At a glance
- Delivery model
- Tech-agnostic (works with your tools)
- Response authority
- Guided response
- MTTA SLA
- Not disclosed
- Coverage
- Business hours · 0 SOC regions
- IR retainer
- Separate
- Customers (public)
- 1,000+ organizations across 40+ countries
- SOC analysts
- SISA says ProACT uses AI automation with human experts, including embedded Global Payment Forensic Investigators. Specific SOC analyst count is not published.
- Onboarding
- Not published. SISA says ProACT can use a customized and scalable stack with cloud and on-premise deployment options, but no standard onboarding duration was found.
Best for
Ideal for
- Banks, payment processors, fintechs and payment ecosystem buyers that want MDR informed by forensic-investigation experience
- Regulated organizations that need MDR plus PCI, payment forensics and incident-response depth from the same provider
- Teams that want an AI-assisted SOC model but still require human experts for complex response and root-cause analysis
Not ideal for
- Buyers that need public MDR pricing before sales
- Organizations that want a conventional analyst-led MDR provider without agentic SOC automation
- Teams that need a public SOC location list, contractual response SLA or independently validated MTTD and MTTR figures
Coverage
Endpoint
Limited
Cloud
Limited
Identity
Limited
SaaS
Limited
Network
Limited
OT / IoT
Not offered
Compatible tools
EDR
SIEM
Cloud
Additional capabilities
Incident response
- Monitoring
- Business hours only
- First response
- Alert only — provider notifies your team with recommended actions · Custom playbooks supported
- Containment
- Account disable
- Response SLA
- Not disclosed · SISA publishes AI-powered managed detection and response, SOAR-driven response and human expert handling for advanced response and root-cause analysis.
- IR included
- No — separate retainer
Detection quality
- MTTD (detect)
- Not published
- MTTR (respond)
- Not published
- False positives
- SISA says ProACT filters and contextualizes alerts so analysts focus on high-priority threats. Public pages do not publish a false-positive rate or tuning cadence.
Threat hunting
- Included
- Yes — in base service
- Approach
- hybrid
- Frequency
- Public pages list threat hunting as part of ProACT detection. Exact hunt cadence not published.
Pricing
Custom quote. SISA does not publish ProACT MDR package pricing.. Custom or proact agentic soc or proact mxdr or dfir retainer services contracts.
- Indicative price
- Not published
What costs extra
- -Exact ProACT MDR pricing requires a SISA quote
- -DFIR retainers, payment forensic investigations, ransomware response and cloud forensics may be separate services
- -PCI compliance, managed compliance, application testing, cloud security and privacy services may be separate from MDR
- -Custom cloud, Kubernetes, GCP or on-premise deployment architecture may affect scope and cost
Cost caveats
- -Public pages do not publish MDR pricing, contract minimums or service-credit language.
- -The service is heavily payment-security oriented, so non-payment buyers should confirm whether use cases fit their environment.
- -ProACT lists many stack components, including SIEM, EDR, CASB, UEBA, SOAR, threat hunting and dark web monitoring, so buyers should confirm which are included in the base quote.
- -Response automation is a major part of the pitch, so pre-approved SOAR actions and rollback rules should be documented before go-live.
- -DFIR and payment forensic services are adjacent SISA services, so buyers should confirm what investigation and response work is included in MDR.
Pricing compiled from public sources. Verify directly with the provider.
The team
- Analysts
- Direct employees · SISA says ProACT uses AI automation with human experts, including embedded Global Payment Forensic Investigators. Specific SOC analyst count is not published.
- Certifications
- PCI Global Payment Forensic InvestigatorPCI Qualified Security AssessorPCI GEAR committee member
- Channels
- Portal
- Data access
- Reports Only
- Portal
- SISA lists an MXDR portal and ITSM as client-interface components, but public pages do not show raw query access or detailed case workflow.
- Account manager
- Shared / pooled
Reputation
No meaningful MDR-specific buyer-review signal was found in major English-language review communities during this pass. The public buyer case rests on SISA's payment-security focus, ProACT Agentic SOC, forensic intelligence, 1,000+ customer claim, 40+ country footprint and PCI forensic-investigation credentials. Buyers should validate pricing, SOC delivery model, response authority and non-payment use cases directly.
Reddit (r/sysadmin, r/msp)
No meaningful Reddit signal found for SISA ProACT MDR specifically.
Questions to ask
7 questions to ask SISA ProACT▾
- 1.
Which ProACT stack components are included in our quote and which require separate licensing or services?
- 2.
Which SOAR actions can run automatically, including account disable or threat isolation, and which require approval?
- 3.
What shift model supports ProACT monitoring, and where are the analysts located?
- 4.
What DFIR work is included in MDR and what requires a DFIR retainer or separate investigation?
- 5.
How does ProACT handle non-payment environments, and which payment-specific detections would not apply to us?
- 6.
What contractual SLA applies to high-severity triage, escalation and containment?
- 7.
What detections, playbooks, reports and case data can we export if we leave?
Evidence
Sources reviewed
Public-data caveats
- -No public contractual response-time SLA is recorded for this profile.
- -No public fixed price is recorded; compare only after a scoped quote.
- -No public breach warranty is recorded.
- -Response authority may depend on pre-approval and contract scope.
- -MDR analyst headcount or analyst-to-customer ratio is not public.