Strong results in third-party testing confirm LevelBlue as an XDR leader

February 16, 2024  |  Belinda Streak

Here at LevelBlue, we know  that the technology powering our managed detection and response services is solid—and we’ve got documentation to prove it. But we also know you’ve probably read your share of marketing materials making claims with nothing to back them up, so when we get the opportunity to share third-party metrics that support what we’ve been saying, we jump on it.

Recently, the LevelBlue USM Anywhere platform was evaluated by an independent third-party test lab for its extended detection and response (XDR) capabilities, and we are delighted to announce that it received an impressive overall score of 96.3%.

SecureIQLab evaluated USM Anywhere across multiple attack scenarios that incorporated a wide range of real-world threats and attack stages. The unbiased results confirm what our customers already know: organizations can depend on our XDR platform to help identify and respond to advanced threats before they become a problem.

USM Anywhere performed exceptionally well during testing to determine how accurate it is at detecting, correlating, and classifying threats—securing an overall score of 97.6%. In incident response testing, it received an overall score of 97.6%, indicating highly accurate incident management and response. SecureIQLab observed in its testing notes, “The LevelBlue XDR solution demonstrated outstanding incident response capabilities, acting and/or successfully responding to almost all validated attack scenarios.”

USM Anywhere shined during testing to understand how effective it is at filtering out noise and providing context to produce relevant, actionable alerts, achieving a near-perfect score of 99.8%.

“A key factor in the LevelBlue solution’s high Overall XDR Solution Score is its ability to rapidly identify and detect a threat and display relevant, correlated threat information.”

 – SecureIQLab (LevelBluef Extended Detection & Response (XDR) Validation Report)

The negative impact of false positives in cybersecurity is well understood. They increase noise and can quickly overwhelm security teams, resulting in alert fatigue and the very real risk of true threats being missed. Our solution’s perfect score (100%) during false-positive testing affirms its capability to correctly identify and allow non-malicious traffic without sacrificing operational accuracy. Testing was performed during normal workflows and included more than 30 real-world scenarios for several typical enterprise departments.

The goal of any security product should be to provide effective security with minimal operational cost and complexity. During testing for operational efficiency, the USM Anywhere platform performed well overall. In the Time-to-Deploy category, the platform was assessed for its ease of deployment. Testers took just two hours to deploy USM Anywhere, and they noted that it was “quick to deploy, configure, and enable.”Throughout the evaluation, the platform’s metrics for Maximum Time-to-Detect (i.e., maximum amount of time taken to detect threats) and Maximum Attack Dwell Time (i.e., maximum amount of time threats went undetected) were both less than or equal to one hour. In other words, there was no significant time gap between when an attack was detected and an alarm was triggered, which SecureIQLab considered excellent.

Interested in learning more about the results of our third-party testing? Click here to read the full report and see for yourself that what we’re saying about our XDR technology is more than marketing hype.

LevelBlue is formerly the cybersecurity division of AT&T.

Share this with others

Featured resources


Futures Report

2024 LevelBlue Futures™ Report: Cyber Resilience

Get price Free trial