

Orange Cyberdefense Managed Threat Detection
Technology-agnostic MDR built on Microsoft Defender XDR or Palo Alto Cortex, operated by the cybersecurity arm of French telecom giant Orange S.A. Strong in European regulated industries with ANSSI, CREST, and NATO accreditations that few competitors match. Almost no practitioner reviews exist on G2, PeerSpot, or Reddit, making independent validation difficult.
Buyer fit
Good fit when
- ✓Large European enterprises needing ANSSI, CREST, or NATO-accredited MDR with local SOC presence
- ✓Organizations already running Microsoft Defender XDR or Palo Alto Cortex who want managed detection on top
- ✓Regulated industries (energy, transport, OT) needing MDR, threat intel, and DFIR from one provider
Watch out when
- ×SMBs or cost-sensitive buyers, as pricing is enterprise-tier with no public rate cards
- ×Teams that rely on peer reviews for vendor selection, since zero practitioner reviews exist publicly
- ×North America-primary organizations wanting a US-headquartered provider with domestic SOC teams
Coverage
EDR
SIEM
Cloud
Additional capabilities
Incident response
Pricing
What costs extra
- –Managed Threat Intelligence (separate service with 3 tiers)
- –Managed Cybercrime Monitoring (dark web)
- –Brand Protection & Fraud Detection
- –DFIR / CERT services
- –Managed SOAR
- –Cloud MDR (separate offering)
- –Managed Endpoint Security (separate offering)
Cost caveats
- –Core MDR platforms are Microsoft Defender or Palo Alto Cortex, licensing costs are separate
- –Multiple add-on services (threat intelligence, cybercrime monitoring, brand protection) add up
- –Non-European buyers may find fewer local SOC analysts and slower regional support outside EMEA hours
- –No published rate card or minimum seat count, making it hard to budget without a sales conversation
- –Sentinel consumption costs (if using Microsoft platform) are separate
Pricing compiled from public sources. Verify directly with the provider.
Team and access
Reputation
Strong analyst recognition: Forrester Strong Performer for MDR Europe (Q3 2025), IDC MarketScape European MDR Leader (2024). Zero practitioner reviews found on G2, PeerSpot, or Reddit, which makes independent validation impossible.
What customers praise
- ✓European regulatory depth (ANSSI, NATO, CREST accreditations) that few competitors hold
- ✓Broad service catalog spanning MDR, threat intel, DFIR, and OT security from one provider
- ✓Large global SOC footprint with strong EMEA coverage
Common complaints
- ×Zero practitioner reviews on G2, PeerSpot, or Reddit despite being a billion-euro revenue provider
- ×No published detection or response time metrics, and no MITRE evaluation participation
- ×EMEA-focused operations may mean thinner coverage for North American or APAC buyers
No Reddit discussions found. Enterprise European customer base likely does not frequent English-language Reddit forums.
Questions to ask
- 1.
You have zero public reviews on G2, PeerSpot, or Reddit. Can you provide three referenceable customers in our industry and region?
- 2.
What MTTD and MTTR benchmarks will you commit to contractually, given that none are published?
- 3.
What is the total cost including the underlying Microsoft Defender or Palo Alto Cortex licensing? Is that bundled or separate?
- 4.
Which specific SOC location would handle our alerts, and how many analysts there are dedicated to MDR vs. other services?
- 5.
DFIR through your CERT team is listed as separate. What does escalation from MDR to CERT actually look like, and what does it cost?
- 6.
How does the Core Fusion Portal compare to querying Sentinel or XSIAM directly? What data access do we lose by going through your portal?
- 7.
What happens to our detection rules and investigation history if we decide to leave?
Evidence
Sources reviewed
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public breach warranty is recorded.
- –Response authority may depend on pre-approval and contract scope.
- –MDR analyst headcount or analyst-to-customer ratio is not public.
Also consider
Information compiled from public sources. Verify details directly with the provider before making decisions.