Buyer fit
Good fit when
- ✓Microsoft-committed organizations (E3/E5) wanting MDR built natively on Sentinel and Defender with data staying in their own Azure tenant
- ✓UK and European organizations wanting a UK-headquartered, CREST-accredited MDR provider with Microsoft MSSP of the Year credentials
- ✓SMBs needing affordable 24/7 MDR via Clarity Defend, with a growth path to enterprise-grade Protect tier
Watch out when
- ×Organizations running CrowdStrike, SentinelOne, or any non-Microsoft primary EDR. Quorum Cyber is Microsoft-only.
- ×Teams needing validated detection metrics, response SLAs, or extensive peer reviews before buying. None of these are published.
- ×Multi-cloud-heavy environments needing AWS/GCP coverage at a reasonable tier. Only Clarity Protect (top tier) covers non-Azure clouds.
Coverage
4 of 6 attack surfaces in the base price — the rest are separately priced.
EDR
SIEM
Cloud
Additional capabilities
Incident response
Pricing
What costs extra
- –Clarity OT (managed OT/ICS detection, separate add-on)
- –Clarity Data (managed data security via Purview, separate add-on)
- –ITDR (identity threat detection, may be separate from lower tiers)
- –Incident Response Retainer (separate service)
- –Emergency MDR (time-limited engagement for active threats)
Cost caveats
- –Requires Microsoft licensing (E3/E5 or standalone Defender licenses) as a prerequisite. These costs are separate and can be significant.
- –Microsoft Sentinel consumption costs are usage-based and billed separately by Microsoft. Data ingestion charges can spike unpredictably.
- –Identity coverage (ITDR) and data security (Clarity Data) are separate services at lower tiers
- –AWS and GCP coverage only available in Clarity Protect (top tier)
Verify pricing directly with the provider.
Team and access
Reputation
Named in the Gartner Market Guide for MDR as Representative Vendor (2024, 2025). Microsoft Security MSSP of the Year 2025. First UK Microsoft Verified MXDR provider. Very limited independent review data: no ratings on G2, PeerSpot, or Gartner Peer Insights with sufficient reviews. Zero Reddit presence.
What customers praise
- ✓Deep Microsoft security expertise. First UK company to achieve Microsoft Verified MXDR status, MSSP of the Year 2025.
- ✓Three-tier model (Defend, Extend, Protect) offers genuine MDR starting at SMB level, not just enterprise
- ✓Data stays in customer's own Azure tenant with no vendor lock-in on underlying data
Common complaints
- ×Microsoft-only. Not suitable for organizations running CrowdStrike, SentinelOne, or non-Microsoft primary security tools
- ×Low SOC analyst pay (~GBP 25,000 starting per Glassdoor) raises questions about staff retention and service quality
- ×Zero independent review presence on G2, PeerSpot, Reddit. Buyers cannot find peer validation before purchasing
No discussion found on r/msp, r/cybersecurity, or r/sysadmin. Zero grassroots presence.
Questions to ask
- 1.
What specific Microsoft licensing (E3, E5, standalone Defender P2) is the minimum prerequisite, and what is the total cost including Microsoft licenses plus your MDR fee?
- 2.
What response actions can your SOC take autonomously at 3am vs. what requires our approval? The approval model is not published.
- 3.
What are your published MTTD and MTTR commitments? We could not find any detection or response time metrics.
- 4.
What third-party technologies can Clarity Extend actually ingest via Sentinel connectors? No specific vendor list is published.
- 5.
Glassdoor reviews cite low analyst pay and retention concerns. What is your current SOC analyst retention rate and average tenure?
- 6.
Can you provide three customer references in our industry? Independent reviews on G2, PeerSpot, and Gartner Peer Insights are insufficient for evaluation.
Evidence
Sources reviewed
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public fixed price is recorded; compare only after a scoped quote.
- –No public breach warranty is recorded.
- –Response authority may depend on pre-approval and contract scope.
Also consider
Independent research. Verify details directly with the provider before making decisions.
