Managed security service providers (MSSPs) offer an efficient and cost-effective way for companies to ensure that their security and compliance needs are met.
Over the past several years, the range of services offered by MSSPs has expanded as the market has become increasingly competitive. And with the recent increase in high-profile cyber attacks, more and more managed service providers (MSPs) are interested in becoming MSSPs.
With features and competition expanding, it’s becoming harder for companies searching for an MSSP to differentiate between services to find the one that best fits their needs.
MSSP vs. MDR
IDC senior research analyst Martha Vazquez noted in a recent blog post that as the market becomes increasingly commoditized, areas like managed detection and response (MDR) will be key differentiators going forward – and many of the companies listed below highlight their MDR services as a key strength of their offerings.
As Alert Logic senior product marketing manager Rod Mercado put it in a recent blog post, “MSSPs are widespread and offer a bird’s eye view of your security posture. MDR, on the other hand, goes deeper, leveraging the human expertise required to best detect and analyze any threats and respond to vulnerabilities.”
Further reading: Best Managed Detection and Response (MDR) Services for SMBs
More broadly, IDC’s Vazquez recommends seeking a security partner that’s actively making use of emerging technologies to ensure complete coverage. “As providers add enhancements such as automation and orchestration, threat monitoring, detection, and remediation capabilities across many technologies, response mechanisms can occur more rapidly,” she writes.
Top 12 Managed Security Service Providers
With that perspective in mind, here’s a closer look at 12 leading MSSP offerings, including a range of perspectives on those offerings from users and industry analysts.
Accenture acquired Symantec’s MSSP services in April 2020. The company’s MSSP offering now includes managed application security to accelerate application release cycles while ensuring security; managed cloud security to assess threats and respond automatically across an enterprise’s cloud environment; managed digital identity to streamline access to services and applications; managed security risk to improve decision-making while mitigating risks; and MDR to detect and respond to threats throughout cloud and on-premises environments.
Forrester identified Accenture as a Strong Performer in its Q3 2020 report on global MSSPs, giving its current offering a rating of 3.39 out of 5. Key strengths cited include Accenture’s flexibility and willingness to customize, though high pricing and delivery complexity are seen as challenges. Prior to the Accenture acquisition, Gartner named Symantec as a Leader in its most recent Magic Quadrant for Worldwide MSSPs, and Gartner Peer Insights reviewers gave Symantec 4.4 stars out of 5. IDC also identified Accenture as a Leader in its 2020 MarketScape for worldwide managed security services.
2. Alert Logic
Alert Logic’s platform ensures asset visibility and security for networks, applications, and endpoints by collecting network traffic and over 60 billion log messages per day. Alert Logic’s MDR service covers cloud, on premises, and hybrid environments with 24/7 security monitoring to provide a global view of threat activity. The company’s straightforward, scalable pricing is a key strength.
Forrester named Alert Logic as a Leader in its Q3 2020 report, rating its current offering at 3.35 out of 5. Key strengths cited include the solution’s rapid deployment, ease of setup, and consumption-based pricing, though automation needs improvement. Gartner identified Alert Logic as a Visionary in its most recent Magic Quadrant, citing as strengths its services for AWS and Microsoft Azure customers and its straightforward tiered pricing model, though reporting is seen as a weakness. Gartner Peer Insights reviewers give Alert Logic 4.8 stars out of 5, praising its integration, reliability, and ease of use.
Bolstered by AT&T’s August 2018 acquisition of AlienVault, AT&T Cybersecurity provides monitoring, investigation, and incident response services with 24/7 monitoring from eight SOCs worldwide that leverage up-to-date threat intelligence from AT&T Alien Labs. Centralized security monitoring covers cloud and on-premises environments, including endpoints, networks, and cloud apps, supporting threat detection within minutes of installation.
Forrester identified AT&T Cybersecurity as a Strong Performer in its Q3 2020 report, giving its current offering a rating of 3.44 out of 5. Key strengths cited include the solution’s ease of deployment and the combination of AlienVault’s IP with AT&T’s MSSP delivery. Gartner named AT&T as a Niche Player in its Magic Quadrant, viewing its range of services as a key strength. Gartner Peer Insights reviewers give AT&T 4.0 stars out of 5, praising its ease of use and implementation, but expressing some frustration with customer support. IDC identified AT&T as a Leader in its 2020 MarketScape for worldwide managed security services.
