Get Started with Subscriptions and Add-ons

Alert Logic Essentials, Alert Logic Professional, and Alert Logic Enterprise are subscriptions that provide different levels of vulnerability and threat management services and capabilities for your on-premise, public cloud, or hosted data centers.

The subscriptions are designed to be used together, because not all environments require the same level of threat management. The subscription level you select for an environment should align with the risk assessment for that environment.

Alert Logic subscription levels

During deployment creation, Alert Logic discovers the assets in your networks and allows you to select the desired subscription level for each individual network. You can use the Alert Logic console or an API to assign a subscribed level of protection, including "Unprotected," to any discovered network or asset. For more information, see Your First Deployment.

Alert Logic Essentials

An Essentials subscription provides vulnerability management for your protected assets through the following capabilities:

  • Asset discovery
  • Vulnerability and configuration visibility
  • Vulnerability remediation support
  • Threat Risk Index
  • Support Services - PCI scanning ASV support

Asset discovery

Discover and visualize assets in a deployment based on a recurring discovery process for on-premise data centers, hosted environments, public cloud environments, and container infrastructures.

Vulnerability and configuration visibility

Discover and visualize weaknesses in deployed assets and cloud configuration through internal network scans, external network scans, and PCI scans. You can prioritize the vulnerabilities to remediate based on various criteria.

Vulnerability remediation support

Alert Logic groups and prioritizes remediations based on greatest risk reduction impact (for example, proximity to internet gateways or proximity to databases). Remediations are designed to be highly actionable and drive a consistent approach to resolution.

You can use the Alert Logic console or Alert Logic APIs to mark a remediation as either completed or disposed. For more information, see Remediations.

Threat Risk Index

The Threat Risk Index (TRI) groups the discovered exposures in your deployments and helps pinpoint networks with highly vulnerable assets.

Alert Logic ranks vulnerabilities based on their vulnerability scores, their proximity to the internet, and whether an active exploit for the vulnerability is in the wild.

Support Services—PCI scanning ASV support

The Alert Logic Security Operations Center (SOC) helps with scan scheduling, interpretation of PCI accredited scan vendor results, and with working through the remediation and exception processes to reach scan PCI compliance.

Alert Logic Professional

A Professional subscription provides the coverage of an Essentials subscription, plus threat management capabilities that include:

  • Threat visibility
  • Log management, storage, and search
  • Security incident management and response support
  • Compliance readiness

Threat visibility

Network IDS, incident detection and generation, and log collection and log analytics provide detection of active threats in your environments.

Log management, storage and search

Alert Logic leverages log sources for threat detection. Logs can provide additional information and support for incident response efforts, for operational support, and for compliance efforts.

Alert Logic supports the following log collection methods:

  • Windows event log collection
  • Syslog-based log collection
  • Cloud-specific API based log collection
  • Flat-file log collection

For more information about log sources and log collection, see Configure Log Sources and Log Management: Collection schedules.

Security incident management and response support

The SOC provides 24x7 support for incident triage, assessment, escalation, and response support.

The Incidents page in the Alert Logic console displays information about incidents, and how to use that information to manage and close incidents to secure your environments. For more information, see Incidents.

Compliance readiness

Professional embedded security capabilities help to meet key compliance mandates and support compliance audit processes.

Alert Logic Enterprise add-ons

An Enterprise subscription provides the coverage of the Essentials and Professional subscriptions, plus the following add-ons:

  • Managed WAF add-on for deeper protection against web attacks
  • ActiveWatch Enterprise service add-on, with an analyst providing technical account management, weekly security posture review, and controlled hunting activities on your behalf