AT&T Cybersecurity introduced a managed detection and response service, AT&T Managed Threat Detection and Response, which is intended to improve threat detection and response for businesses.
AT&T's new managed detection and response (MDR) service brings 24/7 security monitoring, security orchestration and automated incident response to enable organizations to continuously monitor networks and reduce risk.
Combining its Unified Security Management (USM) platform and the visibility and threat intelligence of Alien Labs, the vendor claimed AT&T Managed Threat Detection and Response is a simple and cost-effective alternative to other security programs.
According to the Ponemon Institute's 2017 Cost of a Data Breach Study, it takes an average of 191 days to identify a data breach and another 66 days to contain it. The longer it takes to identify and contain a breach, the more expensive it becomes. The report found if a breach goes undetected for over 100 days, the average cost increases over $1 million, from $2.8 million under 100 days to $3.83 million.
With the AT&T Managed Threat Detection and Response service, a security operations center (SOC) team handles daily security operations, such as monitoring and reviewing alarms to reduce false positives, as well as conducts in-depth incident investigations to provide threat context. The SOC analyst team also conducts regular vulnerability assessments and health checks, and it identifies public cloud configuration errors to maintain a strong security posture.
The SOC team also supports security compliance reporting requirements with the native cloud USM platform's built-in templates. The USM platform also enables security orchestration, automation and response, with over 300 built-in integrations in the AlienApps framework.
AT&T Managed Threat Detection and Response is continuously updated with threat intelligence from AT&T Alien Labs, the threat intelligence unit of AT&T Cybersecurity. Alien Labs directs threat intelligence directly into the USM platform through correlation rules and high-order detections that automate the threat detection process.
The AT&T MDR service is priced according to number of events analyzed and includes built-in technology such as endpoint detection and response agents, network intrusion detection system, cloud intrusion detection system, vulnerability scanning, asset inventory and log management.
In August of 2018, AT&T acquired security vendor AlienVault for its threat intelligence and analytics capabilities to form a new division, AT&T Cybersecurity. The vendor anticipates its USM platform will expand and evolve to support more AlienApps integrations and bring a wider variety of security offerings to users.