Capgemini vs NTT Security Holdings
Capgemini and NTT Security Holdings are both Services firms that work with your existing tools. Capgemini targets Enterprise organizations, while NTT Security Holdings serves Mid-market and Enterprise. Capgemini includes 3 attack surfaces in base pricing (Endpoint, Cloud, Network), compared to 5 for NTT Security Holdings (Endpoint, Cloud, Identity, Network, OT/ICS).
Buyer brief
Capgemini and NTT Security Holdings are both Services firms that work with your existing tools. Capgemini targets Enterprise organizations, while NTT Security Holdings serves Mid-market and Enterprise. Capgemini includes 3 attack surfaces in base pricing (Endpoint, Cloud, Network), compared to 5 for NTT Security Holdings (Endpoint, Cloud, Identity, Network, OT/ICS).
NTT Security Holdings offers broader coverage (5 surfaces vs. 3). Capgemini may suit teams that need depth over breadth.
At a glance
| FIELD |  |  |
|---|---|---|
| Best fit | Large enterprises that want a global services partner for MDR plus SOC transformation | Global enterprises needing follow-the-sun SOC coverage across NA, Europe, and APAC |
| Price | Custom quote | SamurAI XDR SaaS: $3.33/endpoint/mo; MDR custom |
| Response authority | 2/6 actions · Configurable | 1/6 actions · Configurable |
| Stack | Works with existing stack | Works with existing stack |
| Data access | Reports only | Dashboards |
| Warranty | None listed | None listed |
- Best fit
- Large enterprises that want a global services partner for MDR plus SOC transformation
- Price
- Custom quote
- Response authority
- 2/6 actions · Configurable
- Stack
- Works with existing stack
- Data access
- Reports only
- Warranty
- None listed
- Best fit
- Global enterprises needing follow-the-sun SOC coverage across NA, Europe, and APAC
- Price
- SamurAI XDR SaaS: $3.33/endpoint/mo; MDR custom
- Response authority
- 1/6 actions · Configurable
- Stack
- Works with existing stack
- Data access
- Dashboards
- Warranty
- None listed
Detailed comparison
| FIELD | CapgeminiTECH-AGNOSTIC | NTT Security HoldingsTECH-AGNOSTIC |
|---|---|---|
| Fit | ||
| Target size | Enterprise | Mid-market, Enterprise |
| Sentiment | Mixed | Positive |
| Your stack | ||
| Approach | Works with your tools | Works with your tools |
| EDR integrations | Customer endpoint security tools | CrowdStrike Falcon InsightMicrosoft Defender for EndpointVMware Carbon Black CloudFortinet FortiEDRTrellix Endpoint Security |
| SIEM integrations | Microsoft SentinelCustomer SIEM platforms | Fortinet FortiAnalyzer |
| Coverage | EPEndpoint: CoveredCloudCloud: CoveredIDIdentity: LimitedSaaSSaaS: LimitedNetNetwork: CoveredOTOT/IoT: Limited | EPEndpoint: CoveredCloudCloud: CoveredIDIdentity: CoveredSaaSSaaS: Optional add-onNetNetwork: CoveredOTOT/IoT: Covered |
| Response | ||
| Response type | Active Remediation | Active Remediation |
| Approval policy | Configurable | Configurable |
| Response actions | ContainCustom playbooks | Isolate |
| IR included | ✓ Included | Separate |
| Cost | ||
| Price range | Not published | Not published. MDR is custom quoted. Vendor-published SamurAI XDR SaaS (self-service, not MDR): $3.33/endpoint/month. |
| Minimum seats | None | None |
| Breach warranty | – | – |
| More details | ||
| Requires own agent | No | No |
| Endpoints | ✓ Included | ✓ Included |
| Cloud workloads | ✓ Included | ✓ Included |
| Identity | ~ Limited | ✓ Included |
| SaaS apps | ~ Limited | + Optional |
| Network | ✓ Included | ✓ Included |
| OT/ICS | ~ Limited | ✓ Included |
| Threat hunting | ✓ Included | ✓ Included |
| Response SLA | Not disclosed | ≤30 minutes |
| 24/7 coverage | ✓ | ✓ |
| Pricing model | Custom enterprise quote by service scope, technology stack, Cyber Defense Center model and transformation requirements. Public prices are not published. | Custom quoted based on environment size, coverage areas, and service components. Note: SamurAI XDR SaaS (a self-service product, not MDR) is $3.33/endpoint/month. MDR pricing is not published. |
| Hidden cost warnings | Capgemini is a global services firm, so scope, tooling, response authority and transformation work should be specified precisely in the statement of work.. Public pages do not publish pricing, minimum terms, service credits, MTTD, MTTR or a contractual response SLA.. Microsoft Sentinel-powered Cyber Defense Centers may require separate Microsoft licensing and data-ingestion planning.. Threat hunting, DFIR, vulnerability management and offensive security are all public offers, but buyers should confirm which are included in the base MDR scope versus separate workstreams.. Public materials do not disclose log retention, raw data export rights or detection-content portability. | Incident response is NOT included in base MDR. Requires a separate retainer with separate pricing.. SamurAI Endpoint Agent and Network Traffic Analyzer are add-ons, not included in base service. Clarify which components are in your quote.. Gartner reviewers consistently cite NTT as expensive relative to competitors.. Alert severity over-classification reported by customers, leading to unnecessary after-hours calls for already-blocked threats.. New log source integrations can take significant development time according to customer reviews.. Analysis quality and portal flexibility vary by SOC region per Gartner feedback. |
