The independent register of MDR providers

Barcelona-headquartered boutique MDR that brings SentinelOne and Stellar Cyber Open XDR expertise to the Spanish-speaking market. Gartner Market Guide representative vend…

AI-native MDR built by the co-founders of Sumo Logic and LogicHub. AI virtual analysts handle triage and investigation for most alerts, with human oversight on high-risk…

Technology-agnostic MDR built on the Aurora open XDR platform, designed to work with your existing security tools rather than replace them. Arctic Wolf assigns a named Co…

Cloud-first MDR tightly coupled to Microsoft Sentinel and Defender XDR, targeting regulated industries like healthcare and financial services. Detection runs on Trend Mic…

InsurSec MDR from At-Bay Security, a wholly owned subsidiary of cyber insurer At-Bay, built around the At-Bay Stance platform and managed security packages rather than a…

Technology-agnostic MDR built on the Fusion Engine platform that integrates with Microsoft Sentinel, LogRhythm, and SentinelOne. Formed in 2019 through a Sunstone Partner…

MSP-channel managed XDR with a 24/7 global SOC across five specialized teams. SentinelOne powers endpoint security in the fully managed model, with a monitoring-only opti…

Technology-agnostic MDR co-founded by David Kennedy (creator of the Social Engineer Toolkit) with a strong reputation for proactive threat hunting. Binary Defense works w…

Platform-native MDR built on the GravityZone stack where Bitdefender controls the entire detection pipeline from EPP through EDR/XDR to managed SOC operations. MITRE-eval…

MSP-channel-only MDR founded by former NSA operatives, selling exclusively through managed service providers. Blackpoint's SNAP-Defense platform uses a patented Live Netw…

Technology-agnostic MDR with deep Microsoft specialization, operating inside the customer's own Sentinel or Splunk instance without deploying a proprietary agent. Founded…

Microsoft-native MDR for Critical National Infrastructure. Built on Sentinel and Defender XDR with OT/ICS expertise

Services firm offering MDR built on ThreatCloud AI. The MDR 360 tier (launched July 2025) added vendor-neutral positioning with 160+ third-party integrations and native i…

MSP-channel MDR built on the ConnectWise Asio platform. Sold exclusively through MSP partners, not directly to end customers

Technology-agnostic MDR centered on the Trusted Behavior Registry, which auto-resolves the majority of alerts by identifying known-good behavior before they reach human a…

Platform-native MDR built on the Falcon platform where CrowdStrike analysts take direct remediation actions without waiting for customer approval. Charlotte AI powers AI-…

Microsoft-focused managed SOC operating 9 CREST-accredited SOCs across ANZ and the UK. Detects and investigates via Defender XDR and Sentinel, but remediation requires cu…

Works-with-your-tools MDR/XDR provider for growing businesses, MSPs and private equity portfolios that want a managed SOC plus compliance support. Cyberleaf is strongest…

Healthcare-focused MDR provider using a Zero-Latency Response model where threat responders staffed 24x7x365 conduct incident triage, isolation, and containment. Three-ti…

UK Microsoft MXDR specialist with a CREST-accredited SOC running inside the customer's own tenant. 3 tiers from automated containment to fully managed response.

Italian MDR provider, publicly listed on Euronext Growth Milan. Cypeer is a technology-agnostic platform that integrates with existing EDR, SIEM, cloud, firewall, and ema…

Technology-agnostic MDR built on Google Chronicle, formed from the 2021 merger of Herjavec Group and Fishtech Group. Cyderes is one of the few MDR providers offering clie…

All-in-one AutoXDR platform that natively combines EPP, EDR, NDR, UEBA, deception, SOAR, and 24/7 CyOps MDR in a single agent, with MDR included at no extra cost. Founded…

Technology-agnostic MDR that integrates with your existing EDR, SIEM, and cloud tools without requiring a proprietary agent. Cyrebro built its own SOC platform with a pro…

NDR pioneer now offering managed detection and response layered on top of its Self-Learning AI platform. Antigena autonomous response contains threats in seconds through…

Technology-agnostic MDR built on the DeepSeas Platform, integrating with your existing security stack for 24x7 detection and response across IT, cloud, mobile, and OT env…

Pure-play, SIEM-centric MDR with a patented Dynamic Risk Scoring engine claiming 98% false positive reduction. Squad Delivery Model assigns a named team of analysts, hunt…

Banking-only MDR for U.S. banks and credit unions, delivered through DefenseStorm's GRID Active platform and a 24x7x365 collaborative SOC

Technology-agnostic MDR and MSSP combining 24x7 SOC operations with bundled incident response retainer hours. Built on the ThreatAdvisor 3.0 SOAR platform, which uses aut…

U.S.-based managed cybersecurity provider that includes MDR inside its endpoint security service, alongside DNS protection, next-generation endpoint antivirus, EDR and pe…

UK-based MDR provider with SOCs in the UK and Australia, staffed exclusively by SC-cleared analysts. Their proprietary CUMULO platform integrates with existing security t…

APAC-focused MDR provider running SOCs across Singapore, Hong Kong, Malaysia, Indonesia, and South Korea. Guided response model with Cybereason EDR partnership

Pure-play MDR with a public 15-minute mean time to contain claim. Atlas XDR platform correlates endpoint, network, log, cloud, and identity telemetry across 300+ integrat…

Platform-native MDR built on the ESET PROTECT ecosystem, backed by 30+ years of threat research from one of Europe's largest privately held cybersecurity companies. Avail…

Cybersecurity, AI and digital business arm of Atos Group, run as a 17-SOC global services operation with around 6,500 security experts. Eviden's MDR is built on the AIsaa…

API-first, vendor-agnostic MDR that connects to your existing security stack via 160+ integrations without deploying a proprietary agent. Founded by former Mandiant/FireE…

European MDR provider founded by three former AIVD (Dutch intelligence) officers, offering managed XDR with optional bundled cyber insurance through Eye Underwriting. Ope…

Canadian platform-native MDR founded by ex-CSE (signals intelligence) operators. Rebranded from Covalence to Field Effect MDR in 2023

Google Cloud Premier SecOps Partner delivering MDR built on Chronicle SIEM and SOAR. Foresite's Agentic SOC uses AI agents to stage response actions, but all containment…

Platform-native MXDR from a Montreal-based provider that bundles endpoint, network, email, and Active Directory detection into its proprietary Titan platform. GoSecure al…

Mid-market MXDR provider built on the proprietary Quorum AI platform. Technology-agnostic with 300+ integrations

Canadian-rooted MDR and managed security arm of Hitachi, run from six SOCs across Canada, the US, Mexico, Switzerland, Japan and Poland. Born from the 2017 rebrand of Que…

Channel-first MDR platform that sells almost exclusively through MSP partners. Founded by ex-NSA operators, Huntress grew from a single endpoint product into a four-produ…

European services firm delivering technology-agnostic MDR through its proprietary CyberFire platform. Founded in Dublin in 2005 and backed by August Equity, Integrity360…

AI SOC platform built on genetic malware analysis, a technique that identifies code reuse and lineage across malware families. AI agents triage every alert with sub-minut…

MSP-channel MDR from Kaseya, built from the RocketCyber managed SOC platform and now sold as Kaseya MDR. It monitors endpoints, Microsoft 365, Entra ID and firewalls with…

Services firm MDR backed by 3,000+ annual IR cases feeding detection. Complete Response goes beyond containment to full threat eradication, forensics, and root cause anal…

Pure-play MDR from the cybersecurity arm of Swiss-listed Kudelski Group. Technology-agnostic, with four MDR variants (Resolute flagship, plus CrowdStrike, Microsoft, and…

The result of five acquisitions in under two years: AT&T Cybersecurity spun off as LevelBlue in May 2024, then absorbed Stroz Friedberg (IR), Trustwave (MDR/SpiderLabs),…

Platform-native MDR that bundles its own XDR stack with native deception technology. All-inclusive pricing covers unlimited DFIR, threat hunting, and remediation

Services-led MDR from LRQA Nettitude, delivered through a CREST SOC-certified Security Operations Centre and backed by LRQA's testing, threat intelligence and incident re…

PE-backed MDR roll-up built on the ShieldVision SOC automation platform with 1,000+ pre-built playbooks. US-based SOC in Scottsdale, AZ staffed by ex-military and former…

Services-led MDR from a Huntsville-based MSSP focused on the Defense Industrial Base, maritime, public sector and other regulated buyers. MAD Security's MDR is endpoint-c…

Services-firm MDR powered by 500+ Mandiant threat intelligence analysts from 30+ countries, acquired by Google Cloud for $5.4B in 2022. Works with your existing EDR (Crow…

European services-firm MDR from mnemonic, delivered through the Argus platform and modular service plans. It fits buyers that want a Nordic provider to run Microsoft, Cro…

MSP-channel MDR built on the Adlumin XDR platform with built-in SIEM, SOAR, and UEBA. Sold in three tiers (Base, Standard, Advanced) through MSP partners, with a $500,000…

UK cybersecurity consultancy delivering MXDR through two offerings: one built on Microsoft Sentinel, the other on Splunk. Detection capability comes from Fox-IT, acquired…

Platform-native MDR for NetWitness XDR environments, with analyst support for threat hunting, incident management, administration and upgrades. Current public material in…

European MDR from Nomios, with Guardian xMDR on Cortex XDR and a custom MDR option for existing stacks. Operated from an in-house Dutch SOC with EU-hosted data.

Tokyo-headquartered managed security arm of Nomura Research Institute, run as a SOC-as-a-service from Japan with a North American hub in Irvine, California. NeoSOC handle…

Vendor-agnostic MDR from NTT Group built on the sixth-generation SamurAI platform. Follow-the-sun SOC coverage with threat intelligence from 40% of global IP prefixes

European services-firm MDR from NVISO, a Belgian-founded security company that runs technology-agnostic managed security services from a European delivery footprint. It f…

European services firm delivering technology-agnostic MDR through its proprietary SWORDFISH Open XDR platform. Founded in Athens in 2010 and expanded via the Encode acqui…

Microsoft-exclusive MXDR service spun off from Open Systems in 2023. Uses agentic AI (ION IQ and Autonomous Investigator) to resolve 99.5% of incidents without customer i…

Co-managed MDR from OpenText Cybersecurity, sold mostly into SMB and regulated mid-market accounts. Runs out of a 24/7 virtual SOC built on the Webroot and BrightCloud he…

Services-firm MDR from Optiv on Google Security Operations. Built for enterprises modernizing a multi-vendor SOC with 24/7/365 monitoring, SOAR playbooks, threat intel an…

Technology-agnostic MDR built on Microsoft Defender XDR or Palo Alto Cortex, operated by the cybersecurity arm of French telecom giant Orange S.A. Strong in European regu…

South Korea-based MDR provider offering technology-agnostic detection and response across APAC. The DeepACT platform integrates with SentinelOne, Deep Instinct, and Stell…

Platform-vendor MDR built on Cortex XDR and XSIAM with 200+ Unit 42 analysts, researchers, and engineers. Requires the Cortex platform as a prerequisite, so it is a natur…

Pure-play MDR provider that works with your existing EDR tools rather than requiring its own agent. Pondurance differentiates on a risk-based analytical approach that tai…

Technology-agnostic MDR built around SIEM flexibility: Proficio hosts a SIEM for you or plugs into your existing Splunk, Sentinel, or Elastic deployment. Founded in 2010,…

Microsoft-native MDR built entirely on Sentinel and Defender, delivered through three tiers: Clarity Defend (SMB), Clarity Extend (mid-market with some third-party teleme…

Platform vendor requiring Rapid7 Insight Agent on 80%+ of assets, with one key differentiator: you keep full query access to your SIEM data. Analyst pods learn your envir…

Works-with-your-tools MDR and managed security operations provider from Austin that operates across customer-owned tools and Recon-managed SIEM/SOAR. Recon is strongest f…

Pure-play MDR built to work with whatever EDR you already have, covering 9 platforms including CrowdStrike, Microsoft Defender, SentinelOne, and Carbon Black. Founded 201…

