Vendors
Arctic Wolf
Arctic Wolf was founded in 2012 and is a private US cybersecurity company which specializes in security operations. Arctic Wolf is headquartered in Eden Prairie, Minneapolis, with SOCs in Eden Prairie, San Antonio, and Pleasant Grove in the US, Waterloo in Canada, and Frankfurt in Germany. Arctic Wolf has customers around the world with the majority in North America, followed by EMEA, and caters to all sizes of organization.
Why worth watching
Arctic Wolf offers rapid deployment times and flexible on-premises, cloud, and hybrid deployment models, depending on the customers’ requirements.
cybereason
Cybereason is a private American cybersecurity technology company founded in 2012 and headquartered in Boston, Massachusetts, with three global SOCs for North America, EMEA, and Japan. Most customers fall into the mid-market category, with the largest number of customers in the APAC region, followed by EMEA.
Why worth watching
Cybereason uses a simple pricing model based on per endpoint, per year and depends on the subscription size.
eSentire
eSentire is a private Canadian MDR company founded in 2001, with its headquarters and a SOC in Waterloo, Ontario, and an additional SOC in Cork, Ireland. The company has customers around the world with most customers in North America, followed by EMEA, and services all sizes of organization, with most falling into the medium and mid-market enterprise segments.
Why worth watching
eSentire is a private Canadian MDR company founded in 2001, with its headquarters and a SOC in Waterloo, Ontario, and an additional SOC in Cork, Ireland. The company has customers around the world with most customers in North America, followed by EMEA, and services all sizes of organization, with most falling into the medium and mid-market enterprise segments.
ESET
ESET is a private cybersecurity solutions company founded in 1992 and headquartered in Bratislava, Slovakia. There are SOC teams across eight SOCs in the Netherlands, France, Italy, Germany, UK, Slovakia, Japan, and the US. ESET has customers around the world, with most falling in the EMEA region and the small and medium-sized enterprise category.
Why worth watching
ESET PROTECT MDR provides continuous monitoring and analysis of all major business IT environments and systems but does not cover Edge computing environments.
expel
Expel is a private security operations provider based in the US, founded in 2016, and headquartered in Herndon, Virginia. There are three SOC teams that support a remote and distributed SOC for round-the-clock coverage for customers in major regions, except South America. Most of Expel’s customers are in the US, followed by the EMEA region, and fall into the medium-sized business segment.
Why worth watching
Expel’s pricing model is based on a customer’s attack surface, or the number of assets being protected.
ForeNova
ForeNova Technologies is a private cybersecurity company founded in 2021 and headquartered in Amsterdam, with a datacenter in Frankfurt, Germany and SOCs in Kuala Lumpur, Malaysia and Changsha, China. ForeNova is focused on small and mid-market enterprises in Europe, but it also has customers in Malaysia and Hong Kong.
Why worth watching
NovaMDR 360˚ provides cloud-based management and includes the NovaCommand network sensor and the NovaGuard endpoint agent.
Fortinet
Fortinet is a public, US-based cybersecurity company founded in 2000 and headquartered in Sunnyvale, California, with a single, global SOC staffed by analysts in the US, Canada, UK, Germany, India, Philippines, and Japan. Most customers are US-based, followed by EMEA, predominantly in the medium enterprise segment, followed by mid-market enterprises.
Why worth watching
Fortinet MDR is a cloud-based service that includes some on-premises elements such as a virtual appliance and agents or collectors installed on endpoints.
IBM
IBM Corporation is a multinational technology and consulting company headquartered in Armonk, New York, USA. Founded in 1911, IBM has evolved from a computing hardware manufacturer into offering a broad range of software solutions, infrastructure hosting, and consulting services in such high-value markets as business intelligence, data analytics, cloud computing, virtualization, information security, and identity and access management. With a strong global presence and customers and partners across the globe, IBM is a major player in the market.
Why worth watching
Organizations that are looking for mature, highly scalable, and secure enterprise authentication solutions built on state-of-the-art micro-services architecture should put IBM on the list of solutions to consider.
