Protect against advanced threats

AT&T Cybersecurity exceeds standard market definitions for a Managed Detection and Response (MDR) service. Our unified solution combines our own technology platform, threat intelligence, and SOC expertise, helping you to protect your business 24x7 and at a starting price less than what it would take you to hire a single security analyst.

AT&T managed threat detection and response is built on our own Unified Security Management (USM) platform, which combines the essential security capabilities needed for effective threat detection and response in a single pane of glass. Key capabilities include asset discovery, vulnerability assessment, Network Intrusion Detection (NIDS), Endpoint Detection and Response (EDR), and SIEM event correlation and log management. In addition, through the platform’s AlienApps integration framework, the security monitoring and orchestration capabilities can extend to other security technologies, such as Palo Alto Networks® Next-Generation Firewall, giving you broad threat coverage for effective, early detection and rapid response.

In addition to continuous monitoring and incident investigation, our analyst team leads regular review calls with your security team to cover all investigations and incident response activities. Our analysts host regular meetings with your team to review service metrics related to our SLAs, and to review progress towards your security program objectives and may provide recommendations for improvements.

The solution continuously and automatically collects logs and other security-relevant information from your environments, centralizing data in the AT&T SOC’s highly secure cloud environment.

Raw and normalized event data are available for searching and reporting within the USM platform with a rolling 90 days of retention. Alarms and investigations are retained and accessible in the platform for 1 year. In addition to this searchable, online event data, all log data is stored in cold storage with a rolling 365 days of retention and the opportunity to extend your retention period for an additional fee. You may download your raw log data through the USM platform at any time.

Your log data is stored in a compliance-certified environment, which can help to streamline and accelerate your own compliance goals. The USM platform and Information Security Management System that governs our production environment have earned multiple compliance certifications by third-party assessors, including for PCI DSS, ISO 27001, SOC 2 Type 2, as well as attestations of HIPAA compliance and GDPR readiness.

Deployment is fast and simple, thanks to our high-touch service delivery model and a modern SaaS platform deployment model. Within 30 days of signing the contract, our SOC analysts can be monitoring your critical infrastructure and responding to threats according to your individualized Incident Response Plan.

Start your onboarding experience with an AT&T Cybersecurity consulting engagement. Our highly skilled consultants lead a threat model workshop to identify and guide deployment requirements and establish future security program objectives. Based on the in-depth analysis of your environment from our Cybersecurity Consultants, our SOC analysts are able to install, configure, and tune your USM platform deployment according to your requirements and integrate with other security technologies that are in scope of our AlienApps framework.

Going beyond the initial technology implementation, our analysts use this onboarding engagement as an opportunity to train and enable your security personnel on the platform and to develop a custom Incident Response Plan in collaboration with your incident response team.

AT&T managed threat detection and response helps to support your compliance and risk management goals in multiple ways. First, the USM platform combines multiple security capabilities that can help you to demonstrate compliance with many common technical requirements and controls defined in regulatory standards. For example, the platform can help you to address nearly 40 PCI DSS technical requirements. Second, as part of our threat modeling exercise, we address your specific compliance requirements and your security monitoring environment is tuned accordingly. For example, we can help you to create a HIPAA asset group that contains all assets that transmit, process, or store ePHI data. Third, your AT&T SOC analyst team can support your compliance reporting requirements as part of your audit readiness process using the pre-built and highly customizable reporting templates in the USM platform.

AT&T managed threat detection and response is priced according to the total amount of online, searchable events you retain (GB or TB) over a rolling 90-day window, so you don’t have to worry about limitations by assets, environments, or number of employees in your organization. Instead, you can get the full threat coverage you need to help protect your critical data and systems.