Best Managed Security Service Providers (MSSPs)

As threats mount from ransomware gangs, Russian-backed hacker groups, and other nation-sponsored attackers and as the growth in remote work makes security management increasingly complicated, many companies are finding it makes sense to turn to a managed security service provider (MSSP) for help with handling an extremely complex threat landscape.

In response, the market is growing fast. According to a recent MarketsandMarkets report, the global MSSP market is expected to nearly double from $22.8 billion in 2021 to $43.7 billion by 2026, driven not only by remote working and growing cyber threats but also by a massive cybersecurity skills shortage, the demands of government regulations, and the simple cost benefits of outsourcing.

How to Choose the Right MSSP for Your Company

A wider range of providers are offering MSSP services today than ever before, and selecting the right vendor in such a heavily populated market can be a challenge. Gartner analyst Pete Shoard advised that being as clear as possible about your needs is key to selecting the right service, noting that offerings can range from managing a single technology to sharing the responsibility for operating a security platform to full outsourcing of security operations.

Trustwave similarly recommends evaluating vendors “by the capabilities they offer and how they are structured to serve as an extension of your team,” suggesting three key questions to ask in doing so:

  1. How do the provider’s threat intelligence capabilities stack up?
  2. What are the strategies and processes behind the vendor’s managed services?
  3. What are your own organization’s specific needs?

There are a number of cybersecurity services to choose from, ranging from managed SIEM to managed detection and response (MDR), managed firewalls, incident response, and more.

Read more: Choosing a Managed Security Service: MDR, Firewalls & SIEM

11 Leading MSSPs

To help you find the right provider, we evaluated a number of MSSPs to come up with this list of top security service providers. Each summary highlights some of the vendor’s key features and links to a separate, in-depth article for more details.

Accenture

Accenture acquired Symantec’s MSSP services in 2020. The company’s MSSP portfolio, supported by over 3,400 security professionals, includes managed application security, managed cloud security, managed digital identity, managed security risk, vulnerability management, managed SIEM, and managed extended detection and response (MxDR).

Use Cases: Global markets and all company sizes

Metrics: More than 224 billion logs processed daily

Intelligence: Services leverage machine learning (ML), advanced analytics, cryptography, distributed ledgers, cognitive computing, and automation

Delivery: Can be deployed on-premises or in the cloud

See our previous look at Accenture/Symantec.

AT&T

AT&T’s 2018 acquisition of AlienVault significantly expanded its cybersecurity offerings, which now includes managed vulnerability services, strategy and roadmap planning, risk-based cyber posture assessments, penetration testing services, secure remote access, secure web gateway (SGW), network-based firewall, distributed denial of service (DDoS) defense, managed threat detection and response, SentinelOne managed endpoint security, MobileIron mobile security, and Lookout mobile endpoint security. AT&T was named as a Niche Player in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Small and medium businesses (SMBs) to large enterprises, mostly in North America

Metrics: Network availability guarantees of up to 99.999%

Intelligence: Monitors well over 19PB of IP traffic on its core network each business day

Delivery: On-premises and cloud

See our in-depth look at AT&T MSSP.

BT

BT’s 3,000 security experts and 16 global security operation centers support a portfolio that includes next-generation firewall (NGFW), Intrusion Detection and Prevention System (IDPS), unified threat management (UTM), SWG, managed DDoS mitigation, managed endpoint detection and response (EDR), managed embedded security controls, application securitynetwork access control, public key infrastructure (PKI) security, vulnerability scanningpatch managementemail security, threat monitoring and intelligence, cloud security information and event management (SIEM), MobileIron mobile security, and more.

Use Cases: Companies and governments in U.K., Europe, the Americas, and AMEA (Asia, the Middle East, and Africa)

Metrics: Blocks 6,500 potential cyberattacks a day, and serves 98% of FTSE (Financial Times Stock Exchange) 100 companies

Intelligence: Provides shared and customer-dedicated security operation centers globally

Delivery: Several delivery models—primarily cloud or appliance based, co-managed, or fully managed

See our in-depth look at BT MSSP.

DXC Technology

DXC’s more than 3,000 security professionals support a portfolio of integrated solutions that includes advisory services, security risk management, intelligent security operations infrastructure, endpoint security, identity and access management, threat and vulnerability management, incident response, data protection, and cloud security.

Use Cases: Serves over 40% of the Fortune Global 500

Metrics: Manages security services for more than 1.8 million devices

Intelligence: Global threat intelligence, advanced threat detection, and integrated incident response

Delivery: Dedicated solutions can be managed on-site, in a hosted environment or in cloud environments

See our in-depth look at DXC Technology.

