See our complete list of top managed security service providers
Symantec, a Fortune 500 company and a member of the S&P 500, provides security software and services. It has a huge cyber intelligence network, as well as a large portfolio of security solutions that includes Cyber Security Services, Managed Security Services (MSS), Incident Response, DeepSight Threat Intelligence, and Cyber Skills Development. The company has been providing managed services for almost two decades. Recent acquisitions include Outlier Security (EDR), Skycure (mobile device protection) and Fireglass (isolation technology).
Symantec operates six security operations centers (SOCs) across the globe and provides end-to-end monitoring services, IDPS management, hosted log retention, intelligence services and advanced threat protection, plus incident response and cyber skills development. Symantec monitors and manage its customers’ security environment – everything from data collection to incident identification and interactive alerting. Its dedicated security analysts prepare reports and provide details and recommendations on the incidents found. It monitors on-premises and cloud-based devices and services, including SaaS-based security solutions, SaaS applications, IaaS and cloud audit and logging services.
Its MSSP services include:
- Cloud-based services, applications and infrastructure
- Application security monitoring, scanning/testing
- Continuous monitoring (applications, server, endpoints and network)
- Web proxy monitoring
- Anomaly-based advanced persistent threat (APT) protection/sandbox/protected code execution
- Data loss prevention (DLP)
- Incident response and forensics
- Security incident and event correlation management (SIECM)
- Security compliance monitoring
- Security event and threat analysis/operational intelligence
- Threat intelligence information feeds/advanced threat research
- Vulnerability management (VM) via integration with VM vendors
Markets and Use Cases
Symantec Managed Security Services serves companies of all sizes all over the world. It organizes segments based on industry and also customer security maturity so that it can tailor SOC service delivery to customers’ needs.
Symantec MSS collects and processes an average of 124.9 billion security logs each day. Its intelligence network tracks over 700,000 adversaries and records events from 98 million attack sensors worldwide. In addition, Symantec’s vulnerability databases consist of more than 88,900 recorded vulnerabilities.
Symantec provides customers a Log Collection Platform (LCP) that can be deployed on-premises or in the cloud. The platform collects log data from monitored devices and forwards it to the SOC for analysis and reporting. The LCP may host multiple event collectors and an event agent on box. Each customer receives a dedicated onboarding engineer for each engagement. The SOC Technology Platform aggregates, normalizes, correlates and analyzes data collected from customer security controls and other log and event sources. The multi-tenant platform is located in the SOC.
Symantec applies machine learning, analytics and analyst security expertise to eliminate false positives and escalate only critical incidents that need attention within 10 minutes of identification. Its resource network provides threat analytics that are correlated with threat data. Symantec Managed Security Services are powered by 500+ security experts who average 15 years of experience in security monitoring and log management. Security experts work with customers directly and are located in six SOCs throughout the world.
The company has an enterprise-wide pricing model that offers larger customers flexibility in pricing and configuration.
Symantec has been a Leader in the Gartner MSS Magic Quadrant 13 consecutive times. It was named as a top player in the IDC MarketScape Worldwide Managed Security Services Vendor Assessment, 2017, as well as a Strong Performer and in the Forrester Wave for Managed Security Services, North America.