Alert Logic® Web Security Manager is the passive, out-of-band web application IDS, while Alert Logic Web Security Manager Premier is the inline, preventative web application firewall (WAF). They use the same technology to identify malicious requests – negative security HTTP/HTTPS signatures for known attacks based on the OWASP Top 10 and a positive security model that uses a learning engine to create policies for known, valid input. Web Security Manager Premier provides active blocking of bad requests with a log of what has been blocked, whereas Web Security Manager identifies bad requests, which are aggregated and analyzed to generate incidents triaged through the Alert Logic ActiveWatch™ team.
Web Security Manager is deployed as a module with Alert Logic Threat Manager™ or Alert Logic Cloud Defender®, and traffic is handled via agent or span port.
Web Security Manager Premier is a standalone product that can be run in the cloud as a virtual machine or as a hardware appliance. Traffic is routed directly to the inline WAF in either a routed or reverse proxy mode.