With Cloud Defender, Alert Logic combines products to deliver outcome-based security



Similar documents
2012 North American Managed Security Service Providers Growth Leadership Award

KEYW uses acquired Sensage technology to form Hexis Cyber Solutions

IBM Security QRadar SIEM & Fortinet FortiGate / FortiAnalyzer

Analysis of the Global Security Information and Event Management (SIEM) and Log Management (LM) Market All Information Becomes Actionable

Web Threat Detection 5.0, the second major release under RSA for the former Silver Tail

QRadar SIEM and Zscaler Nanolog Streaming Service

Business Case Outsourcing Information Security: The Benefits of a Managed Security Service

MANAGED SECURITY SERVICES (MSS)

DETECT AND RESPOND TO THREATS FROM THE DATA CENTER TO THE CLOUD

QRadar SIEM and FireEye MPS Integration

Securely Yours LLC Top Security Topics for Sajay Rai, CPA, CISSP, CISM

WAN security threat landscape and best mitigation practices. Rex Stover Vice President, Americas, Enterprise & ICP Sales

Magic Quadrant for Global MSSPs

SHARE THIS WHITEPAPER. Top Selection Criteria for an Anti-DDoS Solution Whitepaper

Vendor Landscape: Security Information & Event Management (SIEM)

How to Define SIEM Strategy, Management and Success in the Enterprise

WHITE PAPER SPLUNK SOFTWARE AS A SIEM

THE BLIND SPOT IN THREAT INTELLIGENCE THE BLIND SPOT IN THREAT INTELLIGENCE

DEFENSE THROUGHOUT THE VULNERABILITY LIFE CYCLE WITH ALERT LOGIC THREAT AND LOG MANAGER

MANAGED SECURITY SERVICES (MSS)

How To Protect Your Virtual Infrastructure From Attack From A Cyber Threat

Managed Security Service Providers vs. SIEM Product Solutions

What is SIEM? Security Information and Event Management. Comes in a software format or as an appliance.

Accenture Cloud Platform at v3 - the Airbnb or Uber of cloud?

SIEM Optimization 101. ReliaQuest E-Book Fully Integrated and Optimized IT Security

IBM QRadar Security Intelligence April 2013

CHEAT SHEET: PCI DSS 3.1 COMPLIANCE

Magic Quadrant for Global MSSPs

The Benefits of an Integrated Approach to Security in the Cloud

W H I T E P A P E R A T r u s t e d S e c u r i t y P a r t n e r : A M u s t - H a v e i n T o d a y ' s T h r e a t L a n d s c a p e

Introducing IBM s Advanced Threat Protection Platform

SANS Top 20 Critical Controls for Effective Cyber Defense

Advanced Threat Detection: Necessary but Not Sufficient The First Installment in the Blinded By the Hype Series

Worldwide Security and Vulnerability Management Forecast and 2013 Vendor Shares

White Paper: Leveraging Web Intelligence to Enhance Cyber Security

How To Compare Managed Security Services In Australia/Pb

CaaS Think as a bad guy Petr Hněvkovský, CISA, CISSP HP Enterprise Security

IMPROVING VULNERABILITY MANAGEMENT EFFECTIVENESS WITH APPLICATION SECURITY MONITORING

Advanced Visibility. Moving Beyond a Log Centric View. Matthew Gardiner, RSA & Richard Nichols, RSA

IBM Security Operations Center Poland! Wrocław! Daniel Donhefner SOC Manager!

