With access to more resources than ever before, cybercriminals are rapidly scaling their operations, making every organization a potential target for a cyberattack. And, they are constantly shifting their tactics to exploit new vulnerabilities and slip past perimeter-based controls undetected. Meanwhile, the longer a threat goes undetected in a network environment, the greater the potential for damage through a security breach, data loss, or business downtime and disruption. In fact, the Ponemon Institute reported that the average cost of a security breach increases by over $1 million for threats that dwell for 100 days or longer.

That’s why, in addition to advanced security protection and prevention controls, organizations need a way to continuously monitor what’s happening on their networks, cloud environments, and critical endpoints and to quickly identify and respond to potential threats. But, for many businesses, building an effective threat detection and incident response program is costly and challenging, especially given the industry’s shortage of skilled security professionals.

AT&T Managed Threat Detection and Response

With these challenges in mind, AT&T Cybersecurity is excited to introduce AT&T Managed Threat Detection and Response, a sophisticated managed detection and response service (MDR). The new service brings together people, process, and technology in a virtually seamless way to accelerate and simplify threat detection and response, helping organizations to detect and respond to advanced threats before they impact the business. AT&T Managed Threat Detection and Response builds on our 30 years of expertise in security operations, our award-winning unified security management (USM) platform for threat detection and response, and the unrivaled visibility and threat intelligence of AT&T Alien Labs. With advanced features like 24 x 7 proactive security monitoring, threat hunting, security orchestration, and automation in one turnkey solution, businesses can quickly establish or enhance their security program without the cost and complexity of building it themselves.

“We couldn’t do the things that AT&T brings to us for four times the cost of what we’re paying now,” said Stephen Locke, CIO, NHS Management, LLC. “Even if we did, we wouldn’t have the same level of expertise and intelligence of what’s happening in the cybersecurity world.”

With AT&T Managed Threat Detection and Response, critical IT assets are monitored by one of the world’s most advanced security operations centers (SOC). The AT&T Threat Managed Detection and Response SOC has a dedicated team of trained security analysts who are solely focused on helping organizations to protect their business by hunting for and disrupting advanced threats around the clock. Our SOC analyst team not only handles daily security operations of monitoring and reviewing alarms to reduce false positives, but they conduct in-depth incident investigations.  These provide incident responders with rich threat context and recommendations for containment and remediation, helping security teams to respond quickly and efficiently. AT&T Cybersecurity SOC analysts can even initiate incident response actions, taking advantage of the built-in security orchestration and automation capabilities of the USM platform or even sending incident response specialists onsite if the situation requires.

Stephen Locke added, “Adding AT&T Managed Detection and Threat Response reduced my risk and liability tremendously and that’s a huge deal for an organization,” he said.

Sets a new standard  for MDR services

AT&T Managed Threat Detection and Response sets a new standard for an MDR service in many ways. Our SOC analyst team works to help maintain a strong security posture through proactive threat hunting activities using AT&T Alien Labs threat intelligence, regular vulnerability assessments, health checks, and by identifying public cloud configuration errors. This team can also support compliance reporting requirements using the pre-built reporting templates in the USM platform. With a focus on security advocacy, our analysts regularly review our customers’ security program to help identify gaps in their security posture and provide recommendations for improvement.  This close collaboration provides the foundation for a truly effective security program.

When a security incident arises, our SOC analyst team doesn’t just forward the alarm to the security team, but rather, they conduct in-depth incident investigations, providing incident responders with rich threat context and response recommendations, helping our customers to respond quickly and efficiently. Our analysts can even orchestrate and automate incident response actions on their behalf, taking advantage of the built-in security orchestration and automation capabilities of the USM platform and its AlienApps framework.

Our native cloud USM platform enables security orchestration, automation and response (SOAR) with 300+ pre-built integrations in its AlienApps framework. As the platform extends and evolves to support additional AlienApp integrations, enterprises will continue to benefit.

AT&T Managed Threat Detection and Response is fueled with continuously updated threat intelligence from AT&T Alien Labs, ensuring that our customers’ defenses are able to detect emergent and evolving threats. AT&T Alien Labs, the threat intelligence unit of AT&T Cybersecurity, produces timely threat intelligence that is integrated directly into the USM platform in the form of correlation rules and other higher-order detections to automate threat hunting.

With its combined technology, intelligence, and 24×7 expertise, AT&T Managed Threat Detection and Response can be deployed faster and for less than the cost of hiring an additional security analyst. The service is priced according to the total amount of events that are analyzed, so customers don’t have to worry about limitations by assets, environments, or number of employees in their organization. Instead, they can get the full threat coverage they need to protect critical data and systems with all of the built in technology (EDR agents, Network IDS, Cloud IDS, Vulnerability Scanning, Asset inventory, and log management) included in the simple price point. With unlimited user seats customers can tailor the experience to their team’s needs.

Visit AT&T Cybersecurity in booth #530 next week at Black Hat to learn more about AT&T Managed Threat Detection or visit us online.