At a glance
- Delivery model
- Tech-agnostic (works with your tools)
- Response authority
- Active remediation
- MTTA SLA
- Not disclosed
- Coverage
- 24×7 · 5 SOC regions
- Surfaces
- Endpoint · Cloud · Network
- IR retainer
- ✓ Bundled
- Customers (public)
- Not published for MDR. Capgemini's official homepage describes 420,000 experts in more than 50 countries.
- SOC analysts
- Capgemini says its Cybersecurity portfolio is supported by a global network of Cyber Defense Centers, thousands of skilled professionals worldwide and 420,000 experts across the broader company. MDR-specific analyst count is not published.
- Onboarding
- Not published. Capgemini positions the service as a custom enterprise engagement delivered through global Cyber Defense Centers.
Best for
Ideal for
- Large enterprises that want a global services partner for MDR plus SOC transformation
- Microsoft Sentinel-oriented organizations evaluating outsourced Cyber Defense Center delivery
- Organizations that want MDR, DFIR, threat hunting, vulnerability management and offensive testing under one enterprise services relationship
Not ideal for
- SMBs seeking transparent per-endpoint MDR pricing
- Buyers that need a productized MDR package with published SLAs before sales engagement
- Teams that want a pure-play MDR provider instead of a broad consulting and managed security services firm
Coverage
Endpoint
Included
Cloud
Included
Identity
Limited
SaaS
Limited
Network
Included
OT / IoT
Limited
Compatible tools
EDR
SIEM
Cloud
Additional capabilities
Incident response
- Monitoring
- 24/7 · Capgemini publishes global Cyber Defense Centers and 24/7 threat detection and response. Exact shift model, follow-the-sun staffing and analyst-to-customer ratios are not published
- First response
- Alert only — provider notifies your team with recommended actions · Custom playbooks supported
- Containment
- Network containment
- Notification
- Teams · Phone · Email
- Response SLA
- Not disclosed · Capgemini publishes 24/7 monitoring, rapid response, threat detection, response, DFIR and real-time containment language.
- IR included
- Yes — in contract
Detection quality
- MTTD (detect)
- Not published
- MTTR (respond)
- Not published
- False positives
- Capgemini describes analytics, automation, expert hunters, behavioral analytics and threat intelligence, but does not publish false-positive rates or alert-triage volume methodology.
Threat hunting
- Included
- Yes — in base service
- Approach
- proactive
- Frequency
- Not published
Pricing
Custom enterprise quote by service scope, technology stack, Cyber Defense Center model and transformation requirements. Public prices are not published.. Continuous vigilance or managed detection and response or managed soc or soc transformation or cyber defense centers powered by microsoft sentinel or custom cybersecurity services engagement contracts.
- Indicative price
- Not published
What costs extra
- -SOC transformation beyond steady-state MDR
- -Digital forensics and incident response retainers or surge work
- -Vulnerability management program work
- -Penetration testing
- -Red and purple team exercises
- -Vehicle SOC services
- -Microsoft Sentinel deployment, tuning or licensing
- -Zero trust, DORA and broader cybersecurity advisory work
Cost caveats
- -Capgemini is a global services firm, so scope, tooling, response authority and transformation work should be specified precisely in the statement of work.
- -Public pages do not publish pricing, minimum terms, service credits, MTTD, MTTR or a contractual response SLA.
- -Microsoft Sentinel-powered Cyber Defense Centers may require separate Microsoft licensing and data-ingestion planning.
- -Threat hunting, DFIR, vulnerability management and offensive security are all public offers, but buyers should confirm which are included in the base MDR scope versus separate workstreams.
- -Public materials do not disclose log retention, raw data export rights or detection-content portability.
Pricing compiled from public sources. Verify directly with the provider.
The team
- Analysts
- Direct employees · Capgemini says its Cybersecurity portfolio is supported by a global network of Cyber Defense Centers, thousands of skilled professionals worldwide and 420,000 experts across the broader company. MDR-specific analyst count is not published.
- Channels
- Email · Portal · Phone · Teams
- Data access
- Reports Only
- Portal
- Public pages do not describe a dedicated MDR portal or raw query access; enterprise engagements likely define reporting and workflow access contractually.
- Account manager
- Dedicated
Reputation
Capgemini has strong official evidence for enterprise-scale cybersecurity, Continuous Vigilance, MDR, Managed SOC, global Cyber Defense Centers, DFIR and threat hunting, but limited public buyer-review signal for the MDR service as a distinct product. Diligence should focus on service scope, response authority, tooling, staffing model, retention and pricing.
What customers praise
- — Global Cyber Defense Center delivery model
- — Broad cybersecurity portfolio around MDR, SOC transformation, DFIR and threat hunting
- — Microsoft Sentinel-powered Cyber Defense Center option
Common complaints
- — No public MDR pricing or formal SLA
- — No public MTTD, MTTR or analyst-ratio metrics
- — Large services-firm scope can blur MDR, consulting, DFIR and transformation work
Reddit (r/sysadmin, r/msp)
No meaningful Reddit signal found for Capgemini Continuous Vigilance MDR specifically.
Questions to ask
8 questions to ask Capgemini▾
- 1.
Which technologies and log sources are included in the MDR scope, and which require separate integration work?
- 2.
Which Cyber Defense Center region will deliver our service and what is the follow-the-sun staffing model?
- 3.
Which response actions can Capgemini execute directly in our endpoint, network, identity and cloud tools?
- 4.
Is DFIR included in the MDR retainer, and what triggers separate incident-response fees?
- 5.
What threat-hunting cadence, methodology and deliverables are included?
- 6.
Are MTTD, MTTR, escalation clocks or service credits contractual?
- 7.
What Microsoft Sentinel licenses, ingestion costs and retention costs are our responsibility?
- 8.
What detections, playbooks, reports, tickets, logs and threat-hunting content can we export during offboarding?
Evidence
Sources reviewed
Main public source used for the provider profile.
Official Capgemini cybersecurity portfolio page used to verify continuous strategy, protection and vigilance positioning, global Cyber Defense Centers, thousands of skilled cybersecurity professionals, 24/7 threat detection and response, threat intelligence, digital forensics and DORA-related portfolio language.
Official Capgemini homepage and organization metadata used to verify company scale, founding date, global footprint and official logo asset.
Public-data caveats
- -No public contractual response-time SLA is recorded for this profile.
- -No public fixed price is recorded; compare only after a scoped quote.
- -No public breach warranty is recorded.
- -Response authority may depend on pre-approval and contract scope.
- -MDR analyst headcount or analyst-to-customer ratio is not public.