Safeguarding the cloud with IBM Dynamic Cloud Security

Using Monitoring, Logging, and Alerting to Improve ICS Security ICSJWG 2015 Fall Meeting October 27, 2015

Find the needle in the security haystack

Ovum Decision Matrix: Selecting a Global Telco Managed Security Services Provider

AppDynamics is making strides with its Mobile Real-User Monitoring offering

AN EXECUTIVE S GUIDE TO BUDGETING FOR SECURITY INFORMATION & EVENT MANAGEMENT

CONTINUOUS LOG MANAGEMENT & MONITORING

IMPLEMENTING A SECURITY ANALYTICS ARCHITECTURE

VMware Integrated Partner Solutions for Networking and Security

IBM QRadar as a Service

Securing business data. CNS White Paper. Cloud for Enterprise. Effective Management of Data Security

Magic Quadrant for Security Information and Event Management

Cautela Labs Cloud Agile. Secured. Threat Management Security Solutions at Work

How to Choose the Right Security Information and Event Management (SIEM) Solution

1 Introduction Product Description Strengths and Challenges Copyright... 5

IBM QRadar Security Intelligence Platform appliances

End-user Security Analytics Strengthens Protection with ArcSight

High End Information Security Services

Be Fast, but be Secure a New Approach to Application Security July 23, 2015

Preempting Business Risk with RSA SIEM and CORE Security Predictive Security Intelligence Solutions

Achieving Actionable Situational Awareness... McAfee ESM. Ad Quist, Sales Engineer NEEUR

Addressing the SANS Top 20 Critical Security Controls for Effective Cyber Defense

Separating Signal from Noise: Taking Threat Intelligence to the Next Level

Network Security Platform MSSP Vendor Rankings

IBM QRadar Security Intelligence: Evidence of Value

End-to-End Application Security from the Cloud

Security of Cloud Computing for the Power Grid

IBM Security X-Force Threat Intelligence

Unified Security, ATP and more

NY/TB RUG: The Mainframe isn t Dead: Call the Doctor not the Undertaker with Real-time Enterprise Alert Correlation

IDC MarketScape: Asia/Pacific Managed Security Services 2015 Vendor Assessment

IBM Security QRadar Vulnerability Manager

How To Buy Nitro Security

Log Management and SIEM Evaluation Checklist

Worldwide Security and Vulnerability Management Forecast and 2008 Vendor Shares

- This study provides an in-depth analysis of MSS market with current and future trends to elucidate the imminent investment pockets in the market.

ALERT LOGIC ACTIVEWATCH FOR LOG MANAGER

I D C A N A L Y S T C O N N E C T I O N

Find the intruders using correlation and context Ofer Shezaf

DDoS ATTACKS: MOTIVES, MECHANISMS AND MITIGATION

SWOT Assessment: FireMon Security Manager Suite v7.0

Whitepaper BEST PRACTICES FOR INTEGRATION AND AUTOMATION OF INCIDENT RESPONSE USING ENCASE ENDPOINT SECURITY

IBM Security QRadar Risk Manager

SIEM 2.0: AN IANS INTERACTIVE PHONE CONFERENCE INTEGRATING FIVE KEY REQUIREMENTS MISSING IN 1ST GEN SOLUTIONS SUMMARY OF FINDINGS

Transcription:

With Cloud Defender, Alert Logic combines products to deliver outcome-based security Analyst: Javvad Malik 13 Nov, 2014 Security has typically been a technology-driven area. If a company puts up a website, the network security element is fulfilled by intrusion-detection and -prevention services that are sold separately from Web application firewalls (WAFs), which provide application-level protection. Alert Logic has been seeking to turn this model on its head with a vision of outcome-based security. That is, to offer the outcome of security to a customer independent of the underlying technologies. The company has developed and acquired capabilities over the past few years, and it now feels that it is ready to deliver on that vision with its Cloud Defender offering. The 451 Take Having spent the past few years building up its technology stack, Alert Logic has amassed a rather comprehensive portfolio to deliver cloud-based SIEM for hybrid environments, which is an area of the market that buyers are increasingly turning to. However, the company is straddling the line where it is competing against established on-premises SIEM vendors as well as MSSPs, and Alert Logic will need to be wary of its market position. Context Houston-based security-as-a-service provider Alert Logic was founded in 2002, and since then it has been reporting continual strong growth. In 2013, the company reported impressive 40% growth, and it is currently at a $65m annualized run rate. With more than 2,900 customers across on-premises, hosting and cloud environments, the company has not only increased its revenue, but Copyright 2014 - The 451 Group 1

