At a glance
- Delivery model
- Tech-agnostic (works with your tools)
- Response authority
- Active remediation
- MTTA SLA
- Not disclosed
- Coverage
- 24×7 · 1 SOC region
- Surfaces
- Endpoint · Cloud · Identity · Network
- IR retainer
- ✓ Bundled
- Customers (public)
- 450+ Cyber Defence and CSIRT clients
- SOC analysts
- 90+ experts in dedicated SOC, CSIRT and threat-intelligence teams. LinkedIn lists 201-500 employees and 319 associated members.
- Onboarding
- InfoGuard's Cyber Defence brochure states 4 weeks for structured SOC onboarding. Buyers should confirm which log sources, sensors and response playbooks are included in that onboarding scope.
Best for
Ideal for
- Swiss, German and Austrian buyers that want MDR from DACH-based SOCs
- Regulated organizations that need Swiss data-residency options and incident-response depth
- Teams that want Managed SOC or Co-Managed SOC on top of an open XDR architecture
Not ideal for
- Buyers that need public MDR pricing before sales
- Teams that require named autonomous endpoint or identity actions in public docs
- Organizations that want a published global follow-the-sun SOC footprint outside DACH
Coverage
Endpoint
Included
Cloud
Included
Identity
Included
SaaS
Limited
Network
Included
OT / IoT
Limited
Compatible tools
EDR
SIEM
Cloud
Additional capabilities
Incident response
- Monitoring
- 24/7 · InfoGuard publishes 24/7 live operations and continuous on-site staffing for SOCs in Switzerland and Germany. Exact shift model and analyst-to-customer ratio are not published
- First response
- Alert only — provider notifies your team with recommended actions · Custom playbooks supported
- Containment
- None documented
- Notification
- Phone · Email
- Response SLA
- Not disclosed · InfoGuard publishes 24/7 Managed Detection & Response, 24/7 SOC operations in Switzerland and Germany and 24/7 incident-response access through its CSIRT.
- IR included
- Yes — in contract
Detection quality
- MTTD (detect)
- Not published
- MTTR (respond)
- Not published
- False positives
- InfoGuard says its platform correlates endpoint, network, IoT, OT, cloud and identity data with threat intelligence and incident-response findings. Public pages do not publish a false-positive rate or formal tuning methodology.
Threat hunting
- Included
- Yes — in base service
- Approach
- proactive
- Frequency
- Public pages say InfoGuard proactively searches for APTs and anomalies. Exact hunt cadence not published.
Pricing
Custom quote. InfoGuard does not publish MDR package pricing.. Custom or managed soc or co-managed soc or incident response retainer contracts.
- Indicative price
- Not published
What costs extra
- -Exact MDR pricing requires an InfoGuard quote
- -Managed SOC, Co-Managed SOC and Incident Response Retainer scope should be priced separately
- -Sensor, SIEM, XDR, SOAR and data-retention scope can affect total cost
- -Penetration testing, red teaming, cloud security and managed network services may be separate from MDR
Cost caveats
- -Public pages do not publish MDR pricing, contract minimums or service-credit language.
- -Named autonomous response actions are not published, so response authority should be written into the contract.
- -InfoGuard offers both Managed SOC and Co-Managed SOC, so buyer-side staffing and responsibility can vary by model.
- -Data can stay at the customer premises or in Swiss data centres, which may change architecture and retention cost.
- -Incident Response Retainer exists as a separate offer, so buyers should confirm exactly what incident-response work is included in MDR.
Pricing compiled from public sources. Verify directly with the provider.
The team
- Analysts
- Direct employees · 90+ experts in dedicated SOC, CSIRT and threat-intelligence teams. LinkedIn lists 201-500 employees and 319 associated members.
- Certifications
- ISO/IEC 27001:2022ISO 14001ISAE 3000 Type 2BSI-qualified APT Response service providerFIRST member
- Channels
- Portal · Email · Phone
- Data access
- Dashboard Access
- Portal
- InfoGuard says the web-based cockpit gives customers a round-the-clock overview of the current threat situation and infrastructure status. Public pages do not show raw query access or full case workflow.
- Account manager
- Shared / pooled
Reputation
No meaningful MDR-specific buyer-review signal was found in major English-language review communities during this pass. The public buyer case rests on InfoGuard's Swiss and German SOC delivery, 90+ SOC and CSIRT experts, open XDR platform, data-residency options and incident-response credentials. Buyers should validate pricing, response authority, named integrations and exact co-managed responsibilities directly.
Reddit (r/sysadmin, r/msp)
No meaningful Reddit signal found for InfoGuard MDR specifically.
Questions to ask
8 questions to ask InfoGuard▾
- 1.
Are we buying Managed SOC, Co-Managed SOC or a narrower MDR scope?
- 2.
Which response actions can InfoGuard take directly and which require our approval?
- 3.
What incident-response work is included in MDR and what requires an Incident Response Retainer?
- 4.
Which endpoint, network, cloud, identity, IoT and OT sources are required for go-live?
- 5.
Will our data stay on our premises or in InfoGuard's Swiss data centres, and what retention period is included?
- 6.
Which SIEM, XDR, EDR and ticketing integrations are standard versus custom?
- 7.
What contractual SLA applies to high-severity triage, escalation and containment?
- 8.
What detection content, cases, reports and log data can we export if we leave?
Evidence
Sources reviewed
Public-data caveats
- -No public contractual response-time SLA is recorded for this profile.
- -No public fixed price is recorded; compare only after a scoped quote.
- -No public breach warranty is recorded.
- -Response workflows are described, but exact standard containment actions are not public.