Expel vs Fortra's Alert Logic MDR comparison

Expel and Fortra are both solutions in the SOC as a Service category. Expel is ranked #5 with an average rating of 9.0, while Fortra is ranked #4 with an average rating of 8.3. Additionally, 100% of Expel users are willing to recommend the solution, compared to 92% of Fortra users who would recommend it.

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Aug 21, 2024

Fortra's Alert Logic MDR and Expel are both robust Managed Detection and Response services. Based on user reviews, Expel appears to have the upper hand due to its advanced features and perceived value for money.

Features: Fortra's Alert Logic MDR is recognized for comprehensive security coverage, proactive threat detection, and reasonable pricing. Expel stands out with strong analytic capabilities, response efficiency, and superior incident response.

Room for Improvement: Fortra's Alert Logic MDR could improve reporting, customization options, and integration with security infrastructures. Expel users have requested better integration, interface enhancements, and documentation improvements.

Ease of Deployment and Customer Service: Fortra's Alert Logic MDR is known for straightforward deployment and solid customer support. Expel impresses with rapid deployment and highly responsive customer service, making setup quicker and easier.

Pricing and ROI: Fortra's Alert Logic MDR offers reasonable pricing with good ROI, valued for its cost-efficiency. Expel, though more expensive, offers strong ROI and advanced features, making it worth the higher cost.

To learn more, read our detailed SOC as a Service Report (Updated: October 2024).

Buyer's Guide

SOC as a Service

October 2024

Download the complete report

Helped 815,854 peers since 2012

Categories and Ranking

Binary Defense MDR

Featured Reviews

Rich Ullom

AVP, IT Security Compliance and Audit/Information Security Officer at Western Reserve Group

May 1, 2023

Worth the money, fantastic communication, and fast service with an average response time of about four minutes on an alert

This is my third SOC. I have never had anybody react as well. So, it's hard for me to provide something that they could do better because I'm really happy with them. I just signed another three-year contract with them. I don't find any downside to them, but if I have to put one, it would be consistent manpower or staffing. The only area where the solution can be improved is going to be with people. As they grow, they are struggling with the same thing that every other company is, which is getting talent and getting that talent to stay, but they've just revised their tiering system to go from a flat analyst and manager to a three-tier solution where it goes through two or three before it gets elevated. That seems to have worked out well, so if one level misses it, the next one picks it up, and it works out fine. Consistent staffing is the only challenge they have because when you're hiring level-one analysts, you go through them pretty quickly. You'll probably hire them at 50K or 55K, and after they do it for a year, they find out they can make 85K somewhere else, and they bounce. So, their turnover is a little high, but that's it.

Read full review

reviewer2578461

MDR Specialist at GuidePoint Security

Oct 16, 2024

Rapid threat management and diverse technology integration for effective monitoring

I have experience reselling Expel. Customers often come to me wanting to evaluate multiple providers to make a choice based on their specific use cases, requirements, technology investments, and so forth. Expel is beneficial for customers with diverse environments in terms of technologies that need…

Read full review

reviewer1525833

Site Reliability Engineer at a retailer with 10,001+ employees

Mar 8, 2021

Great reporting and session logic with an easy initial setup

The initial setup isn't too difficult. It's pretty straightforward. An organization shouldn't have too much trouble with the setup. The deployment is very fast. It doesn't take too much time at all. It's likely less than five minutes. Honestly, it's almost instantaneous. There is no mapping. Once you're done with the customization you can use it. It's not time-consuming. The customization part is based on whatever keywords and attributes you are adding, and that's less than a minute of time to handle. There is no time consumed. You just need to add to a filter. You don't really need to worry about having too much maintenance. It's not required really. Maybe once the log is full, you may require a maintenance checkup of six months on. We have a server team that manages that aspect.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Our mean time to response has gone down. We're much faster with direct response and have more investigative capabilities than we did before."

"The speed at which their services are reactive is valuable. Nowadays, when a threat hits an endpoint, you've got minutes, not hours or days. Their average response time is about four minutes on an alert. For anything that needs to be sent to us, it's about fourteen minutes, which is pretty good. They're the third SOC that I've used in fifteen years. By far, they are the quickest ones to act. When you're looking at prevention, that's a key factor."

