New AT&T Cybersecurity Managed Threat Detection and Response service

July 30, 2019 | Russ Spitler
X

Get the latest security news in your inbox.

Subscribe via Email

No thanks. Close this now.

GUI of malicious WinBox software shown after install

With access to more resources than ever before, cybercriminals are rapidly scaling their operations, making every organization a potential target for a cyberattack. And, they are constantly shifting their tactics to exploit new vulnerabilities and slip past perimeter-based controls undetected. Meanwhile, the longer a threat goes undetected in a network environment, the greater the potential for damage through a security breach, data loss, or business downtime and disruption. In fact, the Ponemon Institute reported that the average cost of a security breach increases by over $1 million for threats that dwell for 100 days or longer.

That’s why, in addition to advanced security protection and prevention controls, organizations need a way to continuously monitor what’s happening on their networks, cloud environments, and critical endpoints and to quickly identify and respond to potential threats. But, for many businesses, building an effective threat detection and incident response program is costly and challenging, especially given the industry’s shortage of skilled security professionals.

AT&T Managed Threat Detection and Response

With these challenges in mind, AT&T Cybersecurity is excited to introduce AT&T Managed Threat Detection and Response, a sophisticated managed detection and response service (MDR). The new service brings together people, process, and technology in a virtually seamless way to accelerate and simplify threat detection and response, helping organizations to detect and respond to advanced threats before they impact the business. AT&T Managed Threat Detection and Response builds on our 30 years of expertise in security operations, our award-winning unified security management (USM) platform for threat detection and response, and the unrivaled visibility and threat intelligence of AT&T Alien Labs. With advanced features like 24 x 7 proactive security monitoring, threat hunting, security orchestration, and automation in one turnkey solution, businesses can quickly establish or enhance their security program without the cost and complexity of building it themselves. 

“We couldn’t do the things that AT&T brings to us for four times the cost of what we’re paying now,” said Stephen Locke, CIO, NHS Management, LLC. “Even if we did, we wouldn’t have the same level of expertise and intelligence of what’s happening in the cybersecurity world.”

With AT&T Managed Threat Detection and Response, critical IT assets are monitored by one of the world’s most advanced security operations centers (SOC). The AT&T Threat Managed Detection and Response SOC has a dedicated team of trained security analysts who are solely focused on helping organizations to protect their business by hunting for and disrupting advanced threats around the clock. Our SOC analyst team not only handles daily security operations of monitoring and reviewing alarms to reduce false positives, but they conduct in-depth incident investigations.  These provide incident responders with rich threat context and recommendations for containment and remediation, helping security teams to respond quickly and efficiently. AT&T Cybersecurity SOC analysts can even initiate incident response actions, taking advantage of the built-in security orchestration and automation capabilities of the USM platform or even sending incident response specialists onsite if the situation requires. 

Stephen Locke added, “Adding AT&T Managed Detection and Threat Response reduced my risk and liability tremendously and that's a huge deal for an organization,” he said.    

Sets a new standard  for MDR services 

AT&T Managed Threat Detection and Response sets a new standard for an MDR service in many ways. Our SOC analyst team works to help maintain a strong security posture through proactive threat hunting activities using AT&T Alien Labs threat intelligence, regular vulnerability assessments, health checks, and by identifying public cloud configuration errors. This team can also support compliance reporting requirements using the pre-built reporting templates in the USM platform. With a focus on security advocacy, our analysts regularly review our customers’ security program to help identify gaps in their security posture and provide recommendations for improvement.  This close collaboration provides the foundation for a truly effective security program.

When a security incident arises, our SOC analyst team doesn’t just forward the alarm to the security team, but rather, they conduct in-depth incident investigations, providing incident responders with rich threat context and response recommendations, helping our customers to respond quickly and efficiently. Our analysts can even orchestrate and automate incident response actions on their behalf, taking advantage of the built-in security orchestration and automation capabilities of the USM platform and its AlienApps framework.  

Our native cloud USM platform enables security orchestration, automation and response (SOAR) with 300+ pre-built integrations in its AlienApps framework. As the platform extends and evolves to support additional AlienApp integrations, enterprises will continue to benefit.

AT&T Managed Threat Detection and Response is fueled with continuously updated threat intelligence from AT&T Alien Labs, ensuring that our customers’ defenses are able to detect emergent and evolving threats. AT&T Alien Labs, the threat intelligence unit of AT&T Cybersecurity, produces timely threat intelligence that is integrated directly into the USM platform in the form of correlation rules and other higher-order detections to automate threat hunting. 

With its combined technology, intelligence, and 24x7 expertise, AT&T Managed Threat Detection and Response can be deployed faster and for less than the cost of hiring an additional security analyst. The service is priced according to the total amount of events that are analyzed, so customers don’t have to worry about limitations by assets, environments, or number of employees in their organization. Instead, they can get the full threat coverage they need to protect critical data and systems with all of the built in technology (EDR agents, Network IDS, Cloud IDS, Vulnerability Scanning, Asset inventory, and log management) included in the simple price point. With unlimited user seats customers can tailor the experience to their team’s needs.

Visit us in booth #530 next week at Black Hat to learn more about AT&T Managed Threat Detection or visit us online.

Russ Spitler

About the Author: Russ Spitler

Russell Spitler brings over a decade of experience building products and startup companies that secure companies across the globe. Russ currently serves as the AVP of Products at AT&T Cybersecurity where he is responsible for cybersecurity product strategy and the execution of the cybersecurity product roadmap that has resulted in the acquisition of over 7,000 commercial customers and over 20,000 open source users during his tenure. Russ was also one of the founders and a driving force behind AlienVault's Open Threat Exchange- a crowd-sourced threat intelligence community with over 100,000 active users from more than 140 countries. His leadership and focus on practical and effective threat detection has helped establish AlienVault's open-source and commercial products as an undisputed industry leader. Prior to AT&T, Russell served in engineering and product management roles at Fortify Software. Russ was instrumental in developing and maturing the Fortify product suite that dominated the application security testing market earning the leadership position in the Gartner MQ for 11 straight years. Fortify's 750+ customers included all 10 of the world's 10 largest banks and all the major branches and agencies within the US DoD. Russell frequently contributes articles and quotes for major news outlets and regularly presents at industry conferences such as RSA, and BlackHat.

Read more posts from Russ Spitler ›

TAGS: mtdr

‹ BACK TO ALL BLOGS

Watch a Demo ›
Get Price Free Trial