Capgemini’s Managed Security offerings integrate a variety of security solutions, technologies, suppliers, and strategies through a single point of contact, customized to meet each client’s business needs, risk appetite, and target cost of ownership. The company’s MSSP offerings include security management services, multi-tenant managed change data capture (CDC), managed SIEM, application security testing, endpoint protection as a service, data loss prevention, cloud security, identity as a service, cryptographic services, automotive cybersecurity, GDPR readiness, industrial systems/IoT, and perimeter security.
Forrester identified Capgemini as a Contender in its Q3 2020 report, giving its current offering a rating of 2.17 out of 5, and Gartner named Capgemini as a Niche Player in its Magic Quadrant for Worldwide MSSPs. Gartner Peer Insights reviewers give Capgemini 3.9 stars out of 5, praising its effectiveness and ease of implementation, but expressing some frustration with reporting and response times. IDC identified Capgemini as a Leader in its 2020 MarketScape for worldwide managed security services.
Deloitte’s MSSP services cover information security, cybersecurity advisory services, solution implementation and integration, managed services, actionable threat intelligence and analytics, and incident response, helping organizations protect their sensitive data and critical infrastructure with rapid response and recovery to cyber threats. Key capabilities include security information and event monitoring (SIEM), security tools management, vulnerability management, implementation services, and onsite security operations.
Forrester identified Deloitte as a Strong Performer in its Q3 2020 report, giving its current offering a rating of 2.53 out of 5. Forrester cited the company’s international scale and strategic vision as key strengths, but noted weaknesses in device management and support. While Deloitte doesn’t appear in Gartner’s Magic Quadrant for Worldwide MSSPs, Gartner Peer Insights reviewers give Deloitte 4.0 stars out of 5. IDC named Deloitte as a Leader in its 2020 MarketScape for worldwide managed security services.
IBM Security offers 24/7 monitoring, management and response to advanced threats, risks, and compliance requirements, with a variety of tailored services available, including threat, cloud, infrastructure, data, identity, and response management. IBM Security X-Force threat intelligence and incident response teams combine threat intelligence with automation to help improve SOC productivity, reduce attack dwell time, and rapidly respond to threats.
Forrester named IBM Security Services as a Leader in its Q3 2020 report, rating its current offering at 3.97 out of 5. Key strengths, according to Forrester, include IBM’s vast portfolio of intellectual property, though some customers expressed frustration with user interfaces. Gartner similarly identified IBM as a Leader in its most recent Magic Quadrant, highlighting its wide range of services, but noting some frustration regarding user experience. Gartner Peer Insights reviewers give IBM Managed Security Services 4 stars out of 5, praising IBM’s wide range of services, but expressing frustration regarding its ease of use. IDC also identified IBM as a Leader in its 2020 MarketScape for worldwide managed security services.
CenturyLink rebranded as Lumen in September 2020. Lumen Managed Security Services provide prevention, 24/7 monitoring and management, incident response and analysis services to support hosted and on-premises enterprise environments. Services include managed firewall, IDS/IPS, endpoint security, UTM, Web application firewalls, DDoS mitigation, network-based firewalls, email filtering and DNS sinkholing services, secure cloud, threat detection, threat monitoring and reporting, intelligence feeds, reputation monitoring, SIEM, log management, incident analysis, and malware detection and removal.
Prior to the rebranding, Forrester identified CenturyLink as a Contender in its Q3 2020 report, giving its current offering a rating of 2.17 out of 5. Key strengths cited by Forrester include integration with telecom services and quick alerts, while weaknesses include inconsistent quality of support. Gartner named CenturyLink as a Visionary in its Magic Quadrant, and Gartner Peer Insights reviewers give Lumen 4 stars out of 5, citing its customer service and flexible service arrangements as key strengths.
NTT’s Managed Security Services (MSS) leverage a purpose-built platform to provide MDR services, threat detection services with automated reporting and tailored notifications, enterprise security monitoring for enhanced legal and regulatory compliance as well as 24/7 protection, security device management (SDM) services, SOC-as-a-service, Web application firewall-as-a-service, and vulnerability management.
