Alert Logic - Corporate Overview


Published on

The who, what, how, and why it is such as great time to be a part of Alert Logic.

  • Be the first to comment

  • Be the first to like this

No Downloads
Total views
On SlideShare
From Embeds
Number of Embeds
Embeds 0
No embeds

No notes for slide
  • This is a testament to our Cloud-based model that any company from any vertical can take advantage of our solution.In addition if you are using a hosting firm to outsource some of your infrastructure – it’s worth pointing out that we are the preferred security and compliance offering of leading hosting companies like Rackspace, etc. Some customer anecdotes:GSI Commerce is one of the largest processors of ecommerce transactions in the world, they handle all ecommerce operations for some very well known brick & mortar businesses like Toys “R” Us, Radio Shack, Levi’s, Ace Hardware, National Football League, NASCAR, Reebok, etc. – We help protect GSI’s datacenter where their transactions are processed, and we help them comply with the Payment Card Industry security standard.Columbia College based in Columbia, MO, has 25,000 students on 32 campuses across the US. Like most education institutions, their network is highly distributed and constantly challenged with Internet-active students who contribute to a very target-rich network threat environment. We displaced Qualys at Columbia and protect their internal network from dangerous threats.Rackspace is a premier name in the managed hosting world and is the fastest growing managed hosting specialist in the world. Rackspace was the largest Cisco IDS customer in Texas until we came along and displaced Cisco as the internal network security vendor of choice for Rackspace’s thousands of customers.
  • Although there are a number of reasons why our customers approach us to solve their IT security problems, the top two challenges they are trying to address are: Complying with regulations such as PCI DSS, HIPAA, and SOX. All of which require or suggest the use of Log Management, Vulnerability Management and Intrusion protection. Continued evolution of network threats Companies have to constantly protect themselves from never ending and evolving network threatsWe take the difficulty out of obtaining, achieving ,and affording compliance solutions by offering IDS, Vulnerability Management, and Log Management in a cloud-based delivery model. The cloud-based model removes the need to purchase expensive and complicated hardware and software solutions to buy and implement because all the infrastructure is deployed and maintained in Alert Logic’s redundant data centers.
  • Our approach is simple.Our vulnerability solution will scan your internal and external network to indentify weaknesses before an attack occurs. Once a weakness is indentified our solution will provide the information you need to fix the vulnerability to ensure your network is protected. Finding missing patches Our IDS solution is constantly monitoring your network for security events. If an attack does occur our IDS solution will indentify the security breach and generate an alert to notify you where the attack is occurring. Discover worms or botnets that are difficult to detect using any other type of technology After an attack our log management solution enables you to perform forensic analysis on the log data to determine who did what, when and to whom. You can also use log manager to generate alerts based on your log data to identify suspicious activity on your network.Detect unauthorized access attempts to your networkAll of our solutions are delivered from the cloud, which means we can eliminate hardware, software, and maintenance costs. All of the infrastructure resides in the cloud and is maintained and supported by Alert Logic.
  • One of the primary reasons our customers purchase our solution is to meet compliance standards. Our solutions cover the most expensive and labor intensive areas of compliance The following is a breakdown of the PCI and SOX requirements we satisfy with our solutions. For PCI we cover requirement 10, 11.2, and 11.4 which are the most costly and cumbersome to comply with. Examples: Vulnerability Assessment: 11.2 in PCI because Alert Logic is an Approved Scanning Vendor (ASV) for quarterly PCI scans Intrusion Protection: All mandates and regulations require or recommend an intrusion detection system. Log Management: We cover the majority of requirement 10 of PCI and DS 5.5 for Cobit. We make log review simple and automate the log management process.
  • Our vulnerability assessment offering provides both internal and external scanning at no additional charge. If a vulnerability is detected in the scan we provide a report with recommendations on how to fix the problem.Why the cloud is better: For vulnerability assessment the cloud gives companies with a distributed network the ability to have a centralized view of the entire network, including both internal and external vulnerabilities.In addition Alert Logic is an Approved Scanning Vendor for PCI DSS quarterly scans. The PCI quarterly scan report can be submitted directly to your acquiring bank.
  • Our Threat Manager solution includes intrusion protection which detects attacks in real time to protect . All of the alerts from our network appliance are fed directly into a centralized expert system hosted in our datacenter. The expert system's 7-Factor threat analysis correlates the IDS alert data with vulnerability data and real-time threat trend info from Alert Logic customers worldwide, and identifies only valid security incidents that threaten your network (our detection accuracy is greater than 99%), something a traditional standalone appliance simply cannot accomplish.7 Factors: Attacker Reputation, Nature of Exploit, Attacker Behavior, Target Asset Vulnerability, Target Asset Value, Global Threats Trends, and Attack confirmation.The cloud is better because our expert system provides a level of accuracy unmatched by on premise hardware or software based solutions.
  • Alert Logic’s Active Watch is a threat monitoring service which provides an additional layer of network security. Our certified security experts will monitor your internal network and notify you directly if a security breach or incident has occurred.The active watch team works with our customers to help them resolve the security breach or incident.
  • Log Manager was the first cloud-based log solution. With it, we collect, aggregate, and compress your log data and then perform all necessary processing and analysis in our data center, and send it back to you through our web-based UI.The cloud is better for log because our grid in the cloud provides 10X+ faster search and reporting performance unmatched by hardware or software based solutions.Ask your log vendor if they are using a relational database backend because it means that the search performance will be slower and less scalable
  • In summary.Our cloud-based solutions are easy to buy, deploy and own. With Alert Logic you won’t have to pay hardware, software, or maintenance cost. An appliance based solution can not offer you the same savings. We enable regulatory compliance by providing IDS, Vulnerability Management, and Log Management. We improve network security by detecting security incidents and vulnerabilities along with making log data available for analysis and forensics.
  • Alert Logic - Corporate Overview

