AT&T Cybersecurity
Carrier-scale managed security backed by AlienVault's USM Anywhere and the Open Threat Exchange
- Service
- MSSP
- Response
- Investigate alerts
Best for
Mid-market organizationsUsually replaces
Standalone SIEM deploymentCheck first
The 2024 spinoff into LevelBlue (joint venture with WillJam Ventures) introduces brand confusion and uncertainty about the long-term roadmapCoverage
Covers
- USM Anywhere unified platform combining SIEM, IDS, vulnerability assessment, asset discovery, and behavioral monitoring
- Open Threat Exchange (OTX) with 330,000+ threat researchers across 140 countries
- Managed Threat Detection and Response (MTDR) service with 24/7 SOC coverage
Pros and limits
Works well
- Unmatched network visibility from AT&T's global carrier infrastructure provides threat intelligence at a scale few competitors can replicate
- Open Threat Exchange (OTX) is the world's largest open threat intelligence community, feeding real-time IOCs into USM Anywhere
- USM Anywhere consolidates five essential security capabilities (SIEM, IDS, vulnerability assessment, asset discovery, behavioral monitoring) into a single pane of glass
Watch out for
- USM Anywhere's interface and reporting can feel dated compared to cloud-native XDR platforms from newer competitors
- Enterprise-grade pricing and custom quoting processes put managed services out of reach for most SMBs
- Onboarding and sensor deployment across hybrid environments can be complex and time-intensive
Pricing
- Starting price
- $1,695/year (USM Anywhere)
- Billing model
- Per-asset, Tiered, Custom
- Minimum contract
- 12 months
- Proof of concept
- Available
- Onboarding
- 30-60 days
Managed security services are custom-quoted based on deployment scope, service tier, and contract duration. USM Anywhere SaaS subscriptions start at $1,695/year for smaller environments. Contact AT&T Cybersecurity or LevelBlue for enterprise pricing.
Connects with
- SIEM
- USM Anywhere (proprietary, AlienVault heritage), AlienVault OSSIM (open-source)
- EDR / Endpoint
- SentinelOne (primary managed endpoint partner), CrowdStrike Falcon, Microsoft Defender, VMware Carbon Black
- Cloud
- AWS, Azure, GCP
- Other
- Palo Alto Networks, Cisco Umbrella, Fortinet, Okta, Microsoft 365, ServiceNow
Questions
What is the relationship between AT&T Cybersecurity and LevelBlue?
In May 2024, AT&T and investment firm WillJam Ventures launched LevelBlue as a standalone managed cybersecurity services business. LevelBlue inherited AT&T's managed security services, cybersecurity consulting, AlienVault assets (including USM Anywhere and OTX), and the global SOC operations. AT&T retains a minority ownership stake and board representation. The brand is transitioning from AT&T Cybersecurity to LevelBlue, though many customers still know the services under the AT&T name.
How much does AT&T Cybersecurity / LevelBlue cost?
USM Anywhere SaaS subscriptions start at approximately $1,695 per year for smaller environments. Fully managed security services — including Managed Threat Detection and Response, Managed Endpoint Security, and Managed XDR — are custom-quoted based on organization size, deployment scope, and contract length. Contact LevelBlue directly for a tailored proposal.
Is AT&T Cybersecurity FedRAMP authorized?
Yes. LevelBlue Threat Detection and Response for Government (TDR for Gov) is the FedRAMP-authorized version of USM Anywhere. It supports AWS, Azure, and GCP government cloud environments, making it suitable for federal agencies and government contractors requiring FedRAMP-compliant managed security.