"The most valuable feature is reviewing tickets and the notes added by technicians."

"With Binary Defense, we don't just get an alert, but also a detailed rundown of why they're alerting us on it. They tell us what was executed, or the username, script, or IP. That way, we're not wasting time investigating."

"Binary Defense is comprehensive. We see most of the questionable activity. Once you see things a couple of times and are familiar with the processes, you know what those are. The level of activity is definitely favorable."

"Binary Defense has a human service department that provides live monitoring for our systems."

"Among the valuable features are the agent, continuous reporting, and dashboard. It has all the features we need and we haven't had to customize it, other than turning on certain features that we wanted."

"The most valuable part of Binary Defense is its team of cybersecurity analysts. Their analysts filter out the noise and only forward the critical threats that require a response instead of false positives."

More Binary Defense MDR pros

"Their threat hunting protocol and process with AI and machine learning are strong, allowing for active and rapid responses."

"The solution was consistently available, and I cannot recall any instances where it was down."

"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."

"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."

"The initial setup is pretty straightforward."

"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."

"We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."

"The installation and configuration were slick."

"The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."

More Fortra's Alert Logic MDR pros

Cons

"The only area for improvement that I can think of relates to statistical analysis for SLAs. They are in the middle of moving to a new product called D3 which is going to do some backend work for them. I know they are working to improve some of the help desk statistics, such as the time the tickets open and the time they are closed."

"The current reporting system could benefit from improvement."

"If I were shopping for an MDR solution today, I would not only look for a company that has the ability to alert, detect, and remediate, but also the ability to integrate vulnerability management. That's a big thing that they're lacking today."

"While my understanding is that they're working on this, I would like to see some more of the quantification or reporting."

"We should be able to isolate devices faster. They should shorten the time between clicking on a device to contain it and carrying out the action. That would be a welcome improvement."

"We found that an earlier version of the agent had high memory usage and that was a bit concerning, but we raised the concern with their support team and they immediately replied that they had noticed the same thing and had a candidate fix already available... it totally fixed the issue."

"I would like to get more reports from Binary Defense about what they're blocking."

"We found a couple of bugs in the user interface."

More Binary Defense MDR cons

"The one area where Expel may not measure up is if a customer requires a managed SIEM as part of their overall solution. There's a gap there, and solutions might require third-party assistance for management."

"I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited."

"This product needs to mature more. While it is a good product, there are some areas where it needs work."

"Could be more of an endpoint protector."

"We'd like to have triggered alerts sent to us so we see errors quicker."

"The product needs to mature. We don't want to be bombarded with unnecessary issues and have the real ones slip through."

"The documentation, especially with the initial setup, needs improvement."

"The setup process was complex."

"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."

More Fortra's Alert Logic MDR cons

Pricing and Cost Advice

"The pricing is very good. They are definitely competitive and they were lower at the time that we went with them."

"It's valued at the right price. Even with the number of endpoints we have, we don't feel that it's a lot more than any competitor. In fact, it might be less expensive when you look at the fact that you're getting a full flex SOC out of it along with the tools."

"Binary Defense MDR is priced competitively and may be slightly lower than CrowdStrike."

"After we acquired this platform, we met with a number of different vendors. Binary Defense came in with a proposal that was surprisingly affordable. In fact, we were able to recoup the cost of their services within a short period of time. This is because Binary Defense is able to provide the same level of security as a team of two or three in-house analysts but at a fraction of the cost. As a result, Binary Defense is saving us an estimated $250,000 to $300,000 per year."

"The pricing is on target. Working with their sales team on pricing negotiations was a pleasant process. They were very respectful of the constraints we had and I feel that we're paying a fair price."

"The pricing isn't that bad, it's very competitive. I don't feel that it's over-priced and I don't feel that it's under-priced."

"From the initial cost that Binary Defense came in with, we pared it down quite a bit over the course of 30 or 60 days. My leadership would say that their cost was high, but realistically, they were in line with the market."

