continual analysis of threat indicators and behavioral data, we identify false positives and events of no relevance to the customer, which feed into the tuning procedure.

                  Match Alert Logic Offerings to the Criticality and Security Requirements of Your Assets

                  Not sure which solution suitable for your IT Assets? Why not schedule a demo with our consultant. We will help you to choose the right coverage for you.

                  download brochure

                  Download our brochure to find out more details on each solutions.

                  Alert Logic Essential

                  Brochure

                  Alert Logic Container Security

                  Brochure

                  Alert Logic For Hipaa

                  Compliance Brochure

                  Siemless Threat Management Built

                  For AWS Brochure

                  Alert Logic Professional

                  Brochure

                  Alert Logic Essentials Extended

                  Endpoint Protection Brochure

                  Alert Logic Security Operations

                  Center As A Service Brochure

                  Siemless Threat Management Built

                  For Microsoft Azure Brochure

                  Alert Logic Enterprise

                  Brochure

                  Alert Logic For General Data

                  Protection Regulation Brochure

                  Security As A Service For AWS

                  Workloads Brochure