| Data portability | Partial | Partial |
| Contract terms | Continuous Vigilance, Managed Detection and Response, Managed SOC, SOC Transformation, Cyber Defense Centers powered by Microsoft Sentinel, Custom cybersecurity services engagement | Annual, Multi-year |
| Channels | EmailPortalPhoneTeams | EmailPortalPhone |
| Data access | Reports only | Dashboards |
| Dedicated analyst | – | – |
| SOC regions | North AmericaEuropeAPACLATAMMEA | North AmericaEuropeAsia-Pacific |
| Onboarding | Not published. Capgemini positions the service as a custom enterprise engagement delivered through global Cyber Defense Centers. | Official docs show ~16 days (2-day portal activation, 14-day orientation). NTT markets 'less than one week' but typical deployments are longer. |
| Industry focus | Financial ServicesEnergyUtilitiesManufacturingAutomotiveHealthcarePublic SectorTelecommunicationsTechnology | ManufacturingIndustrialFinancial ServicesEnergyHealthcareGovernmentTelecommunications |
| MTTD | Not published | Not published |
| MTTR | Not published | Not published |
| Community view | Capgemini has strong official evidence for enterprise-scale cybersecurity, Continuous Vigilance, MDR, Managed SOC, global Cyber Defense Centers, DFIR and threat hunting, but limited public buyer-review signal for the MDR service as a distinct product. Diligence should focus on service scope, response authority, tooling, staffing model, retention and pricing. | Gartner Peer Insights 4.4/5 (21 reviews). NTT DATA (parent group) ranked second by revenue in Gartner Market Share Analysis for Managed Security Services Worldwide 2022. Reviewers praise responsiveness, team continuity, and global reach. Recurring complaints: expensive pricing, alert severity over-classification, and inconsistent analysis quality across SOC regions. Very limited Reddit/community discussion. |
| Compliance | DORA | ISO 27001SOC 2 |
| Certifications | – | ISO 27001SOC 2ISAE 3000 |
| Founded | 1967 | 2000 |
| Data retention | Not published. Public Continuous Vigilance pages do not disclose default log retention, archive tiers or export rights. | 12 months standard retention for security incident data |
| API available | – | ✓ |
| Website | Visit → | Visit → |
FAQ
What is the main difference between Capgemini and NTT Security Holdings?
Capgemini is a Services firm that is technology-agnostic (works with your existing tools). NTT Security Holdings is a Services firm that is technology-agnostic (works with your existing tools). SLA commitments differ: Capgemini offers Not disclosed, NTT Security Holdings offers ≤30 minutes. Capgemini covers 3 attack surfaces in base pricing vs. 5 for NTT Security Holdings.
How do Capgemini and NTT Security Holdings differ in response capabilities?
Capgemini supports 2 autonomous actions (custom playbooks, network containment) and approval is configurable. NTT Security Holdings supports 1 autonomous actions (endpoint isolation) and approval is configurable. Incident response is included with Capgemini and not included with NTT Security Holdings.
How does Capgemini pricing compare to NTT Security Holdings?
Capgemini pricing: Not published. NTT Security Holdings pricing: Not published. MDR is custom quoted. Vendor-published SamurAI XDR SaaS (self-service, not MDR): $3.33/endpoint/month.. Watch for with Capgemini: Capgemini is a global services firm, so scope, tooling, response authority and transformation work should be specified precisely in the statement of work.; Public pages do not publish pricing, minimum terms, service credits, MTTD, MTTR or a contractual response SLA.. Watch for with NTT Security Holdings: Incident response is NOT included in base MDR. Requires a separate retainer with separate pricing.; SamurAI Endpoint Agent and Network Traffic Analyzer are add-ons, not included in base service. Clarify which components are in your quote..
Should I choose Capgemini or NTT Security Holdings?
Choose Capgemini if: large enterprises that want a global services partner for MDR plus SOC transformation. Choose NTT Security Holdings if: global enterprises needing follow-the-sun SOC coverage across NA, Europe, and APAC. Capgemini is not ideal for sMBs seeking transparent per-endpoint MDR pricing. NTT Security Holdings is not ideal for sMBs wanting transparent pricing and self-service onboarding.
Daylight Security
AI-native MDR for buyers comparing active remediation across endpoint, cloud, identity, and SaaS. Daylight works with existing EDR/SIEM stacks and uses ChatOps-native collaboration, so it can be a useful third reference point in this comparison.