

LMNTRIX Active Defense
Platform-native MDR that bundles its own XDR stack with native deception technology. All-inclusive pricing covers unlimited DFIR, threat hunting, and remediation. Bootstrapped, channel-only, and small (roughly 50 employees), so buyers should weigh the deception stack against vendor scale risk.
Buyer fit
Good fit when
- ✓Cost-conscious mid-market teams that want one platform covering endpoint, network, cloud, and identity without add-on fees
- ✓Organizations interested in deception technology as part of their MDR stack, not as a separate product
- ✓Buyers comfortable with a smaller, bootstrapped vendor in exchange for all-inclusive pricing
Watch out when
- ×Risk-averse enterprise buyers who need vendor scale, financial backing, or third-party validated detection metrics
- ×Organizations that require MITRE-evaluated providers or independently benchmarked performance claims
- ×Teams that rely on peer community validation, as LMNTRIX has near-zero Reddit or G2 presence
Coverage
Platform
Additional capabilities
Incident response
Pricing
What costs extra
- –DFIR, threat hunting, containment, and remediation all included in base subscription
- –Deception technology included, not a separate product
Cost caveats
- –Channel-only: cannot buy direct, must go through an MSSP partner, which may add margin or limit negotiation
- –Small company with no outside funding. Ask about business continuity plans and what happens if the company is acquired or shuts down.
- –Portal still maturing. PeerSpot reviewers describe it as buggy, so factor in potential operational friction during onboarding.
- –All performance claims are self-reported with no MITRE evaluation or third-party benchmark. Insist on a POV to validate in your environment.
Pricing compiled from public sources. Verify directly with the provider.
Team and access
Reputation
High scores on review platforms but from very small sample sizes. Praised for competitive pricing, all-inclusive model, and responsive support. Criticized for buggy portal and small company size. Zero Reddit presence and no G2 listing, which limits independent validation.
What customers praise
- ✓All-inclusive model with unlimited DFIR, hunting, and remediation at competitive pricing
- ✓Native deception technology is a genuine differentiator among MDR providers
- ✓Single platform reduces tool sprawl across endpoint, network, cloud, and identity
Common complaints
- ×Portal described as buggy and still being refined (PeerSpot reviewers)
- ×Small team raises questions about surge capacity during major incidents
- ×MFA limited to Google Authenticator, no hardware key support
Zero mentions found across r/msp, r/cybersecurity, or r/sysadmin. No practitioner discussion to reference, which suggests limited market penetration or brand awareness.
Questions to ask
- 1.
Can you share independently validated evidence for the MTTD and MTTR claims, or run a POV so we can measure in our environment?
- 2.
What is your surge capacity when multiple customers face major incidents simultaneously?
- 3.
What does 'unlimited DFIR' mean in practice? Are there scope limits, hourly caps, or exclusions we should know about?
- 4.
What is the portal roadmap for addressing the stability and UX issues noted by PeerSpot reviewers?
- 5.
What MFA options beyond Google Authenticator are available or planned?
- 6.
As a bootstrapped company, what is your business continuity plan? What happens to our service if the company is acquired or winds down?
- 7.
Can you provide 3-5 customer references in our industry and of similar size?
Evidence
Sources reviewed
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public breach warranty is recorded.
- –Response authority may depend on pre-approval and contract scope.
- –MDR analyst headcount or analyst-to-customer ratio is not public.
Also consider
Information compiled from public sources. Verify details directly with the provider before making decisions.