Onto the Gartner Magic Quadrant. Companies are sorted alphabetically…
1. AT&T (Challengers Quadrant)
AT&T offers mature security management and monitoring services, along with flexible delivery options (e.g., AT&T NetBond service and its FlexWare platform), that are attractive to buyers seeking security controls and services as components of their managed network infrastructure.
The Threat Manager—Log Analysis portal represents an opportunity to provide a richer and more functional interface to AT&T managed security customers than is available in the current portals.
AT&T continues to invest in its capabilities in its unified delivery organization for MSSs, including incident response/forensics offerings.
AT&T is adding capabilities to the portal for its Threat Manager—Log Analysis service during 2017.
Potential customers should validate that the roadmap for portal features to support investigation, workflow and reporting will meet their requirements.
MSS customers use separate portals for device management and security monitoring services. AT&T plans to unify these in in 2017. The vendor provides 24/7 support for threat monitoring and management, via U.S.- or Europe-based SOCs.
Atos supports customers that need a service provider to perform security monitoring and management where Atos acts as an extension of a customer’s security capabilities with minimal direction.
Atos has access to high-profile digital business projects at large enterprises because of its broader IT services engagements — many MSS competitors do not have this level of access and visibility to transformational technology projects.
Atos has a variety of alliances and partnerships with security technology vendors to deliver its device management and security monitoring offerings.
Atos’ MSS portal has limited customer self-service options, threat intelligence integration and reporting, as Atos relies on dedicated security managers assigned to customers to support those functions.
Atos’ advanced threat detection capabilities rely on its endpoint and network security services, supported by its SIEM service for security monitoring. Atos has announced new big data-based security analytics capabilities for MSS to be delivered in 2017 that leverage vendor partnerships and its own proprietary hardware and software solutions.
Atos is rarely mentioned by Gartner clients interested in MSSs.
MSSP Alert Says: Atos looks more like a rival than a partner to traditional MSPs that want MSSP services. Among the pieces of evidence: Atos in early 2017 acquired Engage ESM — a ServiceNow Gold Services Partner that also works with Cisco Systems, Moogsoft and HP Inc. The deal closed has been finalized; financial terms were not disclosed.
3. BAE Systems (Niche Quadrant)
BAE Systems has experience with big data platforms and advanced analytics, which is employed across multiple services and solutions for advanced threat defense, as well as financial crime and fraud detection/prevention.
BAE Systems has multiple options for instrumenting an organization, including its own network monitoring appliance and endpoint detection and response (EDR) agent, as well as partnerships with EDR vendors like Carbon Black, which are used to deliver security monitoring services as well as managed detection and response-type services.
The vendor is an experienced defense contractor that has developed tradecraft for addressing advanced targeted attacks, which influences its advanced threat detection and threat intelligence offerings.
Customers give generally positive feedback about BAE Systems for the sales, execution and MSS delivery phases.
BAE Systems is still working to integrate the service and customers acquired as part of its purchase of SilverSky in 2014. Potential buyers should validate the impact of any changes to its platform and the technologies used to deliver the services.
The MSS portal capabilities favor the enterprise customer with sufficient staff dedicated to receiving and investigating potential incidents alerted by BAE Systems’ SOCs. BAE Systems plans to deploy a new portal in 2017 to unify its offerings and introduce new features and capabilities. Potential buyers should understand which portal they will use and the impact if they need to migrate from the legacy portal to the new portal.
BAE Systems is rarely mentioned in MSS vendor shortlist discussions with Gartner clients.
BT offers all MSSs and related offerings from a single, integrated business unit, providing a single source for enterprises, especially those with existing BT relationships, seeking security services delivered by a single provider.
BT uses a variety of partnerships with security technology and service vendors to deliver its device management, security monitoring and threat intelligence offerings.
The vendor’s customers give good marks for most elements across the acquisition, implementation and delivery of MSSs.
BT’s portal is focused on features for enterprise technical security staff, with fewer features and capabilities compared to many MSS competitors’ portals. A new portal is planned for release in 2017 that will add new features and capabilities.
BT’s offerings are focused on network-based security controls and event sources. Buyers seeking endpoint, platform and application security event monitoring may require customized services.
Buyers seeking advanced threat detection capabilities must purchase and deploy BT’s ACP solution, typically in conjunction with BT Assure Cyber security consulting. BT is integrating Assure Threat Monitoring into its Assure Cyber portfolio in 2017.
BT’s customer visibility is high in Europe, but it is less visible with MSS buyers in other regions.
MSSP Alert Says: For U.S.-based MSPs seeking to navigate Brexit and security issues across Europe, BT could be worth an exploratory call…
But wait. MSSP Magic Quadrant members 5 through 8 await you on page two of four…