Alert
Logic today announced key innovation advancements to its leading managed
detection and response (MDR) platform, including the industry's first threat
detection solution designed specifically for custom web applications. The newly
released capabilities ensure organizations are well-equipped to address and
adapt to the ever-evolving security landscape.
"While
encryption fortifies an organization's security posture, it can also be a
conduit for hiding malicious attacks," said Onkar Birk, Chief Product
Officer, Alert Logic. "With a vast majority of internet traffic being
encrypted, organizations must have better detection. Our new web application
threat detection capabilities help organizations better detect threats and
provide a new level of visibility that, until now, has been impeded by modern
transport encryption."
Expanding
Coverage
According
to Gartner, "The attack surface continues to expand, with web applications
joined by a host of mobile and browser-based applications, a growing array of
services exposed via APIs, IoT devices and more. As technology advances and
diversifies (for example, containers, cloud-based computing options like edge
and serverless, and connected devices), this forces security teams to evaluate
and implement improved application security technologies. Each additional
software component or integration further expands the attack surface and
increases the scope and complexity of efforts required to test and protect
enterprise software."
As
a result of the COVID-19 pandemic, many organizations quickly deployed digital
storefronts to serve as contactless alternatives to traditional brick and
mortar operations. With the immediacy required to adjust these business models
to current conditions, additional risk and exposure have escalated from these
often poorly secured custom web applications.
To
combat the inherent vulnerabilities of custom web applications, Alert Logic has
fortified its web application threat detection by delivering web log analytics,
designed specifically to help organizations identify vulnerable blind spots
while minimizing false positives, all without disrupting business. By analyzing
web access logs, security teams can uncover anomalous behavior and
reconnaissance activities that elude traditional preventative security
technologies such as web application firewalls (WAFs).
Simplifying
User Experience
Organizations
must have a high level of visibility across all their assets and be able to
quickly identify and respond to threats before they can cause any damage. Alert
Logic now provides security teams more seamless and comprehensive access to
critical and relevant data:
- Through a deeper integration with the Amazon Web
Services (AWS) cloud platform, Alert Logic natively integrates into AWS
Control Tower to bring MDR to these managed accounts, reducing the number
of required steps for deployment and ensuring consistency across accounts.
- Customers and partners can now configure the Alert
Logic console to send security outcomes directly to their own IT Service
Management (ITSM) systems, enabling them to automatically open tickets and
streamline service desk workflows.
- A new software developer portal provides tooling and
step-by-step guidance for organizations to build and embed their own
automation and integrations. The portal includes a comprehensive toolkit
of command-line tools and programming language integrations, as well as a
robust library of use cases.
Accelerating
Outcomes
To
help organizations meet compliance requirements, Alert Logic has incorporated
File Integrity Monitoring (FIM) capabilities into its MDR platform. This
addition enhances detection of unauthorized change events, including attempted
attacks and the actions of malicious insiders. It also monitors for integrity
of system directories, registry keys, and values on the operating system, and
includes file access, creation, movement, attribute modification, and several
other types of file interactions. FIM covers the PCI DSS 10.5.5. and 11.5
requirements which are often costly and complex compliance mandates for
organizations.
"With
the addition and complete integration of File Integrity Monitoring, Alert Logic
is now our one stop for addressing the main security needs of PCI,"
said Antoine Noel, Chief Information Security Officer, Cloudreach.
"As a result, simplifying our security stack removes
deployment conflicts and tuning complexity."