

Avertium
Technology-agnostic MDR built on the Fusion Engine platform that integrates with Microsoft Sentinel, LogRhythm, and SentinelOne. Formed in 2019 through a Sunstone Partners rollup of three regional MSSPs (Sword & Shield, Terra Verde, TruShield), Avertium focuses on mid-market and enterprise organizations. Threat hunting is included as a dedicated service with weekly reports. Two SOCs in Arizona and Tennessee provide 24/7 monitoring for 1,200+ customers across 15 industries.
Buyer fit
Good fit when
- ✓Mid-market and enterprise organizations already committed to Microsoft Sentinel, LogRhythm, or SentinelOne wanting managed SOC services
- ✓Companies needing integrated MDR, compliance consulting, and GRC services from a single vendor
- ✓Organizations in healthcare, financial services, manufacturing, and retail sectors requiring industry-specific compliance expertise
Watch out when
- ×SMBs or budget-constrained organizations needing transparent, published pricing and lower minimums
- ×Buyers requiring independently validated detection metrics (MTTD/MTTR) or breach warranty coverage
- ×Organizations needing global SOC coverage beyond North America or non-English language support
Coverage
EDR
SIEM
Cloud
Additional capabilities
Incident response
Pricing
What costs extra
- –Digital forensics and incident response (DFIR) retainer or on-demand engagement
- –Advanced compliance consulting (SOC 2, ISO, HIPAA, PCI DSS)
- –Security assessments and penetration testing
- –Additional SIEM or EDR platform licenses (Microsoft, LogRhythm, SentinelOne)
- –AI readiness consulting
- –Extended data retention beyond platform defaults
Cost caveats
- –Requires underlying platform licenses (Microsoft E5/Sentinel, LogRhythm, or SentinelOne), which Avertium can provide or customer can bring their own
- –Pricing scales significantly with number of assets, users, and coverage areas (endpoint, cloud, SaaS, network)
- –No published pricing, requires custom quote for accurate cost comparison
- –Platform choice (Microsoft vs LogRhythm vs SentinelOne) significantly impacts total cost due to differing license models
- –Full DFIR (digital forensics and incident response) is a separate retainer or on-demand engagement, not included in base Fusion MXDR
Pricing compiled from public sources. Verify directly with the provider.
Team and access
Certifications
Reputation
Gartner Peer Insights 4.7/5 (89 reviews for managed security services). Customers praise knowledgeable staff and flexible, tailored service. Limited public reviews compared to larger MDR providers. Glassdoor 4.4/5 (68 reviews), with 84% recommending to a friend. Minimal Reddit or G2 presence, making independent validation harder.
What customers praise
- ✓Customer-centric service with knowledgeable technical staff who troubleshoot incidents effectively
- ✓Flexible, customizable service tailored to specific customer needs rather than one-size-fits-all
- ✓Strong communication on emerging security threats, often first to report with accurate information
Common complaints
- ×Limited public transparency on metrics (no MTTD/MTTR published) compared to competitors
- ×No breach warranty offering, unlike CrowdStrike, Arctic Wolf, and others
- ×Smaller market presence and review volume makes independent validation harder for buyers
Questions to ask
- 1.
Does Avertium provide the underlying platform licenses (Microsoft Sentinel, LogRhythm, SentinelOne), or do we need to bring our own? How does this impact pricing?
- 2.
What are your actual MTTD and MTTR benchmarks for our chosen platform, even if not published publicly?
- 3.
Which specific response actions will your SOC analysts take autonomously vs. requiring our approval, and how do we configure these thresholds?
- 4.
How does your pricing scale as we add more endpoints, cloud resources, or coverage areas beyond the initial contract?
- 5.
What is the data retention period in our SIEM, and how do we export detection rules and investigation data if we leave?
- 6.
Since you don't offer a breach warranty, what cyber insurance partnerships or incident response cost protections do you provide?
- 7.
How does the assigned dedicated threat hunter model work in practice? What is the typical tenure of our assigned hunter?
- 8.
Can you provide customer references in our industry vertical who have been with Avertium for 2+ years?
Evidence
Sources reviewed
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public fixed price is recorded; compare only after a scoped quote.
- –No public breach warranty is recorded.
- –Response authority may depend on pre-approval and contract scope.
Also consider
Information compiled from public sources. Verify details directly with the provider before making decisions.