Alert Logic
Cloud-native MDR pioneer delivering managed detection, response, and WAF services for hybrid environments
- Service
- MDR
- Response
- Investigate alerts
Best for
Cloud-native organizations on AWSUsually replaces
Separate SIEM, WAF, and vulnerability scanner subscriptionsCheck first
Enterprise tier requires a Professional license as a prerequisite, adding complexity to procurementCoverage
Covers
- Three-tier MDR platform (Essentials, Professional, Enterprise) scaling from visibility to full managed containment
- Managed Web Application Firewall (WAF) with 10,000+ out-of-box rules blocking application-layer threats on Day 1
- Cloud-native architecture with deep AWS, Azure, and GCP integrations built on a founding AWS partner relationship since 2011
Pros and limits
Works well
- Early AWS partner (since 2011) with AWS Level 1 MSSP Competency and deep native cloud integrations
- Managed WAF included as an add-on differentiates Alert Logic from most MDR competitors that lack application-layer protection
- Accessible tiered pricing model makes MDR attainable for mid-market and smaller organizations without enterprise budgets
Watch out for
- Proprietary cloud SIEM is not BYOT-friendly — organizations with existing Splunk or Sentinel investments may face data duplication
- User interface has drawn mixed reviews, with some customers noting navigation and reporting usability issues
- Ownership transitions (HelpSystems to Fortra, then LevelBlue acquisition in 2026) may create uncertainty for prospective buyers
Pricing
- Billing model
- Per-asset, Tiered, Custom
- Minimum contract
- 12 months
- Trial
- Available
- Onboarding
- 14-30 days
Three subscription tiers (Essentials, Professional, Enterprise) priced per protected host/node; one-time setup fee applies to some tiers; contact sales for a scoped quote
Connects with
- SIEM
- Alert Logic Cloud SIEM (proprietary)
- EDR / Endpoint
- CrowdStrike, SentinelOne, Carbon Black, Cisco Endpoint, Cylance, Sophos
- Cloud
- AWS, Azure, GCP
- Other
- AWS CloudTrail, AWS GuardDuty, AWS WAF, AWS Control Tower, Managed Web Application Firewall (WAF), Docker / Kubernetes container monitoring, AWS Fargate
Questions
How much does Alert Logic MDR cost?
Alert Logic prices its MDR service per protected host or node across three tiers — Essentials, Professional, and Enterprise. A one-time setup fee applies to some tiers. Exact pricing is not published; contact Alert Logic (now a LevelBlue company) for a scoped quote based on your environment size and service tier.
What is the difference between Alert Logic's Essentials, Professional, and Enterprise tiers?
MDR Essentials provides 24/7 asset visibility, vulnerability scanning, and endpoint detection. MDR Professional adds continuous threat detection, network IDS, log analytics, Intelligent Response SOAR, and a personal MDR Concierge. MDR Enterprise builds on Professional with SOC-reviewed endpoint incidents, managed containment, active threat hunting, a dedicated Enterprise Security Squad, and bi-weekly security reviews.
Is Alert Logic still part of Fortra?
In January 2026, LevelBlue announced a strategic partnership with Fortra that includes the acquisition of Alert Logic's managed MDR, XDR, and WAF services. Fortra remains a technology partner, but the managed services operations are transitioning to LevelBlue. Existing customers should contact their account team for continuity details.