SISA ProACT vs Telefónica Tech
SISA ProACT and Telefónica Tech are both Services firms that work with your existing tools. SISA ProACT targets Mid-market and Enterprise organizations, while Telefónica Tech serves SMB, Mid-market, and Enterprise. SISA ProACT includes 0 attack surfaces in base pricing (), compared to 3 for Telefónica Tech (Endpoint, Cloud, Network).
Buyer brief
SISA ProACT and Telefónica Tech are both Services firms that work with your existing tools. SISA ProACT targets Mid-market and Enterprise organizations, while Telefónica Tech serves SMB, Mid-market, and Enterprise. SISA ProACT includes 0 attack surfaces in base pricing (), compared to 3 for Telefónica Tech (Endpoint, Cloud, Network).
Telefónica Tech offers broader coverage (3 surfaces vs. 0). SISA ProACT may suit teams that need depth over breadth.
At a glance
| FIELD |  |  |
|---|---|---|
| Best fit | Regulated organizations that need MDR plus PCI, payment forensics and incident-response depth from the same provider | Organizations with operations in Spain, UK, or Latin America wanting regional SOC presence |
| Price | Custom quote | SMB Spain/Chile: EUR 3.99-8.99/user/mo + site fees |
| Response authority | 2/6 actions · Configurable | 3/6 actions · Configurable |
| Stack | Works with existing stack | Works with existing stack |
| Data access | Reports only | Dashboards |
| Warranty | None listed | None listed |
- Best fit
- Regulated organizations that need MDR plus PCI, payment forensics and incident-response depth from the same provider
- Price
- Custom quote
- Response authority
- 2/6 actions · Configurable
- Stack
- Works with existing stack
- Data access
- Reports only
- Warranty
- None listed
- Best fit
- Organizations with operations in Spain, UK, or Latin America wanting regional SOC presence
- Price
- SMB Spain/Chile: EUR 3.99-8.99/user/mo + site fees
- Response authority
- 3/6 actions · Configurable
- Stack
- Works with existing stack
- Data access
- Dashboards
- Warranty
- None listed
Detailed comparison
| FIELD | SISA ProACTTECH-AGNOSTIC | Telefónica TechTECH-AGNOSTIC |
|---|---|---|
| Fit | ||
| Target size | Mid-market, Enterprise | SMB, Mid-market, Enterprise |
| Sentiment | Mixed | Mixed |
| Your stack | ||
| Approach | Works with your tools | Works with your tools |
| EDR integrations | Customer EDR | CrowdStrike FalconPalo Alto Cortex XDR |
| SIEM integrations | Customer SIEM | CrowdStrike Falcon Next-Gen SIEM |
| Coverage | EPEndpoint: LimitedCloudCloud: LimitedIDIdentity: LimitedSaaSSaaS: LimitedNetNetwork: LimitedOTOT/IoT: Not covered | EPEndpoint: CoveredCloudCloud: CoveredIDIdentity: Optional add-onSaaSSaaS: Optional add-onNetNetwork: CoveredOTOT/IoT: Optional add-on |
| Response | ||
| Response type | Active Remediation | Active Remediation |
| Approval policy | Configurable | Configurable |
| Response actions | Disable accountsCustom playbooks | IsolateContainCustom playbooks |
| IR included | Separate | ✓ Included |
| Cost | ||
| Price range | Not published | Vendor-published EUR 3.99-8.99/user/month for SMB tiers (Spain/Chile only). Enterprise pricing not published. |
| Minimum seats | None | None |
| Breach warranty | – | – |
| More details | ||
| Requires own agent | No | No |
| Endpoints | ~ Limited | ✓ Included |
| Cloud workloads | ~ Limited | ✓ Included |
| Identity | ~ Limited | + Optional |
| SaaS apps | ~ Limited | + Optional |
| Network | ~ Limited | ✓ Included |
| OT/ICS | Not offered | + Optional |
| Threat hunting | ✓ Included | ✓ Included |
| Response SLA | Not disclosed | ≤4 hours |
| 24/7 coverage | Business hours | ✓ |
| Pricing model | Custom quote. SISA does not publish ProACT MDR package pricing. | Tiered by segment. SMB (Tu Empresa Segura, Spain/Chile only): basic at EUR 3.99/user/month, advanced at EUR 5.99/user + EUR 99/site, premium at EUR 8.99/user + EUR 160/site. Enterprise NextDefense MDR: custom-quoted. |
| Hidden cost warnings | Public pages do not publish MDR pricing, contract minimums or service-credit language.. The service is heavily payment-security oriented, so non-payment buyers should confirm whether use cases fit their environment.. ProACT lists many stack components, including SIEM, EDR, CASB, UEBA, SOAR, threat hunting and dark web monitoring, so buyers should confirm which are included in the base quote.. Response automation is a major part of the pitch, so pre-approved SOAR actions and rollback rules should be documented before go-live.. DFIR and payment forensic services are adjacent SISA services, so buyers should confirm what investigation and response work is included in MDR. | Tu Empresa Segura SMB pricing (EUR 3.99/month) only available in Spain and Chile. Not offered globally.. Enterprise NextDefense MDR pricing not published. Expect custom quotes with limited negotiation leverage due to sparse public benchmarks.. Primary EDR integration is CrowdStrike. Palo Alto Cortex XDR is supported, but other EDR platforms may have limited or no integration.. Telefonica parent company suffered a data breach in January 2025 (Hellcat ransomware, 2.3GB leaked). Ask about security posture improvements.. DFIR may be a separate retainer depending on tier. Clarify what incident response is included in base MDR. |
