Alert Logic CEO: will enhance security monitoring and correlation capabilities

Infotech Lead America:
More than 2,000 enterprise customers trust Alert Logic to secure and protect their digital information. Its security-as-a-Service model is built on a platform that fully integrates our software solutions, security operations and its research team.

Alert Logic has been able to grow revenue and customers by 50 percent annual rate over the last 5 years. It ended 2012 as a $37 million business.

Alert Logic CEO Gray Hall in an online interview with says the company  will enhance advanced security monitoring and correlation capabilities in coming months.

Security has been the topmost concern preventing cloud adoption. Is the scenario changed now?

Surveys from leading analyst groups continue to show security is a top concern for enterprises considering adopting cloud infrastructure. However, our cloud partners are all growing rapidly by continuing to win more and more large enterprise customers and business critical workloads. Security concerns drive many companies to begin their cloud adoption strategy by building out private clouds, setting the stage for future adoption of public clouds. So the tide is certainly turning, but until security vendors and cloud providers effectively partner to deliver a broader suite of security services, security concerns will continue to hinder cloud adoption.

What is Alert Logic’s contribution to ensure cloud security? How many enterprises are leveraging your service to improve cloud security?

Cloud security can be a somewhat ambiguous term. For some it means delivering security from the cloud using a SaaS delivery model to secure customer environments, for others it means security solutions that secure infrastructure in the cloud. Alert Logic is relatively unique in that we fit in both categories. We use a SaaS delivery model to secure customer infrastructure in cloud environments such as Amazon Web Services and Rackspace. We have over 2,000 customers today, 80 percent of whom have their IT infrastructure in the cloud.

Do you offer security solutions to support BYOD?

Alert Logic solutions focus on securing infrastructure that typically resides in the datacenter or in hosted cloud environments. This typically includes Web applications, databases, server operating systems and the networks that connect them. As a result, we put a strong set of defenses around that infrastructure making it more resilient to attacks that may find their way onto corporate networks through BYOD initiatives.

What are the latest challenges in enterprise security? Is enterprise IT prepared to address the new challenges?

Web application attacks continue to be a significant threat vector for enterprises. As we continue to find in our ongoing analysis captured in the Alert Logic State of Cloud Security Report, as more critical data is accessible through Web applications, attacks on Web apps can be a significant source of breaches. While many organizations assume they can patch and securely code their way around vulnerabilities in their Web applications, most quickly find that they are rapidly outpaced by the sophistication of hackers. Organizations should look for active defenses to proactively defend against Web application attacks rather than reactively patching and fixing security holes in their Web apps.

Web security is critical for businesses that deliver products/services online. What are the latest and most challenging threats pervading the Web?

We continue to see sophisticated attacks getting automated by hackers making even the most advanced attack techniques available to fairly junior hackers. In fact, we found that almost half of the web application attacks that hit our customers came from a single and freely available hacker tool called Havij, which uses various forms of a SQL injection attack to breach data in databases that sit behind web applications. Worse yet, we found that the vast majority of those attacks were successful in compromising data.

Any estimate on how much dollars businesses lose to Web-based security threats?

It’s hard to say as the loss to businesses comes from a combination of fines and disclosure costs when breaches occur. What is clear is that the vast majority of the loss comes from consumers taking their business elsewhere after a company experiences and reports a breach. The combination of these factors is easily a multi-billion dollar impact.

How do you help your customers proactively address security issues?

Alert Logic provides Security-as-a-Service solutions to protect cloud-enabled IT infrastructure. This means we provide a suite of security services that helps customers detect attacks in progress and prevents breaches of data, all the while helping them to comply with relevant data privacy mandates. By combining SaaS solutions with security monitoring services from our security operations center, which is staffed by certified analysts, Alert Logic delivers security outcomes rather than leaving the customer holding the bag trying to integrate numerous point solutions and staff the required expertise to make sense of it.

Any new technologies in pipeline?

We just announced a major release of our Log Manager offering, which provides cloud-based log archival, analysis and alerting capabilities. With our 3rd generation release of Log Manager, we now support petabytes of customer log data. Our customers benefit from faster and more intuitive search capabilities than they can find anywhere else. In the upcoming months, you can expect to see more advanced security monitoring and correlation capabilities as we continue to build out our security intelligence platform.

[email protected]