Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Alert Logic Goes After Mid-Tier

Startup gets new funding to develop the on-demand security services market

You're responsible for security in a small or mid-sized company. You don't have a staff, a hardened perimeter, or a big budget for security equipment. And even if you had the money, you don't have the time to implement and monitor sophisticated security tools. So what do you do?

If your first answer was "pray," you may want to take a look at a startup company called Alert Logic Inc. , which offers security services targeted at small and medium business. The fledgling service provider, which received $5 million in second-round venture funding earlier today, has doubled its customer base in the last 12 months and is beginning to get some notice from both users and investors.

Alert Logic's business model is simple: Instead of asking enterprises to buy security gear and install it themselves, the startup deploys its own appliances on the customer premises and then offers monitoring and analysis services to help prevent internal and external attacks. The service starts at less than $1,000 a month -- less than a tenth of what an intrusion detection system can cost.

"There is a lot of great security technology out there, but unfortunately, most of it takes a lot of time and money to deploy and maintain," observes Chris Smith, director of marketing at Alert Logic. "There needs to be something for companies that don't have those resources."

For a monthly fee, Alert Logic installs its own appliances on the customer's network and passively monitors traffic to look for anomalies, malware, or attempted connections with known trouble sites, Smith explains. If the service provider detects a problem, a security analyst will either alert the customer or actively quarantine the threat, depending on what the customer chooses.

"We have some customers that don't want us to get involved in remediation -- they just want our help with monitoring," Smith says. "In other cases, they want us to do as much as possible."

The service-based model is a good one for the mid-tier market, which is underserved by security hardware and software vendors vying to penetrate the largest accounts, observers say.

"We look for companies with a sustainable competitive advantage, as well as a motivated management team, and Alert Logic excels in both areas," says Steve Coffey, managing director of Hunt Ventures, one of the primary investors in Alert Logic's new round of funding. "By successfully delivering IT network security on the software-as-a-service model, Alert Logic is able to protect mid-size companies at a fraction of the deployment time and total cost of traditional solutions."

DFJ Mercury, OCA Ventures, and Access Venture Partners are the other three venture companies investing in Alert Logic.

Alert Logic raised a little more than $2 million in its initial round of funding nine months ago, but business has been growing quickly, from about 50 customers in 2005 to more than 100 today. About half its revenue comes from hosting companies and managed services providers, such as CyrusOne, that bundle Alert Logic's offerings in with their own as an extra service, Smith says.

While Alert Logic will continue to court service provider partners, it also is working on a service that will help mid-sized companies conduct security audits and vulnerability assessment to aid in regulatory compliance efforts, Smith says. A new, compliance-oriented service is slated to be unveiled in about two weeks.

— Tim Wilson, Site Editor, Dark Reading

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-4873
PUBLISHED: 2021-01-19
IBM Planning Analytics 2.0 could allow an attacker to obtain sensitive information due to an overly permissive CORS policy. IBM X-Force ID: 190836.
CVE-2020-4881
PUBLISHED: 2021-01-19
IBM Planning Analytics 2.0 could allow a remote attacker to obtain sensitive information, caused by the lack of server hostname verification for SSL/TLS communication. By sending a specially-crafted request, an attacker could exploit this vulnerability to obtain sensitive information. IBM X-Force ID...
CVE-2021-22498
PUBLISHED: 2021-01-19
XML External Entity Injection vulnerability in Micro Focus Application Lifecycle Management (Previously known as Quality Center) product. The vulnerability affects versions 12.x, 12.60 Patch 5 and earlier, 15.0.1 Patch 2 and earlier and 15.5. The vulnerability could be exploited to allow an XML Exte...
CVE-2021-25323
PUBLISHED: 2021-01-19
The default setting of MISP 2.4.136 did not enable the requirements (aka require_password_confirmation) to provide the previous password when changing a password.
CVE-2021-25324
PUBLISHED: 2021-01-19
MISP 2.4.136 has Stored XSS in the galaxy cluster view via a cluster name to app/View/GalaxyClusters/view.ctp.