›› At a glance
- Delivery model
- Tech-agnostic (works with your tools)
- Response authority
- Active remediation
- MTTA SLA
- Not disclosed
- Coverage
- 24×7 · 2 SOC regions
- Surfaces
- Endpoint · Cloud · SaaS · Identity · Network
- IR retainer
- ✓ Bundled
- Customers (public)
- Not published
- SOC analysts
- 500-1,000 total NRI Secure employees, SOC headcount not published separately
- Onboarding
- Not published
›› Best for
›› IDEAL FOR
- Japanese enterprises and APJ subsidiaries that want a Tokyo-headquartered SOC and Japanese-language support
- Multinationals standardizing on CrowdStrike Falcon who want a deep partner-managed service in APJ
- Buyers that value Nomura Group governance and SOC 2 Type II audited operations
›› NOT IDEAL FOR
- Buyers who need published SLA commitments and independently validated detection metrics
- European-only buyers, since NRI Secure's footprint is concentrated in Japan and the US
- Teams that rely heavily on G2 or Gartner Peer Insights review data to vet a vendor
›› Coverage
Endpoint
Included
Cloud
Included
Identity
Included
SaaS
Included
Network
Included
OT / IoT
Add-on
›› COMPATIBLE TOOLS
EDR
SIEM
Cloud
›› ADDITIONAL CAPABILITIES
›› Incident response
- Monitoring
- 24/7 · 24/7 coverage from Tokyo and Irvine SOCs
- First response
- Configurable — auto-act per your playbook, or escalate for approval · Custom playbooks supported
- Containment
- Endpoint isolation · Process kill · Network containment · Account disable · File quarantine
- Notification
- Phone · Email
- Response SLA
- Not disclosed · NRI Secure does not publish a public response SLA.
- IR included
- Yes — in contract
›› DETECTION QUALITY
- MTTD (detect)
- Not published
- MTTR (respond)
- Not published
- False positives
- Machine learning correlation layered onto NeoSOC since 2017 reduces alert volume before analysts review. Specific false-positive rates are not published.
›› THREAT HUNTING
- Included
- Yes — in base service
- Approach
- hybrid
- Frequency
- Continuous as part of NeoSOC
›› Pricing
Custom quote, varies by monitoring scope, license count, users and support duration. Sold direct.. Annual or multi-year contracts.
- Indicative price
- Not published
What costs extra
- -Security consulting and pen testing
- -Phishing awareness training
- -Incident response retainer
Cost caveats
- -Pricing is fully custom, no public benchmarks to anchor negotiation
- -Contractual SLA language must be requested, no default response time is published
- -Detection metrics are not published, customers cannot benchmark MTTD or MTTR ahead of signing
Pricing compiled from public sources. Verify directly with the provider.
›› The team
- Analysts
- Direct employees · 500-1,000 total NRI Secure employees, SOC headcount not published separately
- Certifications
- 329 GIAC120 CISSP111 CISA80 CISM
- Channels
- Email · Portal · Phone
- Data access
- Dashboard Access
- Portal
- NeoSOC portal surfaces alerts, threat hunt findings and tickets. Depth of raw query access is not publicly documented.
- Account manager
- Dedicated
›› Reputation
NRI Secure has very limited English-language community review presence on G2, Gartner Peer Insights and PeerSpot for its MDR service specifically. Most public references come from Japanese enterprise press and NRI Group communications rather than independent buyer reviews. Buyers will need direct customer references.
›› WHAT CUSTOMERS PRAISE
- — Backed by Nomura Research Institute with long Japanese enterprise track record
- — Three CrowdStrike Asia-Pacific and Japan Partner Awards in 2020 for the Managed EDR Service
- — Strong analyst certification base (329 GIAC, 120 CISSP, 111 CISA, 80 CISM as of Jan 2024)
›› COMMON COMPLAINTS
- — Almost no English-language third-party reviews to verify the service against
- — No published SLA or detection metrics for buyers to compare against pure-play competitors
- — Service catalog spans MSSP, MDR, SOC-as-a-service and consulting, scope can blur during sales cycles
›› REDDIT (R/SYSADMIN, R/MSP)
Limited Reddit discussion of NRI Secure outside Japan-focused threads. North American practitioners typically encounter the brand through CrowdStrike partner channels rather than direct shortlists.
›› Questions to ask
›› 7 questions to ask NRI SecureTechnologies▾
- 1.
Which SOC handles our environment, Tokyo or Irvine, and what is the response SLA from that location?
- 2.
How autonomous is the response under our runbook? Do analysts isolate hosts at 3am or wait for our approval?
- 3.
Beyond CrowdStrike, which EDR and SIEM products do your analysts have hands-on tuning experience with at scale?
- 4.
What detection metrics can you share from real customer engagements, since none are published publicly?
- 5.
How does the Japanese-language SOC handle English-only reporting and escalation for our non-Japanese ops team?
- 6.
What does the data export look like if we leave, including detection content and alert history?
- 7.
How is pricing structured between NeoSOC, Managed EDR, consulting and pen testing if we want to combine them?
›› Evidence
›› SOURCES REVIEWED
›› PUBLIC-DATA CAVEATS
- -No public contractual response-time SLA is recorded for this profile.
- -No public fixed price is recorded; compare only after a scoped quote.
- -No public breach warranty is recorded.
- -Response authority may depend on pre-approval and contract scope.
- -MDR analyst headcount or analyst-to-customer ratio is not public.