    1. 1. Security and Compliance Powered by the Cloud<br />
    2. 2. Corporate Fact Sheet<br />
    3. 3. Select Alert Logic Customers<br />
    4. 4. Security and Compliance Challenge<br />IT organizations are faced with mounting pressure<br />Compliance regulations<br />PCI DSS, SOX, HIPAA, GLBA, NCUA, FFIEC, NIST, FISMA<br />Continued evolution of network threats<br />Alert Logic delivers cloud-based security and compliance solutions:<br />Vulnerability Assessment<br />Intrusion Protection<br />Log Management<br />Threat monitoring & incident response services<br />
    5. 5. Solving Key Problems<br />SECURITY<br />Vulnerability <br />Management<br />Identifying Weaknesses<br />BEFORE<br />Intrusion<br />Protection<br />IsolatingAttacks<br />DURING<br />Log<br />Management<br />InvestigatingIncidents<br />AFTER<br />DELIVERED IN-CLOUD<br /><ul><li> simple deployment
    6. 6. no capital expense
    7. 7. no maintenance
    8. 8. easy & affordable</li></li></ul><li>Compliance Requirements<br />
    9. 9. Vulnerability Assessment<br />Schedule ongoing internal and external vulnerability scans<br />Alert Logic is an Approved Scanning Vendor (ASV) for quarterly PCI scans<br />Results integrate with intrusion protection for optimum accuracy<br />Why Cloud?Centralized view of internal & external scan results for your entire network<br />
    10. 10. Intrusion Protection<br />Automatically detect thousands of incidents with built-in correlation<br />Protect your network with firewall and ACL based defensive actions<br />Continuously updated to identify latest threats<br />Why Cloud?Hosted expert system provides level of accuracy unmatched by hardware and software solutions<br />
    11. 11. Optional Monitoring Services<br />24/7 threat monitoring for rapid incident response<br />Integrated incident and case management<br />
    12. 12. Log Management<br />Collect logs from any syslog or windows source without agents<br />Always-on, on-demand log storage<br />Configure custom correlation rules and log alerts<br />Why Cloud?Non-DBMS grid computing provides 10X+ faster search and reporting performance unmatched by appliance solutions<br />
    13. 13. Cloud-based Solution<br />Instead of Deploying This:<br />Deploy This:<br />
    14. 14. Cloud-based management<br />redundant data centers, event processing and archival, analysis, reporting, compliance review and monitoring<br />On-premise collection<br />appliance based threat and vulnerability detection, log collection, compression, encryption and secure transport<br />Cloud Architecture <br />
    15. 15. Alert Logic Case Studies<br />“I’m very impressed with Alert Logic”… “By utilizing their solutions, we are able to improve our security and compliance posture and at the same time reduce the resources that we have to dedicate to fulfill those needs.”<br /> - Mark Moseley, Rosetta Stone<br />Problem<br /><ul><li>Unable to provide PCI services with appliance based solutions</li></ul>Results<br /><ul><li>Introduced new security services in less than 30 days with no investment
    16. 16. Achieved 50% margins and dramatically increased attach rate</li></ul>Problem<br /><ul><li>Achieve PCI compliance with limited budget </li></ul>Results<br /><ul><li>Rapid Implementation
    17. 17. Passed PCI Audit and ensured customer confidence
    18. 18. IT staff remained focused on internal problems</li></li></ul><li>Accolades<br />“We believe that this architecture and implementation has legs, the ability to scale - a true on-demand offering and the potential to be disruptive…” - <br />Five Star Rating<br />“With no deficiencies inany tested categories and several strengths, the product was an all around superior offering which earned our Best Buy rating.”<br />Red Herring 100<br />“…most innovative companies in North America…”<br />Hot Companies<br />“…most successful technologies and the companies behind them…”<br />
    19. 19. Benefit Summary<br />Easy to buy, deploy and use<br /><ul><li>Cloud-based solutions deliver capabilities appliances can’t match
    20. 20. No capital equipment to purchase and maintain
    21. 21. All costs included in one monthly fee</li></ul>Enables regulatory compliance <br /><ul><li>Identifies incidents and vulnerabilities that impact compliance
    22. 22. Collects, reviews, and archives log data</li></ul>Improves network security<br /><ul><li>Helps detect and remedy threats and vulnerabilities
    23. 23. Makes log data available for analysis and forensics </li>