Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Logic is developing this. A built-in email with AI security could also be developed and integrated into their holistic MDR platform.
It would be great to see more of an endpoint protector. I'd also like to be able to send commands to firewalls which is something the old UI had but the new one does not. For example, if I wanted to block an attack I used to be able to send a command to the firewall but that is no longer possible.
Information Technology Manager at Alaina M Callahan Consultant LLC
Consultant
2021-03-08T09:56:27Z
Mar 8, 2021
Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive.
Site Reliability Engineer at a retailer with 10,001+ employees
Real User
2021-03-08T09:56:25Z
Mar 8, 2021
One pain point we have, for example, is if the search keyword is related inside an XML, we will get an XML. If it is a normal log, however, you will get a null pointer exception or something, and we don't get the complete trace. We will just get a few lines only. It would be ideal if we could get a complete trace. There just needs to be more transparency around error tracing. We'd like to have triggered alerts sent to us so we see errors quicker.
AWS Admin at a marketing services firm with 501-1,000 employees
Real User
2018-12-11T08:31:00Z
Dec 11, 2018
This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not.
This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not. I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email." Thus, I can get 5000 emails, and if you get 5000 emails in ten minutes, you have no emails because they are no good. All they are doing is filling up your inbox. If one good email comes out of those 5000, you miss it. This might be on us as far the configuration, but then this goes back to the compute side in the cloud where they should be able to identify, "We have a lot of user lockouts." They should be able to go into their code, making this an automated process, not manual. They should use smart technology, not just put a box together, and say, "Go get the information." The product is not ready to be put into our AWS environment because we have SAP. We're already having some issues, not related to AWS or Alert Logic. We have our own issues it that we are trying to iron out. Since the Alert Logic hardware is not helping us anyway, moving it to the cloud as software, would not really make a difference for us.
They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance. As an MSP, it is better if we can hand off the security stuff over to a third-party or some other dedicated security people, and we can just focus on AWS-related products and improving our infrastructure.
Senior Systems Engineer at Turner Broadcasting System
Real User
2018-12-04T07:57:00Z
Dec 4, 2018
I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited.
Alert Logic specializes in log management, security configuration, SIEM, SaaS monitoring, network protection, and MDR services. It is suitable for sectors such as utilities, financial services, and government.
Alert Logic offers extensive log management and proactive security by centralizing logs, providing detailed notifications, and detecting intrusions. With global threat visibility and SOCs in the US and Europe, it speeds up the threat detection process in seconds. Advanced...
Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Logic is developing this. A built-in email with AI security could also be developed and integrated into their holistic MDR platform.
It would be great to see more of an endpoint protector. I'd also like to be able to send commands to firewalls which is something the old UI had but the new one does not. For example, if I wanted to block an attack I used to be able to send a command to the firewall but that is no longer possible.
Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive.
One pain point we have, for example, is if the search keyword is related inside an XML, we will get an XML. If it is a normal log, however, you will get a null pointer exception or something, and we don't get the complete trace. We will just get a few lines only. It would be ideal if we could get a complete trace. There just needs to be more transparency around error tracing. We'd like to have triggered alerts sent to us so we see errors quicker.
This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not.
The documentation, especially with the initial setup, needs improvement.
This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not. I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email." Thus, I can get 5000 emails, and if you get 5000 emails in ten minutes, you have no emails because they are no good. All they are doing is filling up your inbox. If one good email comes out of those 5000, you miss it. This might be on us as far the configuration, but then this goes back to the compute side in the cloud where they should be able to identify, "We have a lot of user lockouts." They should be able to go into their code, making this an automated process, not manual. They should use smart technology, not just put a box together, and say, "Go get the information." The product is not ready to be put into our AWS environment because we have SAP. We're already having some issues, not related to AWS or Alert Logic. We have our own issues it that we are trying to iron out. Since the Alert Logic hardware is not helping us anyway, moving it to the cloud as software, would not really make a difference for us.
They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance. As an MSP, it is better if we can hand off the security stuff over to a third-party or some other dedicated security people, and we can just focus on AWS-related products and improving our infrastructure.
I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited.