AT&T Cybersecurity Services

PDF version of this report
You must have Adobe Acrobat reader to view, save, or print PDF files. The
reader is available for free

AT&T Cybersecurity Services

by Faulkner Staff

Docid: 00021100

Publication Date: 2007

Report Type: PRODUCT


AT&T offers an extensive portfolio of cybersecurity services for
large businesses and enterprises. The acquisition of AlienVault has given
AT&T a boost with the Unified Security Management platform. This
report takes a look at the realm of cybersecurity offerings provided by

Report Contents


Name: AT&T
208 South Akard Street
Dallas, TX 75202-2233
Tel: (210) 821-4105
Founded: 1984
Stock Symbol: T


[return to top of

With information security professionals in short supply – and demanding
top dollar – many enterprises are turning to outsourcing to satisfy their
security needs, entrusting the integrity of their information
infrastructure and business information to a managed security services

With the 2018 acquisition of AlienVault, AT&T added the unified
security management platform and threat intelligence capabilities to its
portfolio of cybersecurity products. AlienVault’s president and CEO Barmak
Meftah was named president of AT&T Cybersecurity Solutions. Regarding
the combination of AT&T and AlienVault, Meftah said, “Together we have
the opportunity to simplify a complex problem and automate how many
customers tackle their cybersecurity needs. We will combine our phenomenal
threat detection, incident response, and compliance security platform with
AT&T’s managed security capabilities, making near real-time threat
information actionable and achievable.”

In February 2019, AT&T announced that it would combine the
AlienVault, AT&T Cybersecurity Consulting, AT&T Managed Security
Services divisions into one unit called AT&T Cybersecurity. 

AT&T breaks down its cybersecurity portfolio into a three-pronged

  • Assess and plan – Consists of products and services
    that determine the best possible security solution and the planning
    tools needed to put such plan in place. 
  • Detect and protect – Delivers offerings that filter
    and analyze traffic and identify and block threats. 
  • Respond and recover – Provides the resources needed
    to act on threat and minimize harm. 

Related Faulkner Reports
Dell SecureWorks Managed
Security Services Product Profile
IBM Managed Security
Services Product Profile
Verizon Enterprise Security
Services Product Profile


[return to top of

Table 1 outlines the features of the products and services within
AT&T’s cybersecurity portfolio. 

Table 1. Major Offerings for AT&T Cybersecurity Services
Objectives Products and Features
Cyber Strategy and Risk
Strategy and Roadmap Planning
– AT&T conducts a needs assessment and draws up a framework
after careful analysis of an organization’s goals and current
parameters. Key activities include: 

  • Analysis and Framework Establishment
  • Risk Assessment and Analysis
  • Strategy and Roadmap Development
  • Aligning business objectives and IT needs
  • Analysis of security requirements
  • Best practices and industry standards utilization
  • Identification of controls and remediation processes

Compliance Consulting – AT&T has security
governance programs in place to help companies meet regulatory
compliance. Plans include: 

  • Governance, risk and compliance (GRC) services
  • Payment Card Industry (PCI) compliance solutions

Vulnerability Scanning – Avoiding and
deflecting threats are the basis for the vulnerability scanning
service. This offering comprises a Web portal for viewing scan
results; testing of Web applications; customer-tailored risk
ratings; and reporting capabilities. 

Cybersecurity Rating – Since an organization’s
security posture changes quickly, AT&T determines the most
up-to-date threats to measure their impact against the network

Penetration Testing. Tests how security holds
up to real-world scenarios while working towards compliance.

Risk Based Cyber Posture Assessment. Allows
for a quick assessment and make plans to address gaps.

Cybersecurity IQ Testing. Allows for the
measuring and assessment of an organization’s cybersecurity

Detect and Protect AlienVault USM Anywhere
– AlienVault Unified Security Management is a SaaS security
monitoring offering that centralizes threat detection, incident
response, and compliance management across the cloud, hybrid
environments, and on-premise locations. It offers automated log
collection, continuous threat intelligence, and automates with
third-party tools. 

AT&T Threat Manager – AT&T delivers
monitoring and visibility across an organization’s entire
network. It consists of: 

  • Security information and event management
  • Log management
  • Applied threat intelligence
  • AT&T Security Operations Center analysts

Incident Response and Forensics – In the event
of a breach or some other type of cybersecurity incident,
AT&T can lead the investigation or support an organization’s
own IT security team. Prior to and after a breach, AT&T can
be tapped to provide services. These include: 

  • Incident Response Retainer Services
  • Data Breach Simulations
  • Incident Response and Forensics Program Development
  • Forensics and Electronic Discovery
  • Breach Investigation
  • PCI Qualified Incident Response Assessors 
Network Security
Intrusion Detection and
– Screens data packets throughout the
network and triggers alerts, drops packets, or blocks traffic
whenever a suspicious packet is detected. 

Network-Based Firewall – Monitors bandwidth
usage and address security related compliance problems. Firewall
services are configured based upon an organization’s specific
security policies. 

Premises-Based Firewall – Consists of a fully
managed firewall, complete with software and hardware
components, to deliver network monitoring capabilities.
Organizations can choose from firewall systems from Check Point
Software, Fortinet, Palo Alto Networks, Cisco, and Juniper

DDoS Defense – Delivers cloud-based monitoring
of distributed denial-of-service attacks through in-depth
analysis of traffic. It identifies malicious traffic that is
sent to scrubbing facilities for blocking purposes. 

Secure Email Gateway – Deflects spam, malware,
ransomware, phishing attacks, and more to keep inbound and
outbound email protected. 

Cloud Web Security Service – Provides content
filtering and Web protection to protect devices and users have
multiple connectivity options to access the network
infrastructure. An encrypted tunnel delivers protection from
location/device to cloud services. 

Token Authentication – Secures access across a
variety of customer applications with two-factor authentication
and multiple token authenticators while supporting multiple
platforms including iOS, Android, Windows Mobile, and

Enhanced Cybersecurity Service – Features
email filtering, domain name system sinkhole security, and user
access management to prevent threats from invading the

Additional Offerings  – AT&T has
teamed up with third-party vendors to offer alternative security
products to safeguard networks. These include: 

  • Symantec Endpoint Protection
  • Norton Security for Professionals
  • Lookout Mobile Endpoint Security
  • IBM MaaS360
  • MobileIron for Core and MobileIron for Cloud
  • VMware Workspace One-Cloud and VMware Workspace One-On
Endpoint Security VMWare Workspace ONE(R) –  An enterprise
management platform that allows IT administrators to control
mobile devices, cloud-hosted virtual desktops, and applications.
It is available as a cloud or on premises offering.

IBM MaaS360 – Integrates mobile management with
IT tools to create mobile apps at scale to furnish organizations
with the capabilities they need to provide comprehensive security
across devices, apps, content, and users.

MobileIron – Helps organizations harness the
secure mobility and improved device compliance, allowing
organizations to manage and monitor endpoints, apps, and content.

Lookout Mobile Endpoint Security. Designed to
mitigate risk through Lookout’s analysis and reporting features;
privacy controls; and integration with SIEM systems via the Mobile
Risk API, including Splunk, ArcSight, and QRadar.



[return to top of

AT&T’s solutions for cybersecurity are intended to be deployable,
scalable, and adaptable to most environments. 

Major Competitors

[return to top of

  • IBM
  • Cisco
  • Secureworks
  • Symantec
  • Verizon Enterprise
  • Trustwave
  • Sophos


[return to top of

AT&T has demonstrated its commitment to security with the acquisition
of AlienVault, which gives it the Unified Security Management platform.
The USM platform combines threat detection, incident response, and
compliance capabilities. AT&T has combined AlienVault’s capabilities
and intelligence within its own portfolio to further safeguard

In the wake of recent and wide-reaching data breaches, including the
Equifax, Office of Personnel Management, Marriott, Yahoo, and others,
companies of all sizes are discovering that protecting their data isn’t
just a task that can be put off and completed at a later date. Many
breaches aren’t discovered for months or even years, long after data has
been compromised and stolen. In a February 2019 report, Risk Based
Security revealed that there were 6,515 disclosed data compromises in 2018
– over five billion records in total were compromised. The number of
breaches decreased slightly about one-third from 2017. However five
billion records is still a large number and RBS determined that it took an
average of 49.6 days to report a breach following its discovery.

Ransomware attacks, cryptocurrency mining, phishing attacks, and other
threats can result in millions of dollars in losses. A March 2019
ransomware attack on Norwegian aluminum provider Norsk Hydro topped $40
million in one week . It’s unclear how much more money this one
breach will cost the company. Although organizations are warned by law
enforcement not to pay the ransoms on these styles of attacks, some
companies figure it’s cheaper to pay up than to try and recover locked
files. However, paying a ransom does not mean that the cybercriminals will
decrypt the files and return them. In the past, many companies found it
difficult to justify the funds needed for cybersecurity services when it
seemed unlikely that a cyber attack or breach would occur. Nowadays, the
likelihood of a cyber threat causing massive damage is great thanks to
unpatched software, employees falling for business email compromise scams,
and the use of weak passwords. This is where AT&T comes in. Its
cybersecurity services help companies find their weakest points and
develop plans to deflect threats; collect data from logs for evaluation;
and identify potential security issues in network traffic and mitigate
them. AT&T can take over all cybersecurity duties for a company that
prefers to offload them or doesn’t have the staff to handle them or can
simply work in tandem with a company’s cyber team. While cybersecurity
services are indeed expensive, there is no other alternative as protection
is critical. And as the incident at Norsk Hydro dictates, one breach or
attack can be so costly that a company could go out of business. 

[return to top of report]

Verizon Enterprise:


1 Risk Based Security. “2017 Data Breach QuickView Report.”
February 13, 2019.

[return to top of this