Wat doet Cloud Defender?
> Threats/Vulnerabilies: monitort 24/7 al het netwerk verkeer (intern/extern etc)
> Logs: verzameld en rangschikt log informatie voor ieder OS,
> Web security: beveiligt web applicaties tegen threats PCI DSS 6.6 compliance.
> ActiveWatch: Deze service is 24/7 en wordt pro-actief gemonitord
Alert Logic® Cloud Defender® gives you a single solution to monitor the security of your infrastructure at the network, system, and application layer, whether it’s located on-premises, in the cloud, or in a hybrid model. Utilising a Security-as-a-Service model, Cloud Defender improves your security visibility and compliance programs.
Certified security experts provide 24x7 monitoring of network traffic looking for threats that could compromise data or impact system availability. With real-time network monitoring and proactive incident identification, our security experts are able to notify organizations quickly when an attack is detected.
Continuously monitor and assess your environment for vulnerabilities, gain visibility into your environment, and improve your security and compliance posture with actionable intelligence.
Sources of log data are collected, aggregated, analysed and normalized by our certified security experts to identify suspicious activity that may indicate a security risk.
Secure your web applications against attacks and unusual activity to ensure your sensitive data is protected, with WAF management provided by our application security experts in our Security Operations Centre (SOC).
Continuously monitor and inspect configurations of all your applications, workloads and AWS services.
Alert Logic provides SaaS solutions for DevOps and security teams to run internal, external and PCI vulnerability scans and reports for on-premis, hosted and Cloud environments, with continuous updates to more than 92,000 Common Vulnerabilities and Exposures (CVEs) in software and certain network components.
Alert Logic combines technology with GIAC-certified security analysts to apply three levels of analytics to customer data, in order to reduce false positives, and provide more context for clear and effective remediation action.
Alert Logic’s detection capabilities deliver threat detection across the entire application and infrastructure stack, utilising real-time monitoring and incident response via 24x7x365 ActiveWatch capabilities.
Alert Logic’s WAF includes an inline proxy-based web application firewall, with negative and positive (whitelisting and blacklisting) models and a dedicated security analyst. Providing a truly premium service that:
For price, flexibility and many other reasons, organizations are increasingly looking to public cloud providers such as Amazon Web Services, Google Cloud Platform, Microsoft Azure, Rackspace Public Cloud and others to house or augment their IT infrastructure. While cloud providers deliver a strong security foundation, you are still responsible for protecting the applications and data in your cloud environment from threats such as web application attacks and brute force attempts.
Alert Logic can help. Their intrusion detection, vulnerability scanning, log management and web application firewall solutions run natively in leading public cloud environments and take advantage of unique cloud capabilities like auto scaling.
Many organizations today are using more than one cloud approach – mixing public and private clouds as well as on-premises IT infrastructure. But while a hybrid approach delivers a great deal of flexibility, it can also bring some unique security challenges because every hybrid environment is potentially unique.
Cloud’s disruptive effect on traditional enterprise security is blatant; an ongoing struggle of compromise between application, operations and security teams.
Alert Logic helps bridge "the old" and "the new" with a single workload security solution that uses APIs to integrate into AWS, Azure and traditional environments. In any environment, vulnerability scan results integrate with DevOps tools such as Jira and Jenkins while detection agents and virtual appliances can be automatically deployed through a library of templates for Chef, Puppet, Ansible and CloudFormation.
Alert Logic secure hybrid clouds with the same security solutions used in multiple IT environments—physical, virtual, private and public clouds—eliminating the need for multiple tool sets that you need to install, learn and manage. Alert Logic security and compliance solutions natively protect public cloud, hybrid cloud, and on-premises IT infrastructure. Our cloud-based service delivery model delivers three unique benefits to customers.
Security tools alone, particularly when monitoring web applications, generate mostly false positive alerts that drown out vague true positives. People skilled in web and cloud threat detection are needed to evaluate machine-generated alerts to see which merit closer scrutiny, then gather context to determine severity and potential courses of action.
With Alert Logic, experts are “included” as part of an integrated solution with people, process and technology to deliver valuable outcomes such as actionable incident reports and accurate blocking of malicious web requests. Alert Logic experts share a common set of tools and processes they help develop and continuously improve, and a multi-petabyte trove of highly consistent data from thousands of customers they use to develop state-of-the-art threat analytics. From Security Operations Centre (SOC) analysts and threat intelligence, to data scientists and signature developers, Alert Logic has assembled a “dream team” of experts from multiple disciplines so customers don’t have to. Alert Logic analysts investigate, research and analyse globally then monitor, enrich, validate and escalate incident reports on customer environments so they can stay focused on their business until it’s time to act.