| Data portability | Partial | Partial |
| Contract terms | Custom, ProACT Agentic SOC, ProACT MXDR, DFIR Retainer Services | Annual |
| Channels | Portal | EmailPortalPhone |
| Data access | Reports only | Dashboards |
| Dedicated analyst | – | – |
| SOC regions | EuropeNorth AmericaLatin America | |
| Onboarding | Not published. SISA says ProACT can use a customized and scalable stack with cloud and on-premise deployment options, but no standard onboarding duration was found. | Not published |
| Industry focus | PaymentsFintechFinancial Services | TelecommunicationsFinancial ServicesEnergy & UtilitiesManufacturingGovernmentHealthcare |
| MTTD | Not published | Not published |
| MTTR | Not published | Not published |
| Community view | No meaningful MDR-specific buyer-review signal was found in major English-language review communities during this pass. The public buyer case rests on SISA's payment-security focus, ProACT Agentic SOC, forensic intelligence, 1,000+ customer claim, 40+ country footprint and PCI forensic-investigation credentials. Buyers should validate pricing, SOC delivery model, response authority and non-payment use cases directly. | Ranked #2 on MSSP Alert Top 250 Global MSSPs (2023). IDC MarketScape 'Major Player' for European MDR (2024). Included in Forrester Wave for European MSS (Q3 2022). Almost no English-language reviews on G2, Gartner Peer Insights, or Reddit. Strong brand in Spain and Latin America, largely unknown in North American MDR market. Parent company Telefonica suffered a data breach in January 2025 (Hellcat ransomware group). |
| Compliance | PCI DSSPCI PINPCI 3DSPCI P2PEPCI S3PCI S-SLCPCI MPoCSWIFTGDPR | ISO 27001GDPR |
| Certifications | PCI Global Payment Forensic InvestigatorPCI Qualified Security AssessorPCI-recognized laboratory for MPoC security evaluationsPCI GEAR committee member | ISO 27001Nozomi Networks MSSP ElitePalo Alto Networks XMDR certified partner |
| Founded | 2006 | 2013 |
| Data retention | SISA says ProACT supports PCI-compliant cloud deployments and on-premise options for data localization requirements, including custom Kubernetes and GCP environments. No standard public MDR retention period was found. | Not published |
| API available | – | ✓ |
| Website | Visit → | Visit → |
FAQ
What is the main difference between SISA ProACT and Telefónica Tech?
SISA ProACT is a Services firm that is technology-agnostic (works with your existing tools). Telefónica Tech is a Services firm that is technology-agnostic (works with your existing tools). SLA commitments differ: SISA ProACT offers Not disclosed, Telefónica Tech offers ≤4 hours. SISA ProACT covers 0 attack surfaces in base pricing vs. 3 for Telefónica Tech.
How do SISA ProACT and Telefónica Tech differ in response capabilities?
SISA ProACT supports 2 autonomous actions (account disable, custom playbooks) and approval is configurable. Telefónica Tech supports 3 autonomous actions (custom playbooks, endpoint isolation, network containment) and approval is configurable. Incident response is not included with SISA ProACT and included with Telefónica Tech.
How does SISA ProACT pricing compare to Telefónica Tech?
SISA ProACT pricing: Not published. Telefónica Tech pricing: Vendor-published EUR 3.99-8.99/user/month for SMB tiers (Spain/Chile only). Enterprise pricing not published.. Watch for with SISA ProACT: Public pages do not publish MDR pricing, contract minimums or service-credit language.; The service is heavily payment-security oriented, so non-payment buyers should confirm whether use cases fit their environment.. Watch for with Telefónica Tech: Tu Empresa Segura SMB pricing (EUR 3.99/month) only available in Spain and Chile. Not offered globally.; Enterprise NextDefense MDR pricing not published. Expect custom quotes with limited negotiation leverage due to sparse public benchmarks..
Should I choose SISA ProACT or Telefónica Tech?
Choose SISA ProACT if: banks, payment processors, fintechs and payment ecosystem buyers that want MDR informed by forensic-investigation experience. Choose Telefónica Tech if: organizations with operations in Spain, UK, or Latin America wanting regional SOC presence. SISA ProACT is not ideal for buyers that need public MDR pricing before sales. Telefónica Tech is not ideal for north American organizations wanting a provider with strong US market presence and peer reviews.
Daylight Security
AI-native MDR for buyers comparing active remediation across endpoint, cloud, identity, and SaaS. Daylight works with existing EDR/SIEM stacks and uses ChatOps-native collaboration, so it can be a useful third reference point in this comparison.