Try our new research platform with insights from 80,000+ expert users

Fortra's Alert Logic MDR vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Fortra's Alert Logic MDR
Average Rating
8.0
Number of Reviews
11
Ranking in other categories
Vulnerability Management (34th), SOC as a Service (4th), Managed Detection and Response (MDR) (20th)
Vectra AI
Average Rating
8.6
Number of Reviews
42
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (2nd), Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Fortra's Alert Logic MDR is designed for Vulnerability Management and holds a mindshare of 0.3%, up 0.1% compared to last year.
Vectra AI, on the other hand, focuses on Intrusion Detection and Prevention Software (IDPS), holds 11.4% mindshare, up 9.5% since last year.
Vulnerability Management
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

reviewer1525833 - PeerSpot reviewer
Mar 8, 2021
Great reporting and session logic with an easy initial setup
The initial setup isn't too difficult. It's pretty straightforward. An organization shouldn't have too much trouble with the setup. The deployment is very fast. It doesn't take too much time at all. It's likely less than five minutes. Honestly, it's almost instantaneous. There is no mapping. Once you're done with the customization you can use it. It's not time-consuming. The customization part is based on whatever keywords and attributes you are adding, and that's less than a minute of time to handle. There is no time consumed. You just need to add to a filter. You don't really need to worry about having too much maintenance. It's not required really. Maybe once the log is full, you may require a maintenance checkup of six months on. We have a server team that manages that aspect.
Tony Whelton - PeerSpot reviewer
Mar 7, 2023
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"While I still have on-premises appliances, I can remotely monitor everything from the cloud, and Alert Logic's ease-of-access features have helped me streamline my workflow and reduce implementation time."
"The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."
"It has the ability to install agents. It is pretty straightforward. You can automate the process pretty easily."
"It is a very stable product."
"The initial setup is pretty straightforward."
"It improves our security. Before, we didn't have anything scanning our containers. We had software scanning all the physical servers, but we had nothing to scan our containers. With Alert Logic, we can do that."
"The solution was consistently available, and I cannot recall any instances where it was down."
"Notifications and the detail of notifications are most valuable. It is a user-friendly solution."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"Vectra AI generates relevant information."
"The key feature for me for Detect for Office 365 is that it can also concentrate all the information and detection at one point, the same as the network solution does. This is the key feature for me because, while accessing data from Office 365 is possible using Microsoft interfaces, they are not really user-friendly and are quite confusing to use. But Detect for Office 365 is aggregating all the info, and it's only the interesting stuff."
"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"I like the way that Vectra AI focuses on the internal network. Nowadays, most of the attackers are already inside, and they can be inside for many years before they start attacking. With normal monitoring, it's quite difficult to find them."
"The solution's ability to reduce alerts, by rolling up numerous alerts to create a single incident or campaign, helps in that it collapses all the events to a particular host, or a particular detection to a set of hosts. So it doesn't generate too many alerts. By and large, whatever alerts it generates are actionable, and actionable within the day."
 

Cons

"This product needs to mature more. While it is a good product, there are some areas where it needs work."
"Could be more of an endpoint protector."
"I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited."
"They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance."
"The documentation, especially with the initial setup, needs improvement."
"The product needs to mature. We don't want to be bombarded with unnecessary issues and have the real ones slip through."
"Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive."
"We'd like to have triggered alerts sent to us so we see errors quicker."
"You are always limited with visibility on the host due to the fact that it is a network based tool. It gives you visibility on certain elements of the attack path, but it doesn't necessarily give you visibility on everything. Specifically, the initial intrusion side of things that doesn't necessarily see the initial compromise. It doesn't see stuff that goes on the host, such as where scripts are run. Even though you are seeing traffic, it doesn't necessarily see the malicious payload. Therefore, it's very difficult for it to identify these type of host-driven complex attacks."
"One of the things I am not so happy about when it comes to Vectra is the scoring board."
"The main improvement I can see would be to integrate with more external solutions."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"They use a proprietary logging format that is probably 90% similar to Bro Logs. Their biggest area of improvement is finishing out the remaining 10%. That 10% might not be beneficial to their ML engine, but that's fine. The industry standard is Zeek Logs or Bro Logs, or Bro or Zeek, depending on how old you are. While they have 90% of those fields, they're still missing some fields. In very rare instances, some community rules do not have the fields that they need, and we had to modify community rules for our logs. So, their biggest area of improvement would be to just finish their matching of the Zeek standard."
"I would like more integrations with IOCs and threats currently on the Internet. I would also like to know which threats are based on zero-day attacks, current botnets, etc. Therefore, I would like more information on external threats."
 

Pricing and Cost Advice

"Our ROI would probably be zero. We don't even use it. It sits in there. We get emails and just delete them. Around the world, we don't even use it."
"Alert Logic has better competitive pricing than some of its competitors."
"Price of the solution was very reasonable considering the size of our organization at the time, and so it worked out perfectly."
"Its pricing is very reasonable considering what you get for what you pay. There is quite a good value there. Its licensing is also very logical. They've got the licensing price points at a reasonable level. It is on a monthly license but a yearly contract. There are no additional costs to the standard licensing fees."
"Almost any product that is on the AWS Marketplace is super easy to subscribe to."
"The solution is low-cost and affordable."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"We have a desire to increase our use. However, it all comes down to budget. It's a very expensive tool that is very difficult to prove business support for. We would like to have two separate networks. We have our corporate network and PCI network, which is segregated due to payment processing. We don't have it for deployed in the PCI network. It would be good to have it fully deployed there to provide us with additional monitoring and control, but the cost associated with their licensing model makes it prohibitively expensive to deploy."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"The pricing is high."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"Vectra AI's pricing is cheaper than that of Darktrace."
"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."
report
Use our free recommendation engine to learn which Vulnerability Management solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Financial Services Firm
12%
Manufacturing Company
9%
Healthcare Company
8%
Computer Software Company
17%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Alert Logic?
The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in...
What is your experience regarding pricing and costs for Alert Logic?
Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.
What needs improvement with Alert Logic?
Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Log...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
 

Also Known As

Alert Logic MDR, Alert Logic Managed Detection and ResponseAlert Logic Threat Manager, Alert Logic Cloud Defender, Critical Watch FusionVM
Vectra Networks, Vectra AI NDR
 

Learn More

 

Overview

 

Sample Customers

Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Tenable, Qualys, Wiz and others in Vulnerability Management. Updated: October 2024.
814,763 professionals have used our research since 2012.