CenturyLink is adding automated security threat remediation to its managed services with a new Rapid Threat Defense feature to become available on February 27.
Rapid Threat Defense was developed by CenturyLink's threat intelligence research unit, Black Lotus Labs, to simplify the security process for customers managing a number of security systems. Black Lotus Labs tracked an average of 3.8 million unique threats per month in the first half of 2019, according to the 2019 CenturyLink Threat Report.
"Our focus this year has been simplifying the portfolio because the security space is hard for a lot our customers, there's a lot of tools they can buy off the shelf," says Chris Smith, vice president of Global Security Services for CenturyLink. "We wanted to bias the portfolio toward action as opposed to just providing information. Think of Rapid Threat Defense as an automated remediation platform for our threat intel practice."
With the new security feature, customers can set policies based on their specified threat criteria to block and automatically remediate security threats – such as blocking a malicious IP address at the firewall or by blocking a malicious domain through a DNS (Domain Naming Service).
An additional goal of this service is to address the "resource vortex" – the extensive workload security professionals manage in responding to threats on a regular basis.
CenturyLink's Dave Dubois describes the resource vortex as having "highly specialized (and high priced) security analysts spending long hours monitoring devices, chasing exploits, correlating vulnerabilities and developing and deploying actions to incrementally improve defenses against current threats, rather than focusing on developing new security strategies against future threats."
"We've taken that next step and created a feature that will block threats out in the network on behalf of our customer automatically," says Smith. "They can let us know their preference on how we should behave."
Smith says the new feature will be built into many of CenturyLink's managed services, starting with its cloud-based firewall platforms – Adaptive Threat Intelligence and Adaptive Network Security. Smith says Rapid Threat Defense will be standard in the premium version of the cloud-based firewall.
Later this year, Rapid Threat Defense will be added to the Secure SD-WAN service as a standard feature, and will also be available in the Managed Premises Firewalls.
— Kelsey Kusterer Ziser, Senior Editor, Light Reading