"These threat analysts are dedicated to a particular customer," says Ted Donat, director of product management for Symantec's global consulting services. Dubbed the Cyber Threat Analysis Program, the service places Symantec analysts within an enterprise to conduct analysis and help customers with the mitigation and remediation of attacks.
In this outsourcing capacity, the analysts are prepared to use either Symantec's security-event information management tools or third-party security products to carry out risk-assessment. The analysts also have remote access to Symantec's global monitoring and threat-intelligence data and other available sources, Donat says.
The goal is to have the resident Symantec analyst able to identify and respond rapidly to network-security events, including discerning false positives from serious attacks.
Tim Gallo, Symantec's technical product manager, says Symantec is initiating the outsourcing program because "we're seeing requests for this from clients in sensitive environments, like critical infrastructure." Other potential customers include government agencies and the transportation industry, and systems integrators are also making requests for skilled Symantec analysts, Gallo says.
The cost for the program starts in the $325,000 range and could extend to more than $1 million, Symantec says.