also expanded its geographical footprint with a new European security operations center (SOC) in Cardiff-Wales that has recruited 49 operators, with plans to grow to 130 over the next two years. Products Alert Logic's Cloud Defender is a managed cloud-based security and compliance suite offering SIEM-style capabilities for hybrid IT infrastructure delivered as a service. The primary objective of a SIEM or any other monitoring and detection technology is to collect information across the environment and turn it into meaningful data that can be used to better adapt security controls. Cloud Defender is designed to be able to collect and correlate information from on-premises, cloud and hybrid datacenters and analyze these logs to identify malicious or anomalistic behavior. Cloud Defender works by capturing data across an organization's environment, and then aggregating and storing it in Alert Logic's ActiveAnalytics platform. The products are deployed through a combination of physical or virtual appliances and agents. Once the data is collected, the ActiveAnalytics platform's 'big data' processing grid processes and normalizes it to enable security rule correlation and analytics utilizing ActiveAnalytics' library of correlation rules to identify behavior via log data analysis for security incident investigation. Identified incidents are enriched with input from AlertLogic's 24/7 SOC analysts, who correlate data from additional security sources such as intelligence feeds. The platform further suppresses false positives and assigns priority levels to alerts to assist in prioritization and response. The response can be undertaken either by the customer or in conjunction with the company's SOC analysts. Technology Cloud Defender is comprised of several Alert Logic product and service components. Threat Manager is a network-based IDS and vulnerability-scanning product, while Log Manager is designed to collect, aggregate and normalize log data from a multitude of environments. Web Security Manager is Alert Logic's managed WAF that detects and protects applications from attacks. ActiveAnalytics is the back-end big-data analytics and correlation engine comprised of a number of technological components, including pattern matching, anomaly detection for behavioral analytics, statistical outlier identification, and advanced machine-learning techniques. While most of the technology is AlertLogic's, it also has a partnership with Prelert. Together, this drives the analysis of customers' data from network traffic, log data and Web layering in order to identify security incidents. ActiveWatch is the managed service component that provides 24/7 monitoring of Alert Logic's products by SOC analysts who work with customers to remediate identified threats. Copyright 2014 - The 451 Group 2

ActiveIntelligence is Alert Logic's security research and intelligence gathering arm. It is comprised of a dedicated team of security researchers who seek to identify emerging threats in order to create and publish new correlation rules and intelligence feeds. Competition With its SIEM-like capabilities, Alert Logic's Cloud Defender will draw comparisons with other SIEM offerings from the likes of HP (ArcSight), IBM (QRadar), Splunk, LogRhythm, RSA, McAfee and other on-premises vendors. According to the latest Wave 17 study from TheInfoPro, a service of 451 Research, intrusion detection remains the most common MSSP service deployed, but SIEM has risen to number two at 40%. This represents a growing market opportunity that Alert Logic and others will look to capitalize on. In addition to managed and cloud-based SIEM providers such as EventTracker, Sumo Logic and eiqnetworks, Alert Logic will find itself being compared and competing with MSSPs such as Trustwave, Dell, Symantec, Verizon, IBM, NTT, BT and Accuvant. SWOT Analysis Strengths Weaknesses Copyright 2014 - The 451 Group 3

Having spent the past few years building and acquiring its technology stack, Alert Logic now has not only a comprehensive offering, but also a broad customer base. Opportunities Threats With more businesses looking to adopt managed SIEM offerings, the timing is right for Alert Logic to capitalize on market demand. The company is attempting to redefine how people think about and procure security services from an outcome perspective. While an admirable goal, changing the way businesses think and operate may require a certain amount of education. The SIEM landscape is still dominated by established players, as is the managed security arena. Alert Logic will have to keep its eye out for rivals on both sides of the fence, and adapt accordingly. Copyright 2014 - The 451 Group 4

Reproduced by permission of The 451 Group; 2014. This report was originally published within 451 Research's Market Insight Service. For additional information on 451 Research or to apply for trial access, go to: www.451research.com Copyright 2014 - The 451 Group 5

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information