Frequently Asked Questions

Account Management

• Can Alert Logic be configured for SAML via an Identity Provider?
• Can new users only be added to the Alert Logic console by Alert Logic?
• Does Alert Logic offer product training?
• How can I access the Threat Intelligence Center?
• How can I change who gets email notifications on escalated incidents?
• How do I log in to the Alert Logic mobile app?

See all 9 articles

Agents

• Are there benefits to using the Alert Logic agent vs. a SPAN configuration for Alert Logic MDR?
• Can agents white-list traffic?
• Can I delete a network in a data center deployment?
• Can the Alert Logic agent transport network traffic to the Alert Logic appliance on a customizable port?
• Does the Alert Logic agent require a reboot after installation?
• How can I install an Alert Logic agent on a Linux Auto Scaling Instance?

See all 14 articles

Amazon Web Services

• Can I be billed annually instead of monthly if I purchased my Alert Logic service through the AWS Marketplace?
• Do you need approval from Amazon Web Services to run vulnerability scans through Alert Logic?
• Does Alert Logic support AWS Security Hub?
• How do GuardDuty and Alert Logic work together to monitor my AWS environments?
• How do I cancel a subscription to an Alert Logic product in AWS Marketplace?
• How do I forward AWS VPC flow logs to an S3 bucket for collection?

See all 13 articles

API

• Can I utilize the public API for a legacy physical Threat Manager appliance?
• How can I access the Cloud Defender API with a PowerShell script using the Invoke-WebRequest command?
• How can I authenticate against the Cloud Defender API using my API key?
• How can I request an API key for my Cloud Defender account?
• What are the API endpoint URLs for each of the Cloud Defender data centers?
• Where can I find Alert Logic API documentation?

Appliances

• Does Alert Logic use two-factor authentication for SSH access to appliances?
• How are SSH keys and certificates stored on appliances?
• How do I wipe my appliance?
• How is the security of appliances assured?
• In the event that a virtual appliance is lost, how is recovery performed?
• What are Alert Logic’s standard HTTP/HTTPS ports?

See all 9 articles

Cloud Defender

• Does Alert Logic have Webhook functionality?
• What is an incident?

Cloud Insight

• Does Alert Logic scanning support excluding hosts from being scanned?
• Does Cloud Insight scan Docker's application containers?
• What happens when there are no /28 subnets available in the VPC I want to deploy scanning appliances in?
• What ports does Alert Logic check by default for EC2 configuration hardening checks?

Cloud Insight Essentials

• What additional roles and permissions are needed for vulnerability scanning?
• What is the difference between Cloud Insight and Cloud Insight Essentials?

Compliance

• Does Alert Logic offer File Integrity Monitoring?
• How does Alert Logic separate customer HIPAA data on the backend?
• Where can I access Alert Logic compliance information (SSAE, ISO, PCI DSS, GDPR)?

Containers

• How can I get more context on my Agent Container's assets if an incident is generated?
• What container orchestration tools does Alert Logic support?
• Why does the Alert Logic Container Agent require full privilege mode?

Customer Data

• How is customer data stored and protected?
• How is data from multiple IT environments aggregated?
• How is data stored within Alert Logic?
• What are Alert Logic’s data retention capabilities?
• Why doesn't the Alert Logic Scan Engine report SWEET32 on Apache servers?

Intelligent Response

• Intelligent Response Frequently Asked Questions

Log Management

• Are automated compliance reports a component of Alert Logic Log Management?
• Are there infrastructure requirements to facilitate the Alert Logic Log Management functionality?
• Can I add a custom report to the Log Review Service?
• Can you filter data while collecting logs?
• Can you mask log management data before it leaves the customer site?
• How are logs transported from a customer environment to Alert Logic data centers?

See all 21 articles

Network IDS

• Can I apply filters on network traffic?
• Do I need an Alert Logic appliance to collect threat traffic?
• How frequent and what size are the IDS signature updates that are sent to Alert Logic appliances?
• How long does Alert Logic keep event and incident data?
• What are the definitions of event classifications?
• What AWS instance types are supported by Alert Logic?

See all 13 articles

Reports and Dashboards

• How can I improve my Threat Risk Index score?

Scanning

• Can I include the same asset in multiple scan schedules?
• Can Threat Manager scan in Amazon Web Services environments?
• Does Alert Logic combine results from internal network and agent-based vulnerability scans?
• Does Alert Logic offer penetration testing?
• Does Alert Logic provide a Web Application Security scan?
• Does Alert Logic support vulnerability scanning without an appliance?

See all 24 articles

Web Application Firewall

• Can the Alert Logic WAF protect me from DoS and DDoS?
• How do I configure forward secrecy for the Alert Logic Web Application Firewall?
• How do I disable TLS 1.0 or earlier?
• How does Alert Logic assist with scrapers?
• How does Alert Logic handle expired SSL certificates?
• How does SSL mutual authentication work?

See all 13 articles