Alert Logic is a highly mature managed detection and response MDR service that has been under development for more than 20 years. It's a comprehensive solution with all the essential MDR elements and the latest technologies, such as artificial intelligence and machine learning. I recommend deploying Alert Logic for all kinds of customers in the public and private sectors, including utility companies, financial services, government, etc.
Alert Logic offers total visibility into the client's IT ecosystem. The solution's intrusion detection system inspects 100 percent of the network packets and installs universal agents on all physical and virtual servers for log collection. Alert Logic also aggregates logs of the client's various 3rd Party security tools into a single pane of glass.
All of the analytics from those data feeds got to a 24/7 SOC with sophisticated resources. Alert Logic has massive threat intelligence resources to provide additional context to the incident response declarations. They do all the heavy lifting for clients who lack the technology and resources to operate their own SOC.
The client is solely responsible for the incident response component. The macro analytics resides on Alert Logic's cloud. You have the ECM response and business application team on the client side.
Everything works in tandem, which is the only way you can deal with the advanced threats we face today, especially the ransomware families. If you don't respond in minutes, you're in trouble.
The most valuable aspect of Alert Logic is its optimized technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond.
Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Logic is developing this. A built-in email with AI security could also be developed and integrated into their holistic MDR platform.
I have been an Alert Logic reseller for about a year.
I rate Alert Logic nine out of 10 for stability.
I rate Alert Logic nine out of 10 for scalability.
I rate Alert Logic customer service 10 out of 10.
Positive
The implementation is pretty straightforward. You immediately gain visibility as soon as you install the IDS appliance, deploy the agents on the servers, and start collecting syslogs. However, you need to take some additional time to fine-tune and optimize the platform and all the devices. It takes about four to six weeks to get results and around three months to optimize the platform monitoring service.
Alert Logic offers a very high ROI.
Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.
I evaluated deepwatch. Alert Logic is more mature, with 20-plus years of development. While deepwatch is a very advanced MDR, it is only about five or six years in the CMMI process. Alert Logic also has advantages in online compliance and security reporting. It covers several regulatory mandates, such as PCI, HIPAA, SOC2, etc. with automated compliance features, which is somewhat unique in the industry.
I rate Alert Logic nine out of 10.
