Buyer fit
Good fit when
- ✓SMB and mid-market organizations that want to replace fragmented MSP, MDR and penetration-testing vendors with one fixed-price provider
- ✓Lean IT or security teams that want the provider to own both IT operations context and security response
- ✓Buyers who value bundled offensive security, unlimited incident response and transparent per-user pricing
Watch out when
- ×Organizations seeking a narrow MDR overlay on top of an existing mature SOC and tool stack
- ×Buyers requiring published contractual MTTD/MTTR SLAs, MITRE validation or broad Gartner-style third-party validation
- ×Organizations that cannot adopt a proprietary managed platform or do not want managed IT bundled with security
Coverage
5 of 6 attack surfaces in the base price — the rest are separately priced.
Platform
Additional capabilities
Incident response
Pricing
What costs extra
- –Exact organization-specific pricing requires a quote
- –Hardware, software, SaaS and cloud licensing may still be separate procurement items
- –Special requirements outside the fixed subscription scope should be confirmed in writing
Cost caveats
- –ThreatSpike is not a narrow MDR-only SKU. Buyers that only want monitoring on top of an existing IT team may be buying a broader managed IT replacement model.
- –The platform is proprietary and built in-house. Validate exit process, data export and whether existing EDR/SIEM investments can remain primary.
- –$135/user/month can be attractive if it replaces IT, MDR and pen testing vendors, but expensive if treated as MDR-only.
- –No public contractual SLA or service-credit language was found despite the 2 to 5 minute response claim.
Verify pricing directly with the provider.
Team and access
Reputation
G2 shows 4.9/5 across 32 reviews, with most reviews categorized under Managed Security Services and a mix of SMB, mid-market and enterprise reviewers. Review themes support the consolidation, support and pricing story, but independent analyst coverage appears thinner than larger MDR providers and public review volume is still modest.
What customers praise
- ✓Tool consolidation across EDR, web filtering, email/security controls, managed IT and offensive testing
- ✓Published fixed-price subscription with unlimited incident response and penetration testing
- ✓Responsive team and broad managed IT/security support in customer reviews
Common complaints
- ×Limited independent MDR analyst validation compared with larger providers
- ×Some customers ask for more dashboarding and automation options
- ×Proprietary all-in-one model may not fit organizations that want to keep existing best-of-breed tools
No meaningful Reddit signal found in this pass. G2 is the main public review source, so sentiment should be treated as positive but thinly validated.
Questions to ask
- 1.
Can we buy Defensive Security/MDR without fully managed IT, or is the $135/user/month subscription only sold as the complete platform?
- 2.
What exact response actions are pre-approved by default, and which require customer approval?
- 3.
Can you provide contractual SLA language for the 2 to 5 minute automated response claim?
- 4.
Where are SOC analysts located, and what is the minimum overnight/weekend staffing model?
- 5.
What raw telemetry, case data and reports can we export if we leave ThreatSpike?
- 6.
How does ThreatSpike coexist with existing EDR, SIEM, identity and network security tools we want to keep?
- 7.
Is unlimited incident response capped by event type, geography, forensic depth or post-incident remediation scope?
- 8.
How often are penetration tests actually run for customers of our size, and how is scheduling prioritized?
Evidence
Sources reviewed
Main public source used for the provider profile.
Official homepage used to confirm current trading status, platform positioning, customer count, 24/7 SOC, included defensive security and managed IT model.
Official pricing page listing the $135/user/month fixed subscription, 24/7/365 managed SOC and bundled managed IT, defensive security and offensive security model.
Official trial page confirming that ThreatSpike offers a trial flow, without publishing a standard trial duration.
Official demo page used to cross-check MDR wording, 24/7 SOC, automatic response timing, accreditation wording and customer-count claims.
Official company page with founding year, London headquarters, team size, operating locations, customer/user figures and leadership roles.
Official page describing unlimited penetration testing, CREST-certified testing, red team exercises and compliance-aligned testing bundled into the platform subscription.
Official June 2025 funding announcement covering $14M Series A, global expansion, customer count, 90-country deployments and ThreatSpike Blue MDR positioning.
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public breach warranty is recorded.
- –MDR analyst headcount or analyst-to-customer ratio is not public.
Also consider
Independent research. Verify details directly with the provider before making decisions.
