Expel vs Fortra's Alert Logic MDR comparison

Expel and Fortra are both solutions in the SOC as a Service category. Expel is ranked #5 with an average rating of 9.0, while Fortra is ranked #4 with an average rating of 8.3. Additionally, 100% of Expel users are willing to recommend the solution, compared to 92% of Fortra users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Nov 24, 2024

Fortra's Alert Logic MDR and Expel compete in the managed detection and response market. Expel appears to have the upper hand due to its superior features despite a higher price point.

Features: Fortra's Alert Logic MDR delivers extensive threat intelligence, automated responses, and ensures basic MDR functions. Expel offers advanced analytics, proactive threat detection, and seamless integration capabilities, resulting in more comprehensive protection.

Ease of Deployment and Customer Service: Alert Logic MDR ensures straightforward deployment and strong customer support centered on onboarding and ongoing service. Expel facilitates cloud-based deployment with quick integration, ensuring swift time-to-value and robust service, making it attractive for rapid and effective deployment needs.

Pricing and ROI: Fortra's Alert Logic MDR offers competitive pricing with a solid return on investment, providing good value for those on a budget. Expel, though with higher initial costs, aims for a substantial ROI via its advanced capabilities, indicating that the investment pays off in long-term security outcomes.

To learn more, read our detailed SOC as a Service Report (Updated: November 2024).

Buyer's Guide

SOC as a Service

November 2024

Download the complete report

Helped 823,875 peers since 2012

Categories and Ranking

Binary Defense MDR

Featured Reviews

Rich Ullom

AVP, IT Security Compliance and Audit/Information Security Officer at Western Reserve Group

Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert

This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.

Read full review

reviewer2578461

MDR Specialist at GuidePoint Security

Rapid threat management and diverse technology integration for effective monitoring

Expel has made it easier for companies to monitor and manage various log sources. With its vast integration portfolio, customers can efficiently monitor diverse environments. Time to value is quick, as Expel can turn their service up very rapidly. They have both automated active responses and human processes that quicken threat resolution.

Read full review

reviewer1525833

Site Reliability Engineer at a retailer with 10,001+ employees

Great reporting and session logic with an easy initial setup

The initial setup isn't too difficult. It's pretty straightforward. An organization shouldn't have too much trouble with the setup. The deployment is very fast. It doesn't take too much time at all. It's likely less than five minutes. Honestly, it's almost instantaneous. There is no mapping. Once you're done with the customization you can use it. It's not time-consuming. The customization part is based on whatever keywords and attributes you are adding, and that's less than a minute of time to handle. There is no time consumed. You just need to add to a filter. You don't really need to worry about having too much maintenance. It's not required really. Maybe once the log is full, you may require a maintenance checkup of six months on. We have a server team that manages that aspect.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."

"Binary Defense's most valuable feature is the 24/7 monitoring and threat hunting. Their team checks the latest breaches and how they're done."

"Binary Defense is comprehensive. We see most of the questionable activity. Once you see things a couple of times and are familiar with the processes, you know what those are. The level of activity is definitely favorable."

"The case interface is Binary Defense MDR's most valuable feature."

"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."

"In the six months we have been with Binary Defense on this, they run with the ball. They take care of our problems. When we get a ticket, they do not just give us a report."

"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."

"The best part about Binary Defense MDR is that it runs on everything, and they keep an eye on things 24/7."

More Binary Defense MDR pros

"Their threat hunting protocol and process with AI and machine learning are strong, allowing for active and rapid responses."

"The solution was consistently available, and I cannot recall any instances where it was down."

"The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."

"The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."

"Everything is in one dashboard; I'm notified when there's an incident and advised on what steps to take."

"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."

"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."

"It is a very stable product."

"It improves our security. Before, we didn't have anything scanning our containers. We had software scanning all the physical servers, but we had nothing to scan our containers. With Alert Logic, we can do that."

More Fortra's Alert Logic MDR pros

Cons

"We found a couple of bugs in the user interface."

"The current reporting system could benefit from improvement."

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."

"The most significant area for improvement is in support for non-English speakers; we're a global organization, so many of our users are not English speakers, which can make interacting with them a challenge. There's no Chinese language support, so we must rely on what we can do with the internet. We don't expect Binary Defense to build a language staff, but details can get lost in translation when we assume the whole world speaks English."

"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."

"While my understanding is that they're working on this, I would like to see some more of the quantification or reporting."