IBM

IBM provides a wide range of MSSP services, including network protection, managed firewall services, vulnerability scanning, information event management, intelligent log management in the cloud, IDPS, data protection, security intelligence analysis, web gateway management, UTM, secure software-defined wide area network (SD-WAN), adaptive security for hybrid cloud, managed endpoint security, managed identity services, and managed detection and response. IBM was identified as a Leader in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Large enterprises

Metrics: Monitors more than 150 billion security events per day in more than 130 countries

Intelligence: Threat intelligence and incident response services supported by IBM Security X-Force

Delivery: Shared multi-tenant, on-premises, or as a service

See our in-depth look at IBM.

Lumen

Lumen, rebranded from CenturyLink in 2020, offers a broad range of services, including a professionally managed next-generation network-based firewall, IDPS, adaptive network security, UTM, DDoS mitigation, and threat intelligence. Lumen’s eight SOCs worldwide respond to physical and logical alarms, mitigate attacks and suspicious or abnormal network activity, and assist with customer security inquiries. Prior to the rebranding, CenturyLink was named as a Visionary in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Mid-sized to multinational enterprises and government customers in more than 60 countries

Metrics: Monitors more than 195 billion NetFlow sessions daily, and mitigates 120 DDoS attacks per day

Intelligence: Lumen Adaptive Threat Intelligence (ATI), powered by Black Lotus Labs, delivers high-fidelity threat intelligence in near-real time

Delivery: Delivered through a central portal or directly to the organization’s SIEM without requiring on-site equipment or installation

See our in-depth look at Lumen/CenturyLink.

NTT

NTT’s MSSP offering includes threat detection, compliance monitoring, security device management, vulnerability management, managed detection and response, enterprise security monitoring, web application firewall-as-a-service, and managed SOC as a service. NTT was named as a Niche Player in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Companies of all sizes and across all industries

Metrics: Six global SOCs analyze two billion events per day

Intelligence: Combines ML, big data, and complex event processing analysis

Delivery: On-premises, cloud-based, or hybrid services

See our in-depth look at NTT MSSP.

Secureworks

Secureworks’ wide range of services includes managed firewall, managed IDPS, managed iSensor IPS, managed NGFW, advanced endpoint threat detection (AETD), advanced endpoint threat prevention, advanced remediation management, log management and compliance reporting, security event monitoring, vulnerability program management, vulnerability scanning, payment card industry (PCI) scanning, web application scanning, and policy compliance. Secureworks’ Taegis ManagedXDR service includes advanced threat hunting, detection, and rapid response. Secureworks was named a Leader in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Mid-sized, enterprise, and government organizations

Metrics: 300 billion security events processed daily

Intelligence: Provides threat research, threat intelligence, malware analysis, and analytics support to SOCs

Delivery: Hosted by Secureworks or delivered on customer networks

See our in-depth look at Secureworks.

Trustwave

Trustwave’s MSSP services include managed detection and response, managed security and compliance, managed application control, managed database security, proactive threat hunting, security testing, security technology management, and threat monitoring and detection. Data and reports are available 24/7 via the Trustwave TrustKeeper portal. Trustwave was named as a Leader in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: SMBs to large enterprises primarily in financial services, retail, hospitality, healthcare, payment services, government, and education

Metrics: More than three million businesses leverage the Trustwave TrustKeeper cloud platform

Intelligence: Global threat intelligence is delivered by Trustwave SpiderLabs

Delivery: From appliance to cloud and hybrid

See our in-depth look at Trustwave.

Verizon

Verizon Managed Security Services encompasses a wide range of offerings to help companies detect security incidents and threats, including incident response and investigation, security and protection services, cyber risk management, and secure gateway services. A separate MDR offering provides security as a service by combining SIEM technology, user and entity behavior analytics (UEBA), and integrations with network detection and response (NDR) and EDR. Verizon was named as a Leader in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: SMBs to large enterprises

Metrics: Verizon’s nine SOCs process over 61 billion events a year

Intelligence: Verizon Research, Investigations, Solutions, Knowledge (RISK) team provides threat intelligence and incident response

Delivery: Via SOCs that monitor the network

See our in-depth look at Verizon Enterprise.

Wipro

Wipro’s managed security services include MDR, managed application security, managed digital trust, managed cloud and infra security, and managed security risk and compliance. Wipro was identified as a Niche Player in Gartner’s most recent Magic Quadrant for MSSPs.

Use Cases: Global presence but strongest in Asia and Europe

Metrics: More than 200,000 employees serving clients across six continents

Intelligence: ML-leveraged for threat detection

Delivery: Its Cyber Defense Center (CDC) portal is the landing page for accessing services

See our in-depth look at Wipro.

Jeff Goldman
Jeff Goldman
Jeff Goldman has been a technology journalist for more than 20 years and an eSecurity Planet contributor since 2009.

Top Products

Related articles