Alert Logic takes aim at security threats

Start-up Alert Logic this week makes its debut with a security service based on its security appliance, which is installed at LAN segments within a corporate network and can help customers monitor for and set up automated responses to security threats.

Alert Logic's Invision Security service provides intrusion detection, network discovery, vulnerability assessment and a way to automate response to events such as a computer worm by shutting down switch or firewall ports. The port-blocking methods used by the security appliance are similar to services offered by Mirage Networks and Cisco MARS equipment.

Customers can get a Web-based view into the status of their network after security-related data generated by the appliance is processed in Alert Logic's center in Houston. Alert Logic also can provide round-the-clock monitoring with its own security staff on an outsourced basis to customers.

To continue reading, register here and become an Insider. You'll get free access to premium content from CIO, Computerworld, CSO, InfoWorld, and Network World. See more Insider content or sign in.

Start-up Alert Logic this week makes its debut with a security service based on its security appliance, which is installed at LAN segments within a corporate network and can help customers monitor for and set up automated responses to security threats.

Alert Logic's Invision Security service provides intrusion detection, network discovery, vulnerability assessment and a way to automate response to events such as a computer worm by shutting down switch or firewall ports. The port-blocking methods used by the security appliance are similar to services offered by Mirage Networks and Cisco MARS equipment.

Customers can get a Web-based view into the status of their network after security-related data generated by the appliance is processed in Alert Logic's center in Houston. Alert Logic also can provide round-the-clock monitoring with its own security staff on an outsourced basis to customers.

Allied Home Mortgage Capital Corp., the Houston-based mortgage provider with 700 offices, has been an early adopter of Alert Logic's Invision Security service for more than a year, relying on it for monitoring LAN segments.

"We have millions of customer files on our network," says David Langston, CIO at the mortgage firm. "We have public customers and internal users, and anybody could be a source of an attack."

Langston says Alert Logic's service has been reliable and reports virtually no false positives via the sensors. This reliability has encouraged him to explore automating some event response, such as allowing Invision to shut down LAN ports during a detected worm outbreak.

This automated response is still in the testing phase.

The Invision appliance isn't in-line equipment but works like a traditional intrusion-detection system by mirroring traffic to analyze it, based on a threat-modeling, ranking and remediation model developed at Alert Logic, says Misha Govshteyn, co-founder and CEO of the company.

Govshteyn and Matthew Harkrider, director of operations, founded the company in 2002 after working together at Houston-based Reliant Energy Communications, the energy company's arm for providing Web-hosting and telecom services to businesses.

At Reliant, Govshteyn, then director of managed services, and Harkrider, the unit's senior project manager, gained experience in learning about security requirements corporate customers had in monitoring their networks against attack. Three years ago, the two established their own brand of managed security services, picking up venture-capital backing.

The Invision Security service, which includes the appliance, starts at $350 per month, with monitoring via the ActiveWatch service starting at an additional $275 per month.

Read more about security in Network World's Security section.