Alert Logic MDR

The good thing in AlertLogic is it gives you a simple interface and easy to use with very good features such as : Vulnerability scanning, ASV Scans, Log Management, and Threat Management where you can see the the threats that your organization faces as well as review your systems logs of your environment, AlertLogic acts as well as and IDS/IPS for your web servers that faces the public and prevents you from the attacks.

1- The Log management is little bit slow when it comes to review the logs,.
2- In Threat management when you review the threat you can't export the details instead you can only export the headlines of threats.

It definitely does what is supposed to do - capture and provide traffic and threats/intrusions as they occur. Any risk that I've had to deal with in the past couple of years has been caught by Alert Logic, not the other secondary tools I have in place as an additional means of security.

The agent that we have to deploy in our AWS environment to capture all of our traffic on our AWS instances is small and unobtrusive.

The reporting functionality is great - there is the automated report capability, and we can fine-tune the reports to have only certain information go to certain people - much better than having our security team dig through countless pages of data that certain people don't care about.

The UI is generally a mess. It is difficult to find what you need at times, and after 2+ years of using the tool, I still find myself lost very frequently.

There is no option for Multi-Factor Authentication (to my knowledge, for all I know it may be hidden deep in the UI somewhere). This is an odd exclusion for a security tool. Instead, passwords expire very very quickly, so I feel like I'm changing my password more often for Alert Logic than any other tool that I use. It has crossed the line of secure, and become a pain.

The instances that I've had to deal with support have not been all that great - some engineers are way more skilled and experienced than others, as I've wasted hours with some engineers to solve an issue that another engineer was able to solve in minutes.

The documentation that I've seen is often outdated - I'd like to see that frequently updated, especially with such a clunky UI.

Once Alert Logic is set up and in production, there is a nice sense of security. It has caught many threats and we are very pleased with the product.

Dealing with the technical support team has been challenging at times. On several occasions, we had an open ticket and couldn't get an update for days. I understand an issue that takes days to fix, but when we ask for an update we expect a prompt response at the very least.

We get a lot of brute force attempts and AlertLogic Threat Manager is on top of them all. The shunning works great and is very configurable to our desired thresholds.

At this point I do not have any cons that I can speak of.

The reason we chose Alert Logic over other vendors was for the managed services offering. This has been good for us most of the time, but with some challenges. The UI was well explained upon installation and was laid out in a logical fashion.

The UI has changed since we deployed this solution, and with no warning. It lacks the intuitive function that you would expect in a product at an enterprise level. This has been the biggest hurdle for us.