The Alert Logic Security Summary Report, sent to customers monthly via email, provides you with an executive-level view of product usage and security metadata driven by your Alert Logic subscriptions over the previous month. This report will continue to evolve, adding more value and perspective to increase visibility into your Alert Logic solutions.
Getting to Know the Security Summary Report
The Security Summary report includes a few main sections to provide insight into your subscription.
This section provides a breakdown of intrusion detection system (IDS) and log management traffic volumes and the outcomes associated with that traffic that have occurred during the reporting month. There are three subsections, described below.
Your Data Sources
- IDS Traffic – This is the amount of traffic that has passed through your IDS appliance(s) in MB, GB, or TB volumes.
- IDS Events – This is the volume of IDS events that have been generated. An event is an observable occurrence that may imply harm or potential compliance violation as detected by our IDS within your network environment.
- Log Sources – This is the number of hosts that are actively sending log data to Alert Logic within your deployments.
- Log Traffic – This is the amount of traffic that has passed through your log agent(s) or appliance(s) in MB, GB, or TB volumes.
- Log Messages – This is the number of log messages that have been sent from your agents or log appliances to Alert Logic for parsing, search, incident analysis, and storage.
Total Incidents Generated
This subsection displays the total count of security incidents generated. This number includes incidents of all classifications, from Low to Critical.
High & Critical Escalations
This subsection displays the total count of High and Critical security incidents that have been generated. These incidents require Alert Logic Security Analysts to notify customers using all provided means of contact information available, including an outbound phone call.
Average Time to Notification
This section calculates the average time it takes Alert Logic to send a notification once an incident has been generated. Knowing an intrusion exists is critical in reducing the dwell time of an incident. The faster an intrusion can be responded to, the lower its cost. Knowing on average how quickly you can respond to active threats helps to communicate your security posture.
Total Log Data Stored
This section displays the total volume of log data that is currently stored with Alert Logic. This data can be used for search, reporting, and incident analysis. The data amount is presented in MB, TB, GB, or PB format.
Security Industry News
Each monthly security summary report contains several articles of interest from both Alert Logic and other leading industry sites. Use this section to stay informed and up to date about trending security news, increase your understanding of noteworthy security topics, and identify ways in which Alert Logic is helping you improve your security posture.
Questions about this report?
If you have any questions about the data in this report or want to learn more about your Alert Logic subscription, please reach out to your MDR Concierge.