DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD



Similar documents
Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

CONTINUOUS LOG MANAGEMENT & MONITORING

ALERT LOGIC LOG MANAGER & LOGREVIEW

ALERT LOGIC FOR HIPAA COMPLIANCE

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

PCI DSS Reporting WHITEPAPER

PCI DSS Top 10 Reports March 2011

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

LOG MANAGEMENT: BEST PRACTICES

IT Security & Compliance. On Time. On Budget. On Demand.

Organizational Issues of Implementing Intrusion Detection Systems (IDS) Shayne Pitcock, CISSP First Data Corporation

TekCare Secure Service Agreement

Caretower s SIEM Managed Security Services

CLOUD GUARD UNIFIED ENTERPRISE

TOP 10 WAYS TO ADDRESS PCI DSS COMPLIANCE. ebook Series

Current IBAT Endorsed Services

Log Management Solution for IT Big Data

BlackStratus for Managed Service Providers

access convergence management performance security

nfx One for Managed Service Providers

1 Introduction Product Description Strengths and Challenges Copyright... 5

Extreme Networks Security Analytics G2 Vulnerability Manager

How To Use Cautela Labs Cloud Agile.Com

SP Monitor. nfx One gives MSPs the agility and power they need to confidently grow their security services business. NFX FOR MSP SOLUTION BRIEF

Threat Center. Real-time multi-level threat detection, analysis, and automated remediation

PROGRAM OVERVIEW: ALERT LOGIC SECURITY-AS-A-SERVICE FOR SERVICE PROVIDERS

2012 North American Managed Security Service Providers Growth Leadership Award

How To Manage Security On A Networked Computer System

Payment Card Industry Data Security Standard

IBM Security IBM Corporation IBM Corporation

Boosting enterprise security with integrated log management

IBM Security QRadar Vulnerability Manager

North American Electric Reliability Corporation (NERC) Cyber Security Standard

LogInspect 5 Product Features Robust. Dynamic. Unparalleled.

Vulnerability Management

Maintaining PCI-DSS compliance. Daniele Bertolotti Antonio Ricci

IBM Security Intelligence Strategy

Cloud and Data Center Security

LogPoint 5.1 Product Features Robust. Dynamic. Unparalleled.

Trend Micro. Advanced Security Built for the Cloud

HP Application Security Center

End-user Security Analytics Strengthens Protection with ArcSight

Trend Micro. Secure virtual, cloud, physical, and hybrid environments easily and effectively INTRODUCTION

How To Buy Nitro Security

QRadar SIEM 6.3 Datasheet

Trend Micro Cloud Security for Citrix CloudPlatform

What is Security Intelligence?

Cloud Assurance: Ensuring Security and Compliance for your IT Environment

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Bio-inspired cyber security for your enterprise

Q1 Labs Corporate Overview

I D C A N A L Y S T C O N N E C T I O N

whitepaper Ten Essential Steps for Achieving Continuous Compliance: A Complete Strategy for Compliance

How To Protect Your Cloud From Attack

LogRhythm and NERC CIP Compliance

PCI Requirements Coverage Summary Table

Clavister InSight TM. Protecting Values

NitroView. Content Aware SIEM TM. Unified Security and Compliance Unmatched Speed and Scale. Application Data Monitoring. Database Monitoring

THREE KEYS TO COST-EFFECTIVE SECURITY FOR YOUR SMALL BUSINESS

Is Your Network a Sitting Duck? 3 Secrets to Securing Your Information Systems. Presenter: Matt Harkrider. Founder, Alert Logic

The SIEM Evaluator s Guide

Cisco Security Intelligence Operations

ALERT LOGIC ACTIVEWATCH FOR LOG MANAGER

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Achieving Regulatory Compliance through Security Information Management

NEC Managed Security Services

CORE Security and the Payment Card Industry Data Security Standard (PCI DSS)

whitepaper The Benefits of Integrating File Integrity Monitoring with SIEM

UNIFIED THREAT MANAGEMENT SOLUTIONS AND NEXT-GENERATION FIREWALLS ADMINISTRATION TOOLS NETWORK SECURITY I ENDPOINT SECURITY I DATA SECURITY

with Managing RSA the Lifecycle of Key Manager RSA Streamlining Security Operations Data Loss Prevention Solutions RSA Solution Brief

White Paper Achieving PCI Data Security Standard Compliance through Security Information Management. White Paper / PCI

White Paper Achieving GLBA Compliance through Security Information Management. White Paper / GLBA

SECURITY & COMPLIANCE IN THE CLOUD AGE

How to Choose the Right Security Information and Event Management (SIEM) Solution

RSA envision. Platform. Real-time Actionable Security Information, Streamlined Incident Handling, Effective Security Measures. RSA Solution Brief

Secret Server Splunk Integration Guide

PCI Requirements Coverage Summary Table

Managed Services. Business Intelligence Solutions

Managed Intrusion, Detection, & Prevention Services (MIDPS) Why Sorting Solutions? Why ProtectPoint?

