Hacking BLOCKED!

Pros

We get a lot of brute force attempts and AlertLogic Threat Manager is on top of them all. The shunning works great and is very configurable to our desired thresholds.

Cons

At this point I do not have any cons that I can speak of.

AlertLogic is one of the best cloud security solution in the market

The good thing in the software is it gives the full cloud security protection you need.

Pros

The good thing in AlertLogic is it gives you a simple interface and easy to use with very good features such as : Vulnerability scanning, ASV Scans, Log Management, and Threat Management where you can see the the threats that your organization faces as well as review your systems logs of your environment, AlertLogic acts as well as and IDS/IPS for your web servers that faces the public and prevents you from the attacks.

Cons

1- The Log management is little bit slow when it comes to review the logs,. 2- In Threat management when you review the threat you can't export the details instead you can only export the headlines of threats.

A Deep, Capable Log/Threat Tool That is Bogged Down by a Clunky Interface and Complicated Config.

Pros

It definitely does what is supposed to do - capture and provide traffic and threats/intrusions as they occur. Any risk that I've had to deal with in the past couple of years has been caught by Alert Logic, not the other secondary tools I have in place as an additional means of security. The agent that we have to deploy in our AWS environment to capture all of our traffic on our AWS instances is small and unobtrusive. The reporting functionality is great - there is the automated report capability, and we can fine-tune the reports to have only certain information go to certain people - much better than having our security team dig through countless pages of data that certain people don't care about.

Cons

The UI is generally a mess. It is difficult to find what you need at times, and after 2+ years of using the tool, I still find myself lost very frequently. There is no option for Multi-Factor Authentication (to my knowledge, for all I know it may be hidden deep in the UI somewhere). This is an odd exclusion for a security tool. Instead, passwords expire very very quickly, so I feel like I'm changing my password more often for Alert Logic than any other tool that I use. It has crossed the line of secure, and become a pain. The instances that I've had to deal with support have not been all that great - some engineers are way more skilled and experienced than others, as I've wasted hours with some engineers to solve an issue that another engineer was able to solve in minutes. The documentation that I've seen is often outdated - I'd like to see that frequently updated, especially with such a clunky UI.

Alertlogic in AWS

We have used Alertlogic, especially the threat manager for a good few years now and have confidence that the service is providing us with a high level of security and protection.

Pros

The personal in depth investigations performed by real people on all incidents. The alerts received give all the information required up front leading to quick decisions on any impact.

Cons

Feel the dashboard is a little hard to get around sometimes to find what you are looking for. It has improved with recent updates but still could do with being more intuitive.

Great for our needs

Pros

Really gives us peace of mind knowing that we have another layer of security. Helped us meet our audit requirement for log correlation and SIEM. Since this is a hosted solution we were able to free up our internal resources. We are contacted very quickly with any issues and the customization that can be done is also great. Support is knowledgeable and vast.

Cons

Log review is hard to understand unless you know much about the software or have a lot of time to dedicate to it. Normally I just open a ticket to have support do the legwork for me as I am not versed / do not have the time do work on it. I do wish that assistance with customization was something that was done during implementation / random reachouts from support or little how-to's once a month for custom reports or alerts that would be beneficial or help increase security posture would be great.