Optiv
Optiv MDR
Unique combination of vendor-agnostic MDR and deep consulting expertise, ideal for complex enterprises with diverse security stacks needing both operational security and strategic advisory.
Best For / Not Ideal For
Ideal for
- +Large enterprises with complex multi-vendor security stacks
- +Organizations needing vendor-agnostic MDR across 450+ technologies
- +Companies wanting integrated consulting and managed services
- +Manufacturing, insurance, and financial services verticals
Not ideal for
- −SMBs seeking simple per-endpoint pricing
- −Organizations wanting a single-vendor turnkey solution
- −Companies outside North America needing local SOC presence
- −Teams needing public pricing transparency for budgeting
What They Actually Do
Approval: Configurable — You choose which actions need approval
Incident Response: Included in contract
Response SLA: Contact for specifics
Includes 40 hours/year of active defense services for remediation during active attacks. SOAR-driven automated response with AI/ML capabilities for rapid detection and response.
Stack Compatibility
EDR
SIEM
Cloud
Ticketing
Other Integrations
Attack Surface Coverage
Endpoint
included
Cloud Workloads
Limited
SaaS Apps
included
Identity
included
Network
included
OT/ICS
Contact
Pricing & Total Cost
- Pricing Model
- Data volume-based (amount of data processed, not per-endpoint)
Contact provider for pricing details
What costs extra
- $Active defense services (40hrs/yr included, more available)
- $Named TAM
- $Advanced threat hunting
- $Attack surface management
Hidden cost warnings
- Warning:Data volume can grow 3x quickly; monitor ingestion costs
- Warning:Log storage costs can escalate beyond MDR fees
- Warning:Additional consulting hours beyond 40hr/yr allocation
✗No trial available
✓Proof of Value available
Service Details
Contract Terms
Contact for specifics
Data Retention
12 months hot data storage
Dedicated Analyst
Yes
Portal Access
Yes
Custom Reporting
Yes
Quarterly Reviews
Yes
Communication & Visibility
Communication Channels
Escalation Method
Named TAM performs assessments and reviews; tiered escalation through SOC
Data Access
Full Query Access
You can query raw log data directly
What to Ask Optiv
Based on common blind spots and real-world evaluation patterns
- 1.
How is the 40 hours/year of active defense services tracked and what happens when exhausted?
- 2.
What are the data ingestion cost projections for our environment over 12 months?
- 3.
How does smart data pipelining work to separate detection data from compliance data?
- 4.
Can we retain our detection content and analytics if we switch providers?
- 5.
What is the named TAM's availability outside business hours?
- 6.
How do you handle EDR platform switches mid-contract?
- 7.
What specific APAC SOC capabilities exist beyond North American coverage?
Compare With Similar Providers
Browse Related
Information compiled from public sources. Verify details directly with the provider before making decisions.