Verizon Business is leveraging its Cybertrust assets to continually refine its managed security service, adding risk-correlation service to its portfolio to enable enterprise customers to quickly determine which risks pose the greatest threat to their organizations.

The idea is to provide context to threat alerts by drilling down quickly into any identified threat to determine which devices, applications and business processes are being put at risk so that the response can be prioritized accordingly, said Jonathan Nguyen-Duy, director, Product Management, for Verizon Business. The additional software was developed in house using the facilities and staff acquired in the Cybertrust buy.

“So much of what is in the market is based either on defined signatures in which you catch everything you are looking for, or on an anomaly basis, where you are looking for anomalies in the network that indicate problems -- but both of those have disadvantages,” Nguyen-Duy said. “We are looking at adding the ability to take context in terms of risk to let customers know the true risk, and we will provide information in real time that is more detailed in letting them know how to prioritize remediation steps. In addition, this service will provide more insight into the current state so you build a more accurate picture of the network, devices, and applications, enabling us to reduce false positives.”

It is particularly important to prioritize threats and remediation steps today because, like all corporate resources, security teams are being stretched by reduced budget resources, Nguyen-Duy said. This new capability is being added to Verizon’s managed security solutions at no extra cost to its customers, he said.

“This is a value-add to working with someone like Verizon,” Nguyen-Duy said. “We have a long history in security, and we continue to invest even in something as mundane as security monitoring. There is a release in our Online Guardian platform and what that allows us to do is to automatically upload vulnerability scans. Clients can download this, and they are automatically populated into the Guardian platform, and we can upload client information they may have as well.”

The capability has the benefit to chief security officers of giving them a way to increase the rate of return of the investment in security, which is something they have been asking for, Nguyen-Duy said. “This is a link between security and the business model,” he said.