AT&T Threat Intellect Makes It Possible to Examine Billions of Security Events in Minutes and Helps Avoid Attacks
AT&T Secures More Connections than Any Communications Company in North America
AT&T* is helping to enable businesses to detect, analyze and address security threats faster and more efficiently than ever before. AT&T Threat IntellectSM is more than a suite of security services – it’s the security foundation built from the people, processes, products and tools that form our security backbone. As the brains behind our security services, Threat Intellect provides unparalleled visibility into the data patterns and threat activity across our network, helping businesses customize their security to meet their needs. It uses multitudes of unique threat signature data streams, analytics and intelligence to help detect known and unknown threats. And, Threat Intellect is constantly learning to adapt to the latest global security issues.
“AT&T secures more connections than any communications company in North America,” said Steve McGaw, chief marketing officer, AT&T Business Solutions. “No carrier experiences the depth and scale of security threats we see on a daily basis– more than 30 billion vulnerability scans and 400 million spam messages are detected on our IP network. The power of Threat Intellect gives us the ability to process 5 billion security events, a full day’s worth of activity for all of our security customers combined – in only 10 minutes.”
Threat Intellect automates the deployment of security protections. We estimate that this automation will improve the speed at which we can deploy security protections by over 95%, greatly improving threat detection and resolution.
This transformation in security is similar to the progress made in computer search tools. “In the past, you had to know exactly where a specific file was stored to access it. Now, you only need a key word to find that file,” McGaw said. “AT&T Threat Intellect has a similar capability. It is the power behind every AT&T firewall, network security protection and every other security capability we have integrated in our network and services.”
This means AT&T can search across the data crossing our network from mobile devices, applications, data centers, or through our security services – and then help identify and address potential threats for customers on our network.
Here’s how Threat Intellect works:
- Advanced Analytics: Our technology understands and helps to identify abnormal and malicious activity based on data patterns. For example, if a medical company experiences a brute force attack, with a spike in unusual login attempts, our technology can react and update security defenses. We can also identify if certain activity came from an unauthorized user, or an atypical location.
If an activity appears abnormal, it’s flagged for review. Once confirmed as a malicious event, we can work to stop the attack in order to keep operations running. This lets us proactively help to protect other customers, too.
- Data Intelligence: Our technology is designed to validate threat information based on a massive database of threat signatures. We monitor 117.4 petabytes of data that cross our network on the average business day, to help identify threat activity.
Our technology can help detect and react to new zero-day attacks and threats. By layering dynamic search capabilities on top of our platform, AT&T has delivered an immensely scalable solution, with unparalleled processing capability, designed to deliver security intelligence at unrivaled speeds.
- Proactive Measures: We monitor data across mobile devices, computer networks, applications, and data sets. This gives us a pool of threats to analyze. And it helps protect the network and update security policies to keep connections more secure against emerging threats.
If an activity is abnormal, the process is designed to update our malicious entity database. And, the platform will detect the abnormality in future threat scans for customers on our network.
- Machine Learning: Our Chief Security Office has developed a best-in-class security analytics platform. It automatically updates our threat database based on the patterns in threat activity across our network. In addition to the global threat activity our network monitors, we see 5 billion vulnerability scans and 200,000 malware events targeted specifically at AT&T every day, giving us unparalleled threat data.
Businesses will be able to experience the first of many benefits of Threat Intellect via our new service, AT&T Threat Manager Log AnalysisSM. This security portal is designed so that anyone familiar with a web browser can use it.
We’re continuing to transition the AT&T global network to a software defined network and move our security functions to virtual solutions. This will help customers set up and modify our services in near real-time – when and where they need it most. AT&T Threat Intellect will help equip businesses with fast and efficient managed security services.
The flexibility and speed of threat prevention and mitigation available through AT&T Threat Intellect improves daily, and each new customer gives us additional threat visibility to better protect all of our customers. It is truly a collaborative ecosystem, built on the power of the AT&T network.
It’s a new day in security.
AT&T Threat Intellect is removing the manual, reactive work of analyzing an ever-growing number of sophisticated, persistent threats. We’re helping businesses improve security operations and drive efficiencies. We’re helping security professionals protect their enterprises by offering a suite of security services with transformative capabilities.
*AT&T products and services are provided or offered by subsidiaries and affiliates of AT&T Inc. under the AT&T brand and not by AT&T Inc.