LOG MANAGEMENT AND SIEM FOR SECURITY AND COMPLIANCE

Data Sheet: Vigilant Web Application Firewall. Where every interaction matters. Security-as-a-Service. Fully Managed Solution

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

Cyberoam Perspective BFSI Security Guidelines. Overview

THE FIRST UNIFIED DATABASE SECURITY SOLUTION. Product Overview Security. Auditing. Caching. Masking.

Full-Context Forensic Analysis Using the SecureVue Unified Situational Awareness Platform

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

Swordfish

Overcoming PCI Compliance Challenges

The Business Value of Managed Security Services

Infor CloudSuite. Defense-in-depth. Table of Contents. Technical Paper Plain talk about Infor CloudSuite security

MANAGED SECURITY SERVICES (MSS)

TRIPWIRE NERC SOLUTION SUITE

8 Key Requirements of an IT Governance, Risk and Compliance Solution

Total Protection for Compliance: Unified IT Policy Auditing

CONTENTS. PCI DSS Compliance Guide

SECURITY ANALYTICS MOVES TO REAL-TIME PROTECTION

CloudPassage Halo Technical Overview

Detect & Investigate Threats. OVERVIEW

Vistara Lifecycle Management

Transcription:

SOLUTION OVERVIEW: ALERT LOGIC THREAT MANAGER WITH ACTIVEWATCH DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD Protecting your infrastructure requires you to detect threats, identify suspicious network traffic, and respond quickly whether the problem is in your own data center, a hosted environment or the cloud. How do you get a global view of the threats impacting all of your infrastructure, day or night, without massive investments in multiple solutions and additional staff? Alert Logic Threat Manager with ActiveWatch Services gives you 24x7 network threat detection, monitored by Alert Logic s Security Operations Center (SOC), for the entire IT environment. Our patented expert system, driven by global threat data, identifies potential problems for our analysts to investigate acting as an extension of your team, day and night, keeping an eye on suspicious activity. HOW THREAT MANAGER WORKS Threat Manager identifies suspicious activity in network traffic, quickly identifying threats to your IT assets so that you can respond. We monitor network traffic and analyze billions of events with a patented expert system. Using intelligent multifactor correlation, we identify security events requiring attention. After validation by a Level 1 SOC analyst, we notify you with recommended actions/responses. When needed, senior specialist teams are engaged to assist you. You can also implement automated blocking through integration with your network firewalls. We give you insight into the real threats in your environments, helping you make more informed security investment and resource decisions. When the security program is driven by a clear understanding of the real threats affecting your network, your efforts and investments will provide more benefit and significantly enhance your security posture.

We help you meet compliance challenges. Threat Manager s intrusion detection and vulnerability scanning capabilities provide key elements to address the requirements of PCI DSS, HIPAA/HITECH, GLBA, Sarbanes-Oxley, and other mandates. Compliance-specific reporting makes it easy to evaluate and document your compliance stance. Alert Logic is a PCI-Approved Scanning Vendor (ASV). You get these benefits without a large investment, staff burden or distractions from your strategic IT initiatives. Securityas-a-Service delivery gives you Threat Manager with ActiveWatch for a fixed monthly fee, including all monitoring, software and our 24x7 Security Operations Center (SOC) to validate incidents and provide support. You access your Threat Manager data through a web interface the very same one used by our analysts. There s no complex integration or implementation, no upgrades just the latest security technology and the sharpest analysts, working for you 24 hours a day, 7 days a week. THE RIGHT SECURITY APPROACH MEANS BETTER SECURITY OUTCOMES Alert Logic s approach is fundamentally different from traditional security vendors, who sell powerful technology that you need to implement and support until it s time to replace it. If you ve ever seen complex implementation and large investment produce disappointing results, you know the challenges. With Alert Logic, you pay for specific security capabilities and our expertise in delivering them, and you don t make a capital investment to get it. In the age of fastchanging threats and distributed infrastructure, Security-as-a-Service gives you the outcomes you need

THREAT MANAGER DEPLOYMENT 1 2 3 In the protected environment, Threat Manager passively collects network traffic data and transports it to Alert Logic through SSL channels Physical appliance Virtual Appliance Agents with virtual tap Events are analyzed by Alert Logic s expert system. Intelligent multifactor correlation identifies suspicious patterns of events, and creates actionable incidents. Alert Logic security analysts investigate incidents and check for false positives. Valid incidents are escalated according to the customer s requirements, and analysts work with customers to help remediate threats and attacks. ALERT LOGIC SECURITY RESEARCH TEAM Alert Logic s security researchers provide the expertise and leading-edge threat intelligence that makes Threat Manager so effective. Studying emerging threats, data from our global customer base, and third-party sources, the research team drives development of security content for Threat Manager s expert system, correlation rules, and best practices for resolving incidents. RESEARCH CONTENT DEVELOPMENT EXPERT SYSTEM Real-time customer data from more than 2,500 customers Alert Logic security and emerging threat research Third-party security information sources and feeds IDS and vulnerability signatures Correlation rules Remediation and resolution documentation Performance and accuracy tools Patented correlation engine based on global view of threat data Continuously analyzes millions of data points into meaningful intelligence

