LevelBlue

LevelBlue is a managed security service provider (MSSP) formed as a joint venture between AT&T and WillJam Ventures in 2024. Their core mission is to simplify cybersecurity for businesses, enabling them to innovate without compromising security. They aim to achieve this by offering a comprehensive suite of services, including managed security, consulting, threat intelligence, and 24/7 support from their global Security Operations Centers (SOCs) and Network Operations Centers (NOCs). LevelBlue inherited a strong foundation from AT&T Cybersecurity, including a large customer base and established expertise. They are striving to differentiate themselves through a focus on proactive threat identification and response, leveraging AI and machine learning, and emphasizing a customer-centric approach.

Offerings, Integrations, and Capabilities

LevelBlue offers a broad range of cybersecurity solutions and services designed to address various security needs:

• Cybersecurity Consulting: Provides expert guidance on security strategy, risk assessment, compliance, and incident response planning. Services include Zero Trust implementation, risk mitigation, compliance assurance, vulnerability scanning, penetration testing, and adversary simulation.
• Managed Security Services: Offers ongoing management and monitoring of security infrastructure and operations, including managed detection and response (MDR), managed network security, and unified endpoint management (UEM).
• Threat Intelligence: Leverages AI, machine learning, and the LevelBlue Open Threat Exchange (OTX) community to provide real-time threat detection and predictive analytics. OTX boasts over 235,000 security professionals contributing over 20 million threat indicators daily.
• Incident Response: Offers rapid response and mitigation services to minimize the impact of security incidents.

LevelBlue emphasizes integration and automation throughout its offerings, aiming to streamline security operations and improve efficiency for its clients. They also offer third-party integrations through their open XDR platform, USM Anywhere.

Key Products and Services

LevelBlue’s key products and services span several categories:

Cybersecurity Consulting Services

• Strategy and Roadmap Planning: Helps organizations develop a unified security program.
• Enterprise Security Assessment Services: Identifies security gaps and vulnerabilities.
• Risk-Based Cyber Posture Assessment: Provides a rapid assessment and remediation plan.
• Security Compliance: Assists with meeting regulatory compliance requirements.
• Vulnerability Scanning: Identifies potential system and application vulnerabilities.
• Penetration Testing: Simulates real-world attacks to assess security posture.
• Adversary Simulation Services: Tests security operations and detection capabilities.
• Cybersecurity IQ Training: Improves organizational cybersecurity awareness.
• Incident Response Services: Develops plans for rapid incident response and mitigation.

Network Security

• Secure Web Gateway: Cloud-delivered protection for users and devices.
• Secure Remote Access: Enables secure access to applications and data from anywhere.
• SASE with Cisco/Cisco Meraki/Fortinet: Secure Access Service Edge solutions for enhanced network security.

Endpoint Security

• SentinelOne: Endpoint protection, detection, response, and control.
• Unified Endpoint Management (UEM): Simplifies management and protection of mobile devices.

Threat Detection and Response

• Managed Threat Detection and Response (MTDR): 24/7 security monitoring and incident response.
• MTDR for Government: FedRAMP Moderate authorized platform for government agencies.
• USM Anywhere: A unified platform for threat detection, incident response, and compliance.
• USM Anywhere Advisors: Provides reactive security support for day-to-day operations.
• XDR for MSSPs: Enables MSSPs to create managed security service offerings.
• Open Threat Exchange (OTX): A global threat intelligence community.

Flagship Product: USM Anywhere is LevelBlue’s flagship product, serving as a central platform for many of their offerings.

Target Customers and Benefits

LevelBlue targets a wide range of organizations, particularly mid-size and large enterprises, across various industries, including financial services, healthcare, manufacturing, public sector, K-12 education, and retail.

These customers benefit from LevelBlue’s services in several ways:

• Simplified Cybersecurity: LevelBlue’s comprehensive solutions streamline security operations and reduce complexity.
• Proactive Threat Detection: AI-powered threat intelligence and 24/7 monitoring help identify and mitigate threats before they cause damage.
• Improved Security Posture: Expert consulting and managed services strengthen overall security defenses.
• Enhanced Compliance: LevelBlue assists organizations in meeting various regulatory requirements.
• Cost Savings: Managed services can be more cost-effective than in-house security teams.
• Focus on Innovation: By offloading security management to LevelBlue, organizations can focus on their core business and innovation initiatives.

Cloud Integrations and Marketplaces

• Azure: LevelBlue offers Azure Security Monitoring & Compliance through its USM Anywhere™ platform. This includes continuous vulnerability scans, detection of abnormal behavior, and detailed compliance reporting for standards such as PCI DSS, ISO 27001, and NERC CIP.
• AWS: LevelBlue provides a comprehensive SIEM solution for AWS environments. USM Anywhere™ offers full AWS SIEM capabilities, including CloudTrail monitoring, event correlation, and log management.
• Google Cloud: LevelBlue integrates with Google Cloud through its BlueApp for G Suite, which collects logs and provides enhanced security insights.

Key People

• Robert McCullen: Chairman and CEO
• Sundhar Annamalai: President

Key Facts

• Headquarters: Dallas, Texas, USA
• Number of Employees: Approximately 850 (after a 15% layoff in June 2024)
• Annual Revenue: Not publicly disclosed
• Parent/Subsidiary Companies: Joint venture between WillJam Ventures (majority owner) and AT&T (minority owner)
• Publicly Listed: No

Analyst Group Recognition

• IDC: LevelBlue is recognized as a Major Player in the 2024 IDC MarketScape for worldwide cybersecurity consulting.