LevelBlue, the managed cybersecurity company spun out earlier this year by wireless carrier AT&T, is unveiling four new security services that will be available to MSSPs and MSPs starting in the first quarter of 2025.
Announced at the MSSP Alert Live conference in Austin, Texas, the four services will cover managed threat detection and responses, incident response, vulnerability management, and endpoint security. The offerings will help form the foundation of LevelBlue’s upcoming new partner program, which also will launch in the first quarter of 2025.
The services will integrate with LevelBlue’s USM Anywhere platform, which includes threat detection, incident response, asset discovery, and compliance management in a unified offering. The cloud-based platform collects and analyzes data throughout a company’s on-premises and cloud environments, giving MSPs and MSSPs greater visibility into an organization’s attack surface while providing integrated tools to protect it.
LevelBlue says the platform is “built for today’s resource-limited IT security teams [and] eliminates the need to deploy, integrate, and maintain multiple point security solutions in your data center.”
The services will help managed services providers open up growth opportunities at a time when cybersecurity threats are becoming more frequent and more sophisticated, according to LevelBlue executives, with Chairman and CEO Bob McCullen saying that “all of our partners will benefit from the comprehensive program to simplify cybersecurity for their customers.”
The four services are:
- LevelBlue Managed Threat Detection and Response: This includes security monitoring, alarm validation, and incident investigations and responses. It’s fed by continuous threat intelligence from LevelBlue Labs.
- LevelBlule Incident Response Retainer: The service gives MSSPs and MSPs the ability to leverage the vendor’s incident response and consulting resources to limit damage caused by an attack and reduce recovery times and costs.
- LevelBlue Managed Vulnerability: This combines LevelBlue’s consulting team and vulnerability management offerings, such as vulnerability scanning, configuration management, web application security scanning, threat hunting, and IT and operational technologies.
- LevelBlue Managed Endpoint Security: The service uses machine learning, AI, and proactive security monitoring to protect endpoints against known and emerging threats.
The company is “clearly on the right track with their offering, which is very impressive,” Rob Enderle, principal analyst with The Enderle Group, told MSSP Alert. “AI is starting to emerge as a very real threat. Mostly, we are seeing proof of concepts, but the industry is expecting AI-driven attacks at any moment. AI is particularly effective at social engineering for phishing types of attacks that we currently lack robust defenses for.”
This represents an opportunity for MSSPs and MSPs, with enterprises as well as SMBs being targets. In addition, the trend toward agentic AI is something service providers be ready for, Enderle said. Agents are bits of software that can act autonomously and work together to solve complex tasks, make decisions, understand commands, reason, and decipher intent.
Given that, they’re going to be useful in organizations' cybersecurity plans, so LevelBlue and its service providers are going to need strong, user-focused agentic AI solutions to offer end users and fully address the AI-driven threats that are coming.
“This is a clear area where agentic AI will play strongly, but you need to have significant AI experience in order to craft the appropriate solution. The related skill sets are in very short supply at the moment,” he said. “But there is a massive unmet opportunity growing here.”
LevelBlue was introduced in May at the RSA Conference as a joint venture by AT&T and private equity firm WillJam Ventures, five months after the two organizations began discussing plans to help SMBs harden their cybersecurity capabilities. In November 2023, AT&T executives said that the telecommunications company was integrating more security into network and edge products.
Spinning out the carrier’s managed services business would allow the cybersecurity capabilities it had accumulated to be leveraged by a much broader range of organizations, they said.
McCullen, the former CEO of managed detection and response (EDR) vendor Trustwave and founder of WillJam Ventures, wrote in a blog post at the time that “as organizations continue innovating, technologies such as artificial intelligence (AI) and cloud computing create a more dynamic, expanded threat landscape. … Cyber resiliency is not easily defined, nor is it easily attainable without the necessary support. LevelBlue’s strategic cybersecurity services will help solve this challenge during a time when it’s needed most.”
He noted that LevelBlue spun out with 1,300 employees, with members of its consulting team having an average of 15 years of experience in cybersecurity and armed with the latest certifications.
LevelBlue’s introduction this year and the services it’s aiming at MSSPs and MSPs comes at a time of rapid growth in the global managed security services space, with Statista analysts predicting the market will expand from $31.05 billion last year to more than $65.5 billion by 2028.