ACTIVEWATCH: EXPERT SECURITY SERVICES FOR THREAT MANAGER The ActiveWatch team augments your existing IT team to ensure rapid detection and response to network incidents. In addition to monitoring the network traffic flows for incidents, the SOC team reviews suspicious network traffic to identify zero-day attacks that might not otherwise trigger an alert. This intelligent review and response by industry professionals not only increases the overall visibility into your network, it reduces the potential for false positive alarms and helps identify zero-day attacks that may have slipped by or gone unnoticed. When an incident or suspicious network activity is detected, the ActiveWatch team will conduct an analysis of the situation and notify your staff based on predetermined escalation procedures. They will work with your team to perform in-depth analysis and assessment of the incident and recommend containment and mitigation actions. ActiveWatch also includes integrated incident and case management capabilities that allow customers to track and report on incident trends across their entire enterprise, including the services hosted outside of the internal perimeter. This capability provides an audit trail of suspicious findings and gives a historical record of the response and actions from start to finish. Additional services, including daily review by a senior security analyst, weekly reporting on security posture based on business goals, and review of NetFlow for enhanced detection of malware and advanced persistent threats are also available. SUMMARY OF VULNERABLE HOSTS CONFIGURE BLOCKING THROUGH AUTOMATIC FIREWALL UPDATES

THREAT MANAGER & ACTIVEWATCH FEATURES DESIGNED FOR DEPLOYMENT IN ANY ENVIRONMENT Deploys in public and private clouds and supports elastic scaling Provides a single view into cloud, hosted and on-premises infrastructure Usage-based pricing to match your cloud consumption model THREAT SIGNATURES AND RULES 52,000+ IDS signature database; new signatures updated weekly Rule set consolidated from multiple sources o o Alert Logic security research team o o Emerging threats o o Open source, third-party collaboration Real-time signature updates to Alert Logic expert system Custom rule creation and editing VULNERABILITY ASSESSMENT AND INTRUSION DETECTION Unlimited internal and external scans Broad scanning and detection visibility Network infrastructure Server infrastructure Business-critical applications Web technologies (IPV6, Ajax, SQL injection, etc.) SSL-based intrusion traffic ANALYSIS AND REPORTING Dozens of dashboards and reports available out of the box Custom reporting capabilities Common Vulnerability Scoring System (CVSS) to assess risks Audit-ready reports Detailed vulnerability and host reports provide detailed descriptions and lists of impacted hosts, risk levels and remediation tips Single web-based console for entire environment o o User management and administration o o Dashboards and drill-down analysis o o Report scheduling, creation and review o o Scan scheduling and results review

INTEGRATED MANAGED SECURITY SERVICES GIAC-certified security analysts and researchers 24x7 state-of-the-art Security Operations Center Trained experts in Alert Logic solutions Monitoring, analysis and expert guidance capabilities Customized alerting and escalation procedures Daily review by senior analyst and weekly reporting available Review of NetFlow data for enhanced malware and APT detection available COMPLIANCE SUPPORT PCI Approved Scanning Vendor (ASV) PCI Level 2 Audited Vendor Support for multiple compliance mandates o o PCI DSS, HIPAA, SOX, GLBA, CoBIT, etc. 6-month storage of all raw IDS event data SSAE 16 Type II Verified data centers Indefinite storage and archival of incident analysis and cases Rapidly deploy and scale as needed Pay-as-you-go; minimal capital expenditure SECURITY-AS-A- SERVICE DELIVERY Always utilize latest software and signature database No hidden costs subscription includes: software and hardware upgrades, maintenance and patches Architected for multi-tenant support Easily deploy in public cloud, private cloud, managed hosting, enterprise data center or hybrid environments ABOUT ALERT LOGIC Alert Logic, the leader in security and compliance solutions for the cloud, provides Security-as-a-Service for on-premises, cloud, and hybrid infrastructures, delivering deep security insight and continuous protection for customers at a lower cost than traditional security solutions. Fully managed by a team of experts, the Alert Logic Security-as-a-Service solution provides network, system and web application protection immediately, wherever your IT infrastructure resides. Alert Logic partners with the leading cloud platforms and hosting providers to protect over 3,000 organizations worldwide. Built for cloud scale, our patented platform stores petabytes of data, analyses over 400 million events and identifies over 50,000 security incidents each month, which are managed by our 24 7 Security Operations Center. Alert Logic, founded in 2002, is headquartered in Houston, Texas, with offices in Seattle, Dallas, Cardiff, Belfast and London. For more information, please visit www.alertlogic.com. 2015 Alert Logic, Inc. All rights reserved. Alert Logic and the Alert Logic logo are trademarks, registered trademarks, or servicemarks of Alert Logic, Inc. All other trademarks listed in this document are the property of their respective owners. 030315US

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information