"It's sometimes difficult to know when to engage Binary Defense or TrustedSec, their sister company. TrustedSec is more focused on offensive security, as opposed to the defensive security that the MDR solution provides. It would be awesome if there were a better bridge between that relationship for when we need to get more proactive services or when we need to do a penetration test."

"The only area I see for improvement with Binary Defense is their service portal. It could benefit from some enhancements."

More Binary Defense MDR cons

"The one area where Expel may not measure up is if a customer requires a managed SIEM as part of their overall solution. There's a gap there, and solutions might require third-party assistance for management."

"As a user involved with the user interface, I believe there is a need to continue improving it based on feedback from our customers."

"They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance."

"The documentation, especially with the initial setup, needs improvement."

"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."

"We'd like to have triggered alerts sent to us so we see errors quicker."

"Could be more of an endpoint protector."

"This product needs to mature more. While it is a good product, there are some areas where it needs work."

"Alert Logic needs to expand its SOCs to serve more markets, such as the Middle East and Asia. There should be infrastructure that covers more time zones. The company should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like CrowdStrike or Sophos. I think Alert Logic is developing this. Built-in email security could also be developed and integrated."

More Fortra's Alert Logic MDR cons

Pricing and Cost Advice

"The solution's price is spot on; if anything, it's slightly below the norm for most services. Compared to building the same team internally, it would cost more to create the same amount of capability than what we get from an external team. Price-wise, Binary Defense is in a great spot."

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."

"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."

"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."

"It has been good. We have saved money, and we have a better product."

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."

"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."

More Binary Defense MDR pricing and cost advice

Information not available

"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."

"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."

"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."

"Almost any product that is on the AWS Marketplace is super easy to subscribe to."

"Alert Logic has better competitive pricing than some of its competitors."

See which vendors are best for you

Use our free recommendation engine to learn which SOC as a Service solutions are best for your needs.

See recommendations

823,875 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Healthcare Company

Financial Services Firm

Manufacturing Company

Computer Software Company

20%

Financial Services Firm

Manufacturing Company

Government

Computer Software Company

16%

Financial Services Firm

13%

Healthcare Company

Manufacturing Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Binary Defense MDR?

The most valuable feature is reviewing tickets and the notes added by technicians.

See all answers

What is your experience regarding pricing and costs for Binary Defense MDR?

It has been good. We have saved money, and we have a better product. We are a company that has become an enterprise f...

See all answers

What needs improvement with Binary Defense MDR?

We are going to have a meeting with them the following Monday. It will be our first quarterly business review. Half o...

See all answers

What is your experience regarding pricing and costs for Expel?

Expel's pricing has adapted as the market evolved and has become competitive over the past twelve months.

See all answers

What needs improvement with Expel?

The one area where Expel may not measure up is if a customer requires a managed SIEM as part of their overall solutio...

See all answers

What is your primary use case for Expel?

I have experience reselling Expel. Customers often come to me wanting to evaluate multiple providers to make a choice...

See all answers

What do you like most about Alert Logic?

The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them ...

See all answers

What is your experience regarding pricing and costs for Alert Logic?

Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.

See all answers

What needs improvement with Alert Logic?

Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy ...

See all answers

Comparisons

CrowdStrike Falcon vs Binary Defense MDR

Compared 25% of the time

SentinelOne Singularity Complete vs Binary Defense MDR

Compared 21% of the time

Darktrace vs Binary Defense MDR

Compared 21% of the time

Arctic Wolf Managed Detection and Response vs Binary Defense MDR

Compared 18% of the time

Cortex XDR by Palo Alto Networks vs Binary Defense MDR

Compared 15% of the time

More Binary Defense MDR Competitors

Red Canary vs Expel

Compared 30% of the time

CrowdStrike Falcon Complete MDR vs Expel

Compared 24% of the time

Arctic Wolf Managed Detection and Response vs Expel

Compared 17% of the time

Wiz vs Expel

Compared 13% of the time

ReliaQuest GreyMatter vs Expel

Compared 12% of the time

More Expel Competitors

SentinelOne Vigilance vs Fortra's Alert Logic MDR

Compared 20% of the time

Arctic Wolf Managed Detection and Response vs Fortra's Alert Logic MDR

Compared 17% of the time

CrowdStrike Falcon Complete MDR vs Fortra's Alert Logic MDR

Compared 17% of the time

Rapid7 InsightIDR vs Fortra's Alert Logic MDR

Compared 17% of the time

Sophos MDR vs Fortra's Alert Logic MDR

Compared 10% of the time

More Fortra's Alert Logic MDR Competitors

Product Reports

Buyer's Guide

Binary Defense MDR

December 2024

Download Binary Defense MDR product report

Buyer's Guide

Managed Detection and Response (MDR)