Forrester identified NTT as a Contender in its Q3 2020 report, giving its current offering a rating of 2.43 out of 5. Key strengths cited by Forrester include its on-premises log collection and correlation capabilities. Gartner named NTT as a Niche Player in its most recent Magic Quadrant, and Gartner Peer Insights reviewers give NTT’s MSSP offering 4.4 stars out of 5, praising its notification speed and accuracy, but expressing some frustration with customer support. IDC identified NTT as a Leader in its 2020 MarketScape for worldwide managed security services.
Optiv’s managed security services are designed to provide a turnkey solution to address complex security challenges, backed by multiple SOCs delivering 24/7 support. Managed vulnerability scanning identifies vulnerable systems and provides tools to manage risk more effectively, while ongoing monitoring identifies and mitigates threats.
Forrester identified Optiv as a Strong Performer in its Q3 2020 report, rating its current offering at 2.69 out 5. Key strengths, according to Forrester, include accelerated deployment timeframes and quick support of new technologies, though some clients reported service inconsistencies. While Optiv wasn’t included in Gartner’s most recent Magic Quadrant for MSSPs, Gartner Peer Insights reviewers give Optiv’s managed security services 3.9 stars out of 5, praising its customer service and response times.
Secureworks offers a wide range of managed security services including firewall, IDS/IPS, next-generation firewall, advanced endpoint threat detection and prevention, advanced remediation management, log management and compliance reporting, security event monitoring, vulnerability program management, vulnerability scanning, PCI scanning, Web application scanning, and policy compliance. The company’s Taegis ManagedXDR service includes advanced threat hunting, detection, and rapid response across endpoint, network, and cloud environments.
Forrester identified Secureworks as a Leader in its Q3 2020 report, rating its current offering at 3.35 out of 5. Key strengths cited include Secureworks’ threat intelligence research and system criticality in alert context, while its cloud platform and API support are identified as weaknesses. Gartner similarly named Secureworks as a Leader in its most recent Magic Quadrant, identifying its implementation and support as key strengths, but noting that some smaller customers expressed frustration with service delivery and account management. Gartner Peer Insights reviewers give Secureworks 4.3 stars out of 5, praising its user interface and account team, but expressing frustration regarding deployment and integration. IDC also identified Secureworks as a Leader in its 2020 MarketScape for worldwide managed security services.
Backed by the company’s SpiderLabs threat intelligence team, Trustwave’s portfolio of managed security services includes 24/7 threat monitoring and detection, technology management, security testing, and proactive threat hunting. The cloud-based Trustwave Fusion cybersecurity platform enables enterprises to respond to threats, manage vulnerabilities, order on-demand security tests, generate reports, and scale services from a single dashboard.
Forrester’s Q3 2020 report identified Trustwave as a Leader, giving its current offering the highest rating among MSSPs evaluated, at 4.08 out of 5. Key strengths cited include Trustwave’s ability to present actionable information in alerts and to work across various types of cloud infrastructure. Gartner named Trustwave as a Leader in its most recent Magic Quadrant, identifying its TrustKeeper portal and SpiderLabs threat intelligence capability as key strengths, but noting some issues with deployment and support. Gartner Peer Insights reviewers give Trustwave 4.1 stars out of 5, praising the cloud portal and customization options, but expressing some frustration with customer support. IDC also identified Trustwave as a Leader in its 2020 MarketScape for worldwide managed security services.
Verizon Managed Security Services collect threat data in near-real time and send it to the company’s proprietary Security Analytics Platform, which filters out benign events and escalates incidents likely to pose a threat. All security incident information is viewable through Verizon’s Web-based Unified Security Portal, which provides granular search and query capabilities as well as comprehensive reporting on incidents and logs.
While Verizon isn’t included in Forrester’s Q3 2020 report on global managed security services providers, Gartner named it as a Leader in its Magic Quadrant for MSSPs. Gartner Peer Insights reviewers give Verizon 3.9 stars out of 5, praising its monitoring, incident response, and competitive pricing. IDC also identified Verizon as a Leader in its 2020 MarketScape for worldwide managed security services.