Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

Alert Logic Goes After Mid-Tier

Startup gets new funding to develop the on-demand security services market

You're responsible for security in a small or mid-sized company. You don't have a staff, a hardened perimeter, or a big budget for security equipment. And even if you had the money, you don't have the time to implement and monitor sophisticated security tools. So what do you do?

If your first answer was "pray," you may want to take a look at a startup company called Alert Logic Inc. , which offers security services targeted at small and medium business. The fledgling service provider, which received $5 million in second-round venture funding earlier today, has doubled its customer base in the last 12 months and is beginning to get some notice from both users and investors.

Alert Logic's business model is simple: Instead of asking enterprises to buy security gear and install it themselves, the startup deploys its own appliances on the customer premises and then offers monitoring and analysis services to help prevent internal and external attacks. The service starts at less than $1,000 a month -- less than a tenth of what an intrusion detection system can cost.

"There is a lot of great security technology out there, but unfortunately, most of it takes a lot of time and money to deploy and maintain," observes Chris Smith, director of marketing at Alert Logic. "There needs to be something for companies that don't have those resources."

For a monthly fee, Alert Logic installs its own appliances on the customer's network and passively monitors traffic to look for anomalies, malware, or attempted connections with known trouble sites, Smith explains. If the service provider detects a problem, a security analyst will either alert the customer or actively quarantine the threat, depending on what the customer chooses.

"We have some customers that don't want us to get involved in remediation -- they just want our help with monitoring," Smith says. "In other cases, they want us to do as much as possible."

The service-based model is a good one for the mid-tier market, which is underserved by security hardware and software vendors vying to penetrate the largest accounts, observers say.

"We look for companies with a sustainable competitive advantage, as well as a motivated management team, and Alert Logic excels in both areas," says Steve Coffey, managing director of Hunt Ventures, one of the primary investors in Alert Logic's new round of funding. "By successfully delivering IT network security on the software-as-a-service model, Alert Logic is able to protect mid-size companies at a fraction of the deployment time and total cost of traditional solutions."

DFJ Mercury, OCA Ventures, and Access Venture Partners are the other three venture companies investing in Alert Logic.

Alert Logic raised a little more than $2 million in its initial round of funding nine months ago, but business has been growing quickly, from about 50 customers in 2005 to more than 100 today. About half its revenue comes from hosting companies and managed services providers, such as CyrusOne, that bundle Alert Logic's offerings in with their own as an extra service, Smith says.

While Alert Logic will continue to court service provider partners, it also is working on a service that will help mid-sized companies conduct security audits and vulnerability assessment to aid in regulatory compliance efforts, Smith says. A new, compliance-oriented service is slated to be unveiled in about two weeks.

— Tim Wilson, Site Editor, Dark Reading

Tim Wilson is Editor in Chief and co-founder of Dark Reading.com, UBM Tech's online community for information security professionals. He is responsible for managing the site, assigning and editing content, and writing breaking news stories. Wilson has been recognized as one ... View Full Bio

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
Why Cyber-Risk Is a C-Suite Issue
Marc Wilczek, Digital Strategist & CIO Advisor,  11/12/2019
Unreasonable Security Best Practices vs. Good Risk Management
Jack Freund, Director, Risk Science at RiskLens,  11/13/2019
Breaches Are Inevitable, So Embrace the Chaos
Ariel Zeitlin, Chief Technology Officer & Co-Founder, Guardicore,  11/13/2019
Register for Dark Reading Newsletters
White Papers
Video
Cartoon Contest
Current Issue
Navigating the Deluge of Security Data
In this Tech Digest, Dark Reading shares the experiences of some top security practitioners as they navigate volumes of security data. We examine some examples of how enterprises can cull this data to find the clues they need.
Flash Poll
Rethinking Enterprise Data Defense
Rethinking Enterprise Data Defense
Frustrated with recurring intrusions and breaches, cybersecurity professionals are questioning some of the industrys conventional wisdom. Heres a look at what theyre thinking about.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2019-19010
PUBLISHED: 2019-11-16
Eval injection in the Math plugin of Limnoria (before 2019.11.09) and Supybot (through 2018-05-09) allows remote unprivileged attackers to disclose information or possibly have unspecified other impact via the calc and icalc IRC commands.
CVE-2019-16761
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the [email protected] npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. All versions >1.0...
CVE-2019-16762
PUBLISHED: 2019-11-15
A specially crafted Bitcoin script can cause a discrepancy between the specified SLP consensus rules and the validation result of the slpjs npm package. An attacker could create a specially crafted Bitcoin script in order to cause a hard-fork from the SLP consensus. Affected users can upgrade to any...
CVE-2019-13581
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A heap-based buffer overflow allows remote attackers to cause a denial of service or execute arbitrary ...
CVE-2019-13582
PUBLISHED: 2019-11-15
An issue was discovered in Marvell 88W8688 Wi-Fi firmware before version p52, as used on Tesla Model S/X vehicles manufactured before March 2018, via the Parrot Faurecia Automotive FC6050W module. A stack overflow could lead to denial of service or arbitrary code execution.