Berlin-based cyber defense specialist that runs MDR and incident response from its own Cyber Defense Centers in Germany. Offers a full-service MDR, a Co-Managed variant f…

Services firm (formerly Dell subsidiary, IPO'd 2016) acquired by Sophos in February 2025 for $859M. Open XDR MDR built on the Taegis platform with Counter Threat Unit int…

Technology-agnostic MDR built on IBM QRadar SIEM with a bring-your-own-EDR model. SecurityHQ operates seven global SOCs and participated in the 2024 MITRE managed service…

Platform-native MDR requiring SentinelOne Singularity. Rebranded from Vigilance MDR to Wayfinder MDR at OneCon 2025 (GA November 2025) with three tiers: Essentials, Elite…

UK-onshore MDR from Six Degrees, built around Microsoft Defender for Endpoint, Microsoft Sentinel, Recorded Future threat intelligence and the Six Degrees CSOC.

Technology-agnostic MDR from an Irish publicly traded company (AIM-listed), built on the VisionX platform that layers onto your existing SIEM and EDR. Founded in Cork in…

UK-only MDR provider with automated containment actions including file quarantine, process termination, and account suspension. Works with CrowdStrike, SentinelOne, and c…

MSP-channel MDR from SonicWall. SonicSentry MDR for Endpoint is powered by CrowdStrike and adds 24/7 SOC monitoring, threat mitigation, proactive threat hunting and confi…

Endpoint vendor offering managed detection and response on its own platform, plus 350+ third-party integrations for telemetry enrichment. Sophos agent required for full M…

French cyber insurer (MGA) that bundles CrowdStrike Falcon EDR-based MDR with its insurance policies for European SMEs. CERT-Stoik handles incident response 24/7

Israeli IR-born MXDR where the same 8-person dedicated team handles both continuous monitoring and full incident response, with no handoff and no separate retainer. Found…

Telecom-backed MDR from Telefonica Group, delivered through the NextDefense brand. Runs 11 SOCs across Europe, Latin America, and North America with 24/7 coverage

AI-native MDR provider for mid-market and enterprise buyers that want managed Google, Microsoft or AWS security operations with human analysts reviewing critical decision…

Endpoint-only MDR by Malwarebytes with fully published pricing ($99/endpoint/year for the Elite tier that includes MDR). ThreatDown brand launched November 2023 as the de…

Platform-native MDR and managed IT provider built around ThreatSpike's own security and operations stack. It is a better fit for buyers replacing fragmented MSP, MDR and…

Unified SASE+MXDR+SIEM+EDR+GRC platform purpose-built for MSPs and SMBs, replacing 5+ security products with a single agent. Every MXDR customer gets a dedicated DRAM (De…

SMB-focused managed security provider with a U.S.-based in-house SOC, Splunk-centered monitoring and SentinelOne-backed endpoint response. Total Assure's MDR page names c…

Platform-native MDR built on Trend Vision One, covering endpoints, email, cloud, network, and OT from a single console. Participated in MITRE ATT&CK Evaluations (2024) wi…

Technology-agnostic MDR from a Swedish cybersecurity firm with deep incident response heritage, citing 120,000+ hours of IR experience that feeds its detection engineerin…

Compliance-led MDR and managed security from TrustNet. TrustNet publishes a dedicated MDR service, while GhostWatch provides 24/7 monitoring, SIEM, threat intelligence, v…

Vendor-agnostic MDR built on the MAXI platform that works on top of your existing EDR and SIEM rather than replacing them. Analysts take configurable remediation actions…

PCI compliance heritage provider offering MDR through its Asgard platform. Operates multiple SOCs across the US, APAC, and Europe with approximately 1,000 cybersecurity a…

MSP-focused MDR from WatchGuard, built around Core, Total and Open MDR packages. Core and Total lean into the WatchGuard stack, while Open MDR extends coverage to Microso…

Finnish MDR provider focused on European data sovereignty, built on the WithSecure Elements platform. Demerged from F-Secure in 2022, with MDR operational since 2015 thro…