Alert Logic® Cloud Insight customers now have access to several enhancements in the Alert Logic console, including a new option to build on Amazon GuardDuty findings. In addition to the new GuardDuty integration, a new deployment option and several enhancements to streamline the console are available.
Note: The new GuardDuty integration is currently not operational for existing Cloud Insight customers with UK data residency; however, Alert Logic is working to make this functionality available for UK customers in the near future.
GuardDuty Integration (US Only)
Amazon GuardDuty is a new security monitoring service available to Amazon Web Services (AWS) customers. By enabling GuardDuty and installing the Alert Logic collector, you can build on the findings from GuardDuty with recommended remediations. With this new integration, Cloud Insight provides information on why, where, and how to respond to GuardDuty findings through new Incidents pages and reports in the Alert Logic console.
Note: For more information on GuardDuty, refer to the Introduction to Amazon GuardDuty knowledge base article.
These pages provide clear explanations of the findings, additional details about affected assets, such as tags and VPCs, and recommended responses prioritized by criticality. With the response recommendations provided by Alert Logic, you can see incident and exposure impact in a topology view of your assets. In addition, you can efficiently manage your incidents with an automated workflow to update them, track response tasks, and resolve them.
The first time you access the Incidents pages, a tutorial displays to help you navigate and understand them.
This tutorial can be accessed at any time by clicking the Tutorial link on the right side of the menu bar.
In addition to the new Incidents page, you can keep track of your incidents with new Amazon GuardDuty Incident reports.
For example, the Incident Daily Digest provides you with an easy-to-use daily summary of your Amazon GuardDuty findings, helping you track important statistics about the daily findings. For more information about the Incident Daily Digest, refer to the Utilizing the Incident Daily Digest knowledge base article.
This new feature is provided to you at no additional cost, allowing you to take full advantage of GuardDuty findings to locate areas in which you can improve your security.
Enhancements have been made throughout the Alert Logic console to improve navigation and accessibility.
Easily Switch Deployments
You can now switch between deployments on multiple screens throughout Cloud Insight. Previously, the Deployments page had to be accessed to switch between different deployments. Now, you can display data for different deployments on the Remediations page, various reports, the Topology page, and so on, without navigating back to the Deployments page.
Updated Navigation Menu
The navigation menu in Cloud Insight has been updated to include two-level navigation. Some items have been rearranged to help you more intuitively navigate the console. For example, the Dashboard and My Plan options from the previous menu are now located under Remediations in the updated menu. When you click Remediations, a second menu bar displays with options to access the Dashboard, the list of suggested remediations, your remediation plan, and your remediation history.
Note: For customers in the UK, new remediations regarding enabling Amazon GuardDuty and installing the Alert Logic collector can be dismissed, as this functionality is not yet available for UK data residency.
In addition, reports in Cloud Insight are now accessed through the top navigation menu. This new location for accessing reports makes it easier to locate reports and simplifies navigation to and from reports.
Consistent Access to Tutorials
When certain pages in Cloud Insight are accessed for the first time, a pop-up tutorial displays with details and tips about how to use the page. For example, each time a new deployment is added on the Deployments page, the Deployment tutorial displays. These tutorials can now be easily accessed at any time by clicking the Tutorial link on the right side of the menu bar.
In addition, when editing or adding a deployment, you will see a new lower tier service called Cloud Insight Essentials. While this option is available for new customers to start Cloud Insight at an introductory level, Alert Logic recommends that existing Cloud Insight customers always select the Cloud Insight service for any new deployments.
As an existing Cloud Insight customer, your entitlement level is already for Cloud Insight service, so selecting the Cloud Insight option will ensure you make full use of your entitlement.
For more information from AWS on Amazon GuardDuty, refer to the Amazon GuardDuty documentation page.