"Binary Defense has changed its pricing model from being primarily based on the volume of data to one based on escalations and incidents they handle."

More Binary Defense MDR pricing and cost advice

Information not available

"Alert Logic has better competitive pricing than some of its competitors."

"Almost any product that is on the AWS Marketplace is super easy to subscribe to."

"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."

"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."

"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."

See which vendors are best for you

Use our free recommendation engine to learn which SOC as a Service solutions are best for your needs.

See recommendations

815,854 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Healthcare Company

Financial Services Firm

Manufacturing Company

Computer Software Company

19%

Financial Services Firm

Manufacturing Company

Real Estate/Law Firm

Computer Software Company

16%

Financial Services Firm

12%

Manufacturing Company

Healthcare Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Binary Defense MDR?

The most valuable feature is reviewing tickets and the notes added by technicians.

See all answers

What is your experience regarding pricing and costs for Binary Defense MDR?

The pricing is very competitive; it's on par with or below others. For those sensitive to pricing, I'd advise that th...

See all answers

What needs improvement with Binary Defense MDR?

Sometimes, something may not install right; however, whenever we have challenges, they are very solution-oriented and...

See all answers

What is your experience regarding pricing and costs for Expel?

Expel's pricing has adapted as the market evolved and has become competitive over the past twelve months.

See all answers

What needs improvement with Expel?

The one area where Expel may not measure up is if a customer requires a managed SIEM as part of their overall solutio...

See all answers

What is your primary use case for Expel?

I have experience reselling Expel. Customers often come to me wanting to evaluate multiple providers to make a choice...

See all answers

What do you like most about Alert Logic?

The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them ...

See all answers

What is your experience regarding pricing and costs for Alert Logic?

Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.

See all answers

What needs improvement with Alert Logic?

Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy ...

See all answers

Comparisons

CrowdStrike Falcon vs Binary Defense MDR

Compared 25% of the time

Darktrace vs Binary Defense MDR

Compared 22% of the time

SentinelOne Singularity Complete vs Binary Defense MDR

Compared 22% of the time

Arctic Wolf Managed Detection and Response vs Binary Defense MDR

Compared 16% of the time

Cortex XDR by Palo Alto Networks vs Binary Defense MDR

Compared 15% of the time

More Binary Defense MDR Competitors

Red Canary vs Expel

Compared 30% of the time

CrowdStrike Falcon Complete MDR vs Expel

Compared 23% of the time

Arctic Wolf Managed Detection and Response vs Expel

Compared 17% of the time

Wiz vs Expel

Compared 13% of the time

ReliaQuest GreyMatter vs Expel

Compared 13% of the time

More Expel Competitors

SentinelOne Vigilance vs Fortra's Alert Logic MDR

Compared 21% of the time

CrowdStrike Falcon Complete MDR vs Fortra's Alert Logic MDR

Compared 20% of the time

Rapid7 InsightIDR vs Fortra's Alert Logic MDR

Compared 18% of the time

Arctic Wolf Managed Detection and Response vs Fortra's Alert Logic MDR

Compared 18% of the time

Sophos MDR vs Fortra's Alert Logic MDR

Compared 13% of the time

More Fortra's Alert Logic MDR Competitors

Product Reports

Buyer's Guide

Binary Defense MDR

November 2024

Download Binary Defense MDR product report

Buyer's Guide

Managed Detection and Response (MDR)

November 2024

Download Expel product report

Buyer's Guide

Fortra's Alert Logic MDR

November 2024

Download Fortra's Alert Logic MDR product report

Also Known As

Binary Defense Vision, Binary Defense Managed Detection and Response, Binary Defense Managed Detection & Response

Workbench, Expel SOC-as-a-Service

Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM

Learn More

Binary Defense

Video not available

Expel

Fortra

Overview

Binary Defense provides a Managed Detection and Response service using an Open XDR strategy that detects and isolates threats early in the attack lifecycle. Expert security analysts in the Binary Defense Security Operations Center leverage an attacker’s mindset, monitoring your environments for security events 24x7x365 and acting as an extension of your security teams. When a security event occurs, Binary Defense analysts triage, disposition, and prioritize the event. Analysts conduct full kill chain analysis and supply tactical and strategic mitigation recommendations to your security team with the goal of increasing your organization’s security posture against the latest adversary threats.