December 2024

Download Expel product report

Buyer's Guide

Fortra's Alert Logic MDR

December 2024

Download Fortra's Alert Logic MDR product report

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response

Workbench, Expel SOC-as-a-Service

Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM

Learn More

Binary Defense

Video not available

Expel

Fortra

Overview

Binary Defense provides a Managed Detection and Response service using an Open XDR strategy that detects and isolates threats early in the attack lifecycle. Expert security analysts in the Binary Defense Security Operations Center leverage an attacker’s mindset, monitoring your environments for security events 24x7x365 and acting as an extension of your security teams. When a security event occurs, Binary Defense analysts triage, disposition, and prioritize the event. Analysts conduct full kill chain analysis and supply tactical and strategic mitigation recommendations to your security team with the goal of increasing your organization’s security posture against the latest adversary threats.

Visit us online at https://www.binarydefense.com

Expel offers comprehensive security monitoring and incident response, detecting threats efficiently, providing actionable insights, and reducing security risks. It enhances a company's security posture and frees up internal resources by integrating with existing security tools and offering support from experienced analysts.

Expel is designed for real-time monitoring, effective threat detection, and automated response capabilities. Users appreciate its intuitive dashboard, timely alerts, and comprehensive reporting. Integration with existing security systems and minimal maintenance requirements are key advantages. Customer support is noted as exceptional. Some users suggest improvements in alert categorization to reduce noise, a more intuitive dashboard design with better customization, faster response times, more comprehensive threat analysis reports, and enhanced communication with customer support.

What are Expel's key features?

Real-time monitoring: Continuously keeps track of potential threats and network activity.
Effective threat detection: Identifies suspicious behavior and potential security breaches quickly.
Automated response: Responds to threats automatically to mitigate risks efficiently.
Intuitive dashboard: User-friendly interface for navigating security operations.
Timely alerts: Provides immediate notifications about potential security incidents.
Comprehensive reporting: Generates detailed analyses of security events for better decision-making.
Integration capabilities: Works seamlessly with existing security systems.
Minimal maintenance: Requires little upkeep from internal teams.

What benefits should users look for in Expel?

Enhanced security posture: Strengthens overall defenses against cyber threats.
Resource optimization: Allows internal teams to focus on strategic tasks.
Experienced analysts: Provides expert support from seasoned security professionals.
Actionable insights: Delivers data-driven recommendations for security improvements.
Integration ease: Fits smoothly with pre-existing security tools and infrastructures.

Expel is implemented across various industries that require robust security measures. In the financial sector, it helps safeguard sensitive data and ensure compliance. Healthcare organizations use Expel to protect patient records and meet strict regulatory standards. Retail companies leverage its capabilities to secure customer information and transaction data, while manufacturing entities rely on Expel to secure intellectual property and operational technology networks.

Alert Logic specializes in log management, security configuration, SIEM, SaaS monitoring, network protection, and MDR services. It is suitable for sectors such as utilities, financial services, and government.

Alert Logic offers extensive log management and proactive security by centralizing logs, providing detailed notifications, and detecting intrusions. With global threat visibility and SOCs in the US and Europe, it speeds up the threat detection process in seconds. Advanced technologies, like AI and ML, improve its MDR services and differentiate legitimate user behavior from threats.

What are Alert Logic's key features?

Excellent log messages for seamless log management
Immediate log retrieval during production issues
Clear, user-friendly notifications
Proactive and detailed incident notifications
Centralized dashboard for easy monitoring
Good intrusion detection and heuristic threat monitoring
Global threat visibility with fast threat detection
Human expertise backing threat detection and response

What benefits should users expect when evaluating Alert Logic?

Streamlined log management and rapid issue resolution
Centralized monitoring for efficient incident management
Fast global threat detection improves security stance
Human expertise for accurate threat response
Advanced threat differentiation using AI and ML

Alert Logic proves beneficial for various industries, with e-commerce applications utilizing it for robust log management and security measures. Utility sector companies leverage its network protection and threat detection capabilities, while financial services organizations appreciate its MDR services. Government agencies rely on its comprehensive infrastructure monitoring and SOC expertise for enhanced security.

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR

Amanda Fennell CSO

Information Not Available

Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service. Updated: November 2024.

DOWNLOAD NOW

823,875 professionals have used our research since 2012.

See our list of best SOC as a Service vendors and best Managed Detection and Response (MDR) vendors.

We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.