Kroll
Kroll is a private US-based risk and financial advisory services firm established in 1972 and headquartered in New York City. Kroll offers a range of cybersecurity services, including MDR, which is supported by a single global SOC split across four locations in the US, UK, and two in the APAC region. Most customers are in North America, followed by EMEA, and fall into the mid-market segment.
Why worth watching
The pricing model depends on the combination of SIEM, EDR, and NDR used, taking into consideration the number of endpoints covered and the volume of SIEM data ingested by the platform.
Proficio
Proficio is a private, American managed security services provider (MSSP) founded in 2010 and headquartered in Carlsbad, California, with SOCs in Carlsbad (US), Singapore, and Barcelona (Spain). Proficio has customers around the world, with the majority based in the US, followed by APAC. They cater to all sizes of organization with most customers in the mid-market segment.
Why worth watching
Proficio’s charging can be per user, per node or based on volume of log ingestion depending on the combination of services provided with MDR.
Red Canary
Red Canary is a private, American managed detection and response company founded in 2014 and based in Denver, Colorado. It has a global virtual SOC staffed by more than 30 analysts located in North America. Most customer organizations are medium enterprises, with most located in North America.
Why worth watching
Red Canary offers a service for assistance with initial setup and an expert team for assisting in incident analyst and remediation.
ReliaQuest
ReliaQuest is private, US-based, cybersecurity technology company founded in 2007 and headquartered in Tampa, Florida, with eight security teams across five technical operations centers located in Ireland, India, and three cities in the US. ReliaQuest’s customers come from companies of all sizes with the majority from large and mid-size segments. Most customers are mainly located in the US, followed by EMEA.
Why worth watching
ReliaQuest’s MDR services are wrapped around its GreyMatter cloud-based, AI-supported security operations platform built on an open XDR architecture, and come in three packages: Managed, Extended, and Automated.
SecurityHQ
SecurityHQ is a privately held global Managed Security Services Provider (MSSP), founded in 2003 with headquarters in London. The company has six SOCs located in the US, the UK, the UAE, South Africa, India, and Australia. Most customers are located in the EMEA region, followed by APAC, with most falling in the mid-market and medium enterprise segments.
Why worth watching
Pricing is based on a combination of the number of users and events per second (log volume), with additional costs on a per appliance basis for things like their firewall services.
Sophos
Sophos is owned by the private equity firm Thoma Bravo and is headquartered in Santa Clara, CA. Sophos provides a single platform that supports multiple products for endpoint, network, and email security, with underlining threat intelligence. Tangential to Sophos endpoint security is its cloud workload protection offering for securing a customer's cloud environments and resources within them, such as the AWS, Azure, and GCP environments, and it can monitor misconfigurations to increase usage costs. Underneath the Sophos central platform ecosystem is a data lake of customer data ingested from each Sophos product, allowing the customer to monitor and apply analytics and AI against different events across their suite of products.
Why worth watching
Sophos includes many reports out-of-the-box, such as device monitoring, tracking, and provisioning, as well as endpoint discovery results and mobile threat response.
Tata Communications
Tata Communications is a global public communication and digital services company providing a range of communication services, network services, cloud services, and cybersecurity services, including MDR. It was founded in 2002 and is headquartered in Mumbai, India, with SOCs in India (Pune and Chennai) and Dubai, plus 11 dedicated SOCs on customer premises. Most customers are in the APAC region, followed by EMEA, with the majority falling into the large enterprise market segment.
Why worth watching
There is good support for cloud computing, with the service providing continuous monitoring and analysis of cloud applications and cloud data stores, with detection and response capabilities across all cloud services and applications, and the ability to identify data loss across cloud infrastructure.
Xcitium
Xcitium is a privately held, US-based provider of cybersecurity solutions based on technologies under development since 2018, originally by Comodo Security Solutions, which rebranded in 2022. Xcitium is headquartered in Bloomfield, New York and has a global virtual SOC with team members located in the US, India, and Pakistan. Most of Xcitium’s customers are located in North America, followed by EMEA, with the majority falling into the medium enterprise market segment.
Why worth watching
Xcitium services are sold internationally through direct sales, value added distributors (VADs), technology solutions brokers (TSBs), and MSPs/MSSPs, and licensing is on a per endpoint, per year basis. Xcitium offers four service packages: Advanced, Guided, Managed, and Complete.