Visit us online at https://www.binarydefense.com

Expel offers comprehensive security monitoring and incident response, detecting threats efficiently, providing actionable insights, and reducing security risks. It enhances a company's security posture and frees up internal resources by integrating with existing security tools and offering support from experienced analysts.

Expel is designed for real-time monitoring, effective threat detection, and automated response capabilities. Users appreciate its intuitive dashboard, timely alerts, and comprehensive reporting. Integration with existing security systems and minimal maintenance requirements are key advantages. Customer support is noted as exceptional. Some users suggest improvements in alert categorization to reduce noise, a more intuitive dashboard design with better customization, faster response times, more comprehensive threat analysis reports, and enhanced communication with customer support.

What are Expel's key features?

Real-time monitoring: Continuously keeps track of potential threats and network activity.
Effective threat detection: Identifies suspicious behavior and potential security breaches quickly.
Automated response: Responds to threats automatically to mitigate risks efficiently.
Intuitive dashboard: User-friendly interface for navigating security operations.
Timely alerts: Provides immediate notifications about potential security incidents.
Comprehensive reporting: Generates detailed analyses of security events for better decision-making.
Integration capabilities: Works seamlessly with existing security systems.
Minimal maintenance: Requires little upkeep from internal teams.

What benefits should users look for in Expel?

Enhanced security posture: Strengthens overall defenses against cyber threats.
Resource optimization: Allows internal teams to focus on strategic tasks.
Experienced analysts: Provides expert support from seasoned security professionals.
Actionable insights: Delivers data-driven recommendations for security improvements.
Integration ease: Fits smoothly with pre-existing security tools and infrastructures.

Expel is implemented across various industries that require robust security measures. In the financial sector, it helps safeguard sensitive data and ensure compliance. Healthcare organizations use Expel to protect patient records and meet strict regulatory standards. Retail companies leverage its capabilities to secure customer information and transaction data, while manufacturing entities rely on Expel to secure intellectual property and operational technology networks.

Alert Logic specializes in log management, security configuration, SIEM, SaaS monitoring, network protection, and MDR services. It is suitable for sectors such as utilities, financial services, and government.

Alert Logic offers extensive log management and proactive security by centralizing logs, providing detailed notifications, and detecting intrusions. With global threat visibility and SOCs in the US and Europe, it speeds up the threat detection process in seconds. Advanced technologies, like AI and ML, improve its MDR services and differentiate legitimate user behavior from threats.

What are Alert Logic's key features?

Excellent log messages for seamless log management
Immediate log retrieval during production issues
Clear, user-friendly notifications
Proactive and detailed incident notifications
Centralized dashboard for easy monitoring
Good intrusion detection and heuristic threat monitoring
Global threat visibility with fast threat detection
Human expertise backing threat detection and response

What benefits should users expect when evaluating Alert Logic?

Streamlined log management and rapid issue resolution
Centralized monitoring for efficient incident management
Fast global threat detection improves security stance
Human expertise for accurate threat response
Advanced threat differentiation using AI and ML

Alert Logic proves beneficial for various industries, with e-commerce applications utilizing it for robust log management and security measures. Utility sector companies leverage its network protection and threat detection capabilities, while financial services organizations appreciate its MDR services. Government agencies rely on its comprehensive infrastructure monitoring and SOC expertise for enhanced security.

Sample Customers

Securitas USA, Black Hills Energy, Lincoln Electric,The J.M. Smuckers Company, New York Community Bank, State of Connecticut, NCR

Amanda Fennell CSO

Information Not Available

Find out what your peers are saying about Arctic Wolf Networks, Palo Alto Networks, Netsurion and others in SOC as a Service. Updated: October 2024.

DOWNLOAD NOW

815,854 professionals have used our research since 2012.

See our list of best SOC as a Service vendors and best Managed Detection and Response (MDR) vendors.

We monitor all SOC as a Service reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.