Automation and Orchestration Advancements are Core to New Security Capabilities
Alert Logic today announced key innovation advancements to its leading managed detection and response (MDR) platform, including the industry’s first threat detection solution designed specifically for custom web applications. The newly released capabilities ensure organizations are well-equipped to address and adapt to the ever-evolving security landscape.
“While encryption fortifies an organization’s security posture, it can also be a conduit for hiding malicious attacks,” said Onkar Birk, Chief Product Officer, Alert Logic. “With the vast majority of internet traffic being encrypted, organizations must have better detection. Our new web application threat detection capabilities help organizations better detect threats and provide a new level of visibility that, until now, has been impeded by modern transport encryption.”
According to Gartner, “The attack surface continues to expand, with web applications joined by a host of mobile and browser-based applications, a growing array of services exposed via APIs, IoT devices, and more. As technology advances and diversifies (for example, containers, cloud-based computing options like edge and serverless, and connected devices), this forces security teams to evaluate and implement improved application security technologies. Each additional software component or integration further expands the attack surface and increases the scope and complexity of efforts required to test and protect enterprise software.”1
As a result of the COVID-19 pandemic, many organizations quickly deployed digital storefronts to serve as contactless alternatives to traditional brick and mortar operations. With the immediacy required to adjust these business models to current conditions, additional risk and exposure have escalated from these often poorly secured custom web applications.
To combat the inherent vulnerabilities of custom web applications, Alert Logic has fortified its web application threat detection by delivering web log analytics, designed specifically to help organizations identify vulnerable blind spots while minimizing false positives, all without disrupting business. By analyzing web access logs, security teams can uncover anomalous behavior and reconnaissance activities that elude traditional preventative security technologies such as web application firewalls (WAFs).
Simplifying User Experience
Organizations must have a high level of visibility across all their assets and be able to quickly identify and respond to threats before they can cause any damage. Alert Logic now provides security teams more seamless and comprehensive access to critical and relevant data:
- Through a deeper integration with the Amazon Web Services (AWS) cloud platform, Alert Logic natively integrates into AWS Control Tower to bring MDR to these managed accounts, reducing the number of required steps for deployment and ensuring consistency across accounts.
- Customers and partners can now configure the Alert Logic console to send security outcomes directly to their own IT Service Management (ITSM) systems, enabling them to automatically open tickets and streamline service desk workflows.
- A new software developer portal provides tooling and step-by-step guidance for organizations to build and embed their own automation and integrations. The portal includes a comprehensive toolkit of command-line tools and programming language integrations, as well as a robust library of use cases.
Read More: A Peek into the Cybercrime industry
To help organizations meet compliance requirements, Alert Logic has incorporated File Integrity Monitoring (FIM) capabilities into its MDR platform. This addition enhances the detection of unauthorized change events, including attempted attacks and the actions of malicious insiders. It also monitors for the integrity of system directories, registry keys, and values on the operating system, and includes file access, creation, movement, attribute modification, and several other types of file interactions. FIM covers the PCI DSS 10.5.5. and 11.5 requirements which are often costly and complex compliance mandates for organizations.
“With the addition and complete integration of File Integrity Monitoring, Alert Logic is now our one-stop for addressing the main security needs of PCI,” said Antoine Noel, Chief Information Security Officer, Cloudreach. “As a result, simplifying our security stack removes deployment conflicts and tuning complexity.”