Alert Logic is a highly mature managed detection and response MDR service that has been under development for more than 20 years. It's a comprehensive solution with all the essential MDR elements and the latest technologies, such as artificial intelligence and machine learning. I recommend deploying Alert Logic for all kinds of customers in the public and private sectors, including utility companies, financial services, government, etc.
President at a tech services company with 11-50 employees
It's a highly mature, competitively priced solution that provides total visibility into your ecosystem
Pros and Cons
- "The most valuable aspect of Alert Logic is its technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond."
- "Alert Logic needs to expand its SOCs to serve more markets, such as the Middle East and Asia. There should be infrastructure that covers more time zones. The company should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like CrowdStrike or Sophos. I think Alert Logic is developing this. Built-in email security could also be developed and integrated."
What is our primary use case?
How has it helped my organization?
Alert Logic offers total visibility into the client's IT ecosystem. The solution's intrusion detection system inspects 100 percent of the network packets and installs universal agents on all physical and virtual servers for log collection. Alert Logic also aggregates logs of the client's various 3rd Party security tools into a single pane of glass.
All of the analytics from those data feeds got to a 24/7 SOC with sophisticated resources. Alert Logic has massive threat intelligence resources to provide additional context to the incident response declarations. They do all the heavy lifting for clients who lack the technology and resources to operate their own SOC.
The client is solely responsible for the incident response component. The macro analytics resides on Alert Logic's cloud. You have the ECM response and business application team on the client side.
Everything works in tandem, which is the only way you can deal with the advanced threats we face today, especially the ransomware families. If you don't respond in minutes, you're in trouble.
What is most valuable?
The most valuable aspect of Alert Logic is its optimized technology platform. They have SOCs in the US and Europe, giving them global visibility of the threat landscape. They detect and respond to threats in minutes. Their biggest value is human expertise. You're being attacked by a human, and you cannot respond to it unless you have a human on the other side. They have the human and technological resources to respond.
What needs improvement?
Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Logic is developing this. A built-in email with AI security could also be developed and integrated into their holistic MDR platform.
Buyer's Guide
Fortra's Alert Logic MDR
November 2024
Learn what your peers think about Fortra's Alert Logic MDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.
For how long have I used the solution?
I have been an Alert Logic reseller for about a year.
What do I think about the stability of the solution?
I rate Alert Logic nine out of 10 for stability.
What do I think about the scalability of the solution?
I rate Alert Logic nine out of 10 for scalability.
How are customer service and support?
I rate Alert Logic customer service 10 out of 10.
How would you rate customer service and support?
Positive
How was the initial setup?
The implementation is pretty straightforward. You immediately gain visibility as soon as you install the IDS appliance, deploy the agents on the servers, and start collecting syslogs. However, you need to take some additional time to fine-tune and optimize the platform and all the devices. It takes about four to six weeks to get results and around three months to optimize the platform monitoring service.
What was our ROI?
Alert Logic offers a very high ROI.
What's my experience with pricing, setup cost, and licensing?
Alert Logic's license is one of the most competitive. They deliver a high-quality service for a competitive price.
Which other solutions did I evaluate?
I evaluated deepwatch. Alert Logic is more mature, with 20-plus years of development. While deepwatch is a very advanced MDR, it is only about five or six years in the CMMI process. Alert Logic also has advantages in online compliance and security reporting. It covers several regulatory mandates, such as PCI, HIPAA, SOC2, etc. with automated compliance features, which is somewhat unique in the industry.
What other advice do I have?
I rate Alert Logic nine out of 10.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller Partner
AWS Admin at a marketing services firm with 501-1,000 employees
The installation and configuration were slick. However, this product needs to mature more.
Pros and Cons
- "The installation and configuration were slick."
- "We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed."
- "This product needs to mature more. While it is a good product, there are some areas where it needs work."
What is our primary use case?
We use it to be able to review logs and the overall system help and learn on anything that we need to handle.
How has it helped my organization?
Our organization's issue is that we implemented it and kicked the tires, but we never put an administrator behind it to own it and do a whole lot for it. There were a couple of select cases that we found and acted on those alerts. However, for the most part, it's just a climbing number of alerts with nobody touching them.
We needed a better plan for implantation. If we put something out there, we have to have people lined up to look at it and admin it, then reap the benefits of everything it's telling us to act on it. If you're not doing this, you have good intentions, but you fell short.
What is most valuable?
We receive infrastructure security warnings from it. So, we know what is going on and what needs to be addressed, e.g., things that we didn't have somebody looking for. It shows us these automatically, using things like automated scanning.
What needs improvement?
This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not.
For how long have I used the solution?
One to three years.
How was the initial setup?
It implemented pretty quickly.
We have everything you need. It would typically take a lot other solutions weeks to set up. This set up within fifteen minutes, which is pretty slick, and it has a lot of different interfaces.
The installation and configuration were slick. After installing in 20 to 30 minutes, you can start provisioning access, so people can take a look.
What's my experience with pricing, setup cost, and licensing?
I was not involved in the pricing and licensing.
Which other solutions did I evaluate?
Other solutions that we evaluated were Datadog and LogRhythm, but it is not an apples to apples comparison.
Alert Logic was not my choice. I implemented it, and said, "Here you go guys. Kick the tires."
What other advice do I have?
We only use the AWS version.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Fortra's Alert Logic MDR
November 2024
Learn what your peers think about Fortra's Alert Logic MDR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
814,763 professionals have used our research since 2012.
DevOps Engineer at Upland Software
It fully integrates with our AWS environment and is quick to set up
Pros and Cons
- "The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems."
- "The documentation, especially with the initial setup, needs improvement."
What is our primary use case?
The primary use case is security.
How has it helped my organization?
The quicker implementation of changes to our infrastructure from Alert Logic tell us if there are any problems.
What is most valuable?
- Easy to use, nice interface.
- It is quick set up.
What needs improvement?
The documentation, especially with the initial setup, needs improvement.
For how long have I used the solution?
Less than one year.
What do I think about the stability of the solution?
The stability is good. We trust it fully.
What do I think about the scalability of the solution?
Scalability seems good. This was one of the other features that we were interested in.
We have eight different accounts and are able to implement the solution across them easily.
How is customer service and technical support?
I go internally into the business for technical support rather than using the supplier for technical support.
How was the initial setup?
It fully integrates with our AWS environment, which is brilliant.
Alert Logic integrates with all of our products, which was one of the reasons that we went for it.
Which other solutions did I evaluate?
We also evaluated on-premise and open source products. We went with Alert Logic because it was quicker to implement.
What other advice do I have?
Try and get a demo. It is the best one products. As soon as you see it working, you will see it is very good.
We are using the cloud version.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Fortra's Alert Logic MDR Report and get advice and tips from experienced pros
sharing their opinions.
Updated: November 2024
Popular Comparisons
Microsoft Defender for Cloud
CrowdStrike Falcon Complete MDR
Orca Security
Rapid7 InsightIDR
Arctic Wolf Managed Detection and Response
Palo Alto Networks Advanced Threat Prevention
Secureworks Taegis Managed XDR / MDR
Splunk User Behavior Analytics
SentinelOne Vigilance
Sophos MDR
Red Canary
Blackpoint Cyber MDR
Buyer's Guide
Download our free Fortra's Alert Logic MDR Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- How inadvisable is it to use a single vulnerability analysis tool?
- What are the benefits of continuous scanning for vulnerability management?
- When evaluating Vulnerability Management, what aspect do you think is the most important to look for?
- What is a more effective approach to cyber defense: risk-based vulnerability management or vulnerability assessment?
- What are the main KPIs that need to be implemented to have better posture in vulnerability projects?
- Which is the best vulnerability scanner tool?
- What are your recommended automated penetration testing tools?
- How do you use the MITRE ATT&CK framework for improving enterprise security?
- Can you recommend API for Tenable Connector into ServiceNow
- What penetration testing tool (or tools) do you recommend for SMB/SME?