One pain point we have, for example, is if the search keyword is related inside an XML, we will get an XML. If it is a normal log, however, you will get a null pointer exception or something, and we don't get the complete trace. We will just get a few lines only. It would be ideal if we could get a complete trace. There just needs to be more transparency around error tracing. 

We'd like to have triggered alerts sent to us so we see errors quicker.

As a corporation, your responsibility is to address the reported issues, and Alert Logic did its job in this regard. A product such as Alert Logic provides you with the necessary information, and the effort behind it is to have a process in place that allows you to fix the reported issues. Although the solution does not have many features, it shows you what is wrong in various categories, and it is up to you to go and fix it. You can then mark it as complete or incomplete or leave a comment. No additional features are required for the solution to serve its intended purpose. As a user involved with the user interface, I believe there is a need to continue improving it based on feedback from our customers.

My main issue with them was the constant need for meetings to discuss developing the API model we needed. It felt like we were always in and out of meetings trying to figure it out. It would be great if they could create a more user-friendly experience, like a drag-and-drop interface or a website builder, where clients could build their own API without needing access to the back end.

Let me choose the specific tools I want to use and be able to set a price for each of them. Maybe I don't need the entire package in my environment, but I really just want the IDS/IPS. I don't like Splunk or one of the other providers, like Rapid7, who don't work well for me in my environment. So, I suggest having packages for small to medium-sized businesses, even if the primary focus is on larger companies.

Its menu is not very intuitive. I would like to see the user menu expanded a bit. The user menu is very layered, and because of the layers, you have to go down a path that is not very intuitive.

It would be great to see more of an endpoint protector. I'd also like to be able to send commands to firewalls which is something the old UI had but the new one does not. For example, if I wanted to block an attack I used to be able to send a command to the firewall but that is no longer possible. 

I would like more data on the alert payload. It would be good to have the ability to customize the alert payload to add whatever data that we want on there. Right now, it is a bit limited.

Alert Logic should also develop an EDR that is natively integrated into their solution. Currently, a client must buy another EDR solution like SentinelOne, CrowdStrike, or Sophos. I think Alert Logic is developing this. A built-in email with AI security could also be developed and integrated into their holistic MDR platform.

They have ideas and email you whatever they find, but they don't have a dedicated security team who will work on an attack or a specific security instance.

As an MSP, it is better if we can hand off the security stuff over to a third-party or some other dedicated security people, and we can just focus on AWS-related products and improving our infrastructure.

This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not.

I would like to see it do initial scans and start capturing data, which it will truly analyze, not just be a reporting system saying, "Here is an email. Here is an email. Here is an email." Thus, I can get 5000 emails, and if you get 5000 emails in ten minutes, you have no emails because they are no good. All they are doing is filling up your inbox. If one good email comes out of those 5000, you miss it. This might be on us as far the configuration, but then this goes back to the compute side in the cloud where they should be able to identify, "We have a lot of user lockouts." 

They should be able to go into their code, making this an automated process, not manual. They should use smart technology, not just put a box together, and say, "Go get the information."

The product is not ready to be put into our AWS environment because we have SAP. We're already having some issues, not related to AWS or Alert Logic. We have our own issues it that we are trying to iron out. Since the Alert Logic hardware is not helping us anyway, moving it to the cloud as software, would not really make a difference for us. 

This product needs to mature more. While it is a good product, there are some areas where it needs work. If this is a cloud service, I shouldn't have to tell them how to develop analytics to tell me this is what is going on. They should be able to do it. Over time, their own system should be able to identify, "This is something that is a continuous thing with a particular user or company." Or, I should be able to click on it being able to "ignore" it, dropping it completely. It should be smarter than what it is, and it is not.

The documentation, especially with the initial setup, needs improvement.