Dark Reading is part of the Informa Tech Division of Informa PLC

This site is operated by a business or businesses owned by Informa PLC and all copyright resides with them.Informa PLC's registered office is 5 Howick Place, London SW1P 1WG. Registered in England and Wales. Number 8860726.

Attacks/Breaches

8/13/2012
04:04 PM
Dark Reading
Dark Reading
Products and Releases
50%
50%

Alert Logic Launches First Security-As-A-Service Web Application Firewall Solution

Alert Logic Web Security Manager with ActiveWatch includes firewall protection and blocking capabilities

HOUSTON, TX – August 7, 2012 – Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, today announced general availability of Alert Logic Web Security Manager with ActiveWatch to protect web applications against the most common threats and attacks. The solution combines industry-leading web application firewall (WAF) technology with advanced managed security services from Alert Logic’s Security Operations Center, addressing the operational challenges associated with legacy WAF solutions which have hindered broad adoption of this important security control.

“Web application firewalls are powerful tools for protecting custom web applications, however, often there isn't free staff or rack space to bring the WAF on premise,” said Gartner Analyst Greg Young. “A managed as-a-service WAF offering can jump these hurdles.”

Although WAFs are designed to address web attacks, the technology is highly resource intensive. The varying demands of different web applications require continuous management to properly block attacks while allowing legitimate traffic. Failure to implement the expert tuning can cause WAFs to disrupt legitimate traffic and impact the availability of web applications, or get tuned to a level that delivers virtually no security against real-world threats. As a result, WAF users often fail to realize the benefits of the technology despite significant investments of money and time.

Web Security Manager with ActiveWatch is the first web application firewall architected as an integrated Security-as-a-Service solution, delivering both critical web protection and cost-effective management. Web Security Manager with ActiveWatch offers customers:

· State-of-the-art firewall protection and blocking capabilities delivered using a combination of positive and negative security techniques deployed without web application downtime

· Strong baseline protection including coverage for OWASP Top Ten, a well-acknowledged testing standard for compliance mandates, including PCI DSS 6.6

· Flexible deployment options with reference architectures for on-premise, in hosted environments, or in the cloud deployments through a range of physical, virtual and high-availability options.

· Managed security service from Alert Logic’s Security Operations Center (SOC) to ensure that the WAF is always on and performing optimally.

· Better value with minimal upfront costs and a highly competitive monthly pricing model.

“Delivering a fully managed WAF solution was an imperative for Alert Logic. Given the growing volume of web application attacks observed in our enterprise customer base and the undeniable demand for additional security solutions from our partners, the signals couldn’t be clearer,” said Gray Hall, president and CEO of Alert Logic. “The launch of Web Security Manager with ActiveWatch builds on our proven business model to expand the portfolio of cost-effective solutions for safe, secure and compliant computing.”

Alert Logic’s SOC brings proven expertise to better manage WAFs Through ActiveWatch, Alert Logic’s state-of-the-art Security Operation Center provides around-the-clock monitoring, rapid detection and response to better manage WAFs, removing the costly burden from in-house IT. Further, Alert Logic’s Security Research Team leverages rich visibility and historical data from over 1,800 customers to isolate trends in the global threat landscape to improve the effectiveness of Web Security Manager through automatic deployment of new security rules and signatures.

Customers and Partners recognize WSM benefits

"We’ve had a very successful partnership with Alert Logic and are looking forward to the seamless integration of Web Security Manager into our portfolio of hosting and managed service solutions,” said Tim Varma, VP of Product Development, PEER 1 Hosting. “Web Security Manager represents a significant security advancement and reinforces that managed hosting and cloud deployments are safe and viable options for companies interested in moving their infrastructure. We anticipate the product will become a complementary addition to our e-commerce and PCI solutions.”

Product Availability

The new Web Security Manager with ActiveWatch is now generally available from Alert Logic. For more information, contact Alert Logic at 877.484.8383 or [email protected]

Additional Resources Available:

Blog

Twitter

LinkedIn

Product Web Page

About Alert Logic Alert Logic, the leading provider of Security-as-a-Service solutions for the cloud, provides solutions to secure the application and infrastructure stack. By integrating advanced security tools with 24×7 Security Operations Center expertise, customers can defend against security threats and address compliance mandates. By leveraging an “as-a-Service” delivery model, Alert Logic solutions include day-to-day management of security infrastructure, security experts translating complex data into actionable insight, and flexible deployment options to address customer security needs in any computing environment. Built from the ground up to address the unique challenges of public and private cloud environments, Alert Logic partners with over half of the largest cloud and hosting service providers to provide Security-as-a-Service solutions for business application deployments for over 1,800 enterprises. Alert Logic is based in Houston, Texas, and was founded in 2002. For more information, please visit www.alertlogic.com.

Comment  | 
Print  | 
More Insights
Comments
Newest First  |  Oldest First  |  Threaded View
US Capitol Attack a Wake-up Call for the Integration of Physical & IT Security
Seth Rosenblatt, Contributing Writer,  1/11/2021
More SolarWinds Attack Details Emerge
Kelly Jackson Higgins, Executive Editor at Dark Reading,  1/12/2021
Vulnerability Management Has a Data Problem
Tal Morgenstern, Co-Founder & Chief Product Officer, Vulcan Cyber,  1/14/2021
Register for Dark Reading Newsletters
White Papers
Video
Cartoon
Current Issue
2020: The Year in Security
Download this Tech Digest for a look at the biggest security stories that - so far - have shaped a very strange and stressful year.
Flash Poll
Assessing Cybersecurity Risk in Today's Enterprises
Assessing Cybersecurity Risk in Today's Enterprises
COVID-19 has created a new IT paradigm in the enterprise -- and a new level of cybersecurity risk. This report offers a look at how enterprises are assessing and managing cyber-risk under the new normal.
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2020-7343
PUBLISHED: 2021-01-18
Missing Authorization vulnerability in McAfee Agent (MA) for Windows prior to 5.7.1 allows local users to block McAfee product updates by manipulating a directory used by MA for temporary files. The product would continue to function with out-of-date detection files.
CVE-2020-28476
PUBLISHED: 2021-01-18
All versions of package tornado are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with default configura...
CVE-2020-28473
PUBLISHED: 2021-01-18
The package bottle from 0 and before 0.12.19 are vulnerable to Web Cache Poisoning by using a vector called parameter cloaking. When the attacker can separate query parameters using a semicolon (;), they can cause a difference in the interpretation of the request between the proxy (running with defa...
CVE-2021-25173
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory allocation with excessive size vulnerability exists when reading malformed DGN files, which allows attackers to cause a crash, potentially enabling denial of service (crash, exit, or restart).
CVE-2021-25174
PUBLISHED: 2021-01-18
An issue was discovered in Open Design Alliance Drawings SDK before 2021.12. A memory corruption vulnerability exists when reading malformed DGN files. It can allow attackers to cause a crash, potentially enabling denial of service (Crash, Exit, or Restart).