Buyer fit
Good fit when
- ✓SMBs that want an outsourced security team with U.S.-based 24/7 SOC coverage
- ✓Regulated small or mid-sized organizations that care about CMMC, HIPAA, SOC 2 or NIST readiness
- ✓Buyers comfortable with a managed Splunk and SentinelOne-centered stack instead of building their own SOC
Watch out when
- ×Enterprises needing published MDR benchmarks and formal public SLA terms before engaging sales
- ×Teams that need public pricing and minimums before qualification
- ×Buyers that want a large independent review base for service quality validation
Coverage
3 of 6 attack surfaces in the base price — the rest are separately priced.
EDR
SIEM
Cloud
Additional capabilities
Incident response
Pricing
What costs extra
- –Incident response and recovery beyond MDR scope
- –Digital forensics
- –Data recovery
- –Managed email security
- –Vulnerability management
- –Managed GRC and CMMC readiness
- –Security engineering projects
Cost caveats
- –Confirm exactly which services are inside the flat monthly MDR rate, especially email security, vulnerability management, digital forensics and recovery.
- –Confirm whether Splunk, SentinelOne, Avanan, Tenable or other third-party tool costs are included or passed through.
- –The site claims no per-user surprises, but buyers should ask how the flat rate changes as employees, endpoints, cloud workloads and log volume grow.
- –No public contractual MDR SLA table, service-credit language or breach warranty was found.
Verify pricing directly with the provider.
Team and access
Certifications
Reputation
Public buyer-review signal is thin. G2 shows 5.0/5 from one review, says there are not enough reviews to provide buying insight, and categorizes the review under managed security services and vulnerability assessment rather than MDR specifically.
What customers praise
- ✓Clear SMB positioning with U.S.-based SOC coverage
- ✓Explicit containment actions on the MDR page
- ✓Single G2 reviewer praised flexible setup and team quality
Common complaints
- ×No public price bands
- ×No public independent MDR review volume
- ×No public SLA table or breach warranty
No meaningful Reddit signal found in this pass.
Questions to ask
- 1.
Which services are included in the flat monthly MDR rate, and which are separate line items?
- 2.
How does the flat rate change as endpoints, employees, cloud workloads and log volume grow?
- 3.
Is SentinelOne included in the contract, and who owns the tenant and endpoint telemetry if we leave?
- 4.
What exact response actions are pre-approved during onboarding, and which actions still require a call?
- 5.
Does the under-60-minute response claim appear in the contract, and are there service credits if it is missed?
- 6.
Are incident response, digital forensics and recovery included in MDR, or are they separate retainers?
- 7.
Which SOC location monitors us overnight, and what minimum staffing is guaranteed?
- 8.
Can you provide sample monthly reports, escalation notices and post-incident reports?
Evidence
Sources reviewed
Main public source used for the provider profile.
Official homepage used for SMB positioning, U.S.-based in-house SOC, Splunk/SentinelOne/Avanan stack, flat-rate pricing claim, 30-day onboarding, under-60-minute response claim, certifications and Silver Spring, Maryland location.
Official about page describing the company as a cybersecurity partner for SMBs, with 24/7/365 U.S.-based in-house SOC, 30+ years federal cybersecurity experience, Splunk, SentinelOne, Avanan, real-time dashboard insights, industries served and certification badges.
Official EDR page used to verify SentinelOne, lightweight endpoint agents, remote response actions, host isolation, process termination, malicious file removal, ransomware rollback, proactive threat hunting and possible use of existing EDR investments.
Official incident-response page used to keep incident response separate from base MDR scope, and to verify 24/7 hotline, incident response SLA, threat containment, isolation, remediation, eradication, recovery and the published 15-60 minute crisis response window.
BusinessWire launch announcement used for 2023 launch context, SMB focus, spinout from IBSS and portfolio context around managed security, cybersecurity engineering and GRC services.
G2 profile used only as weak third-party sentiment evidence. It shows 5.0/5 from one review, notes there are not enough reviews for buying insight, and categorizes the profile under managed security services and vulnerability assessment.
Public-data caveats
- –No public contractual response-time SLA is recorded for this profile.
- –No public breach warranty is recorded.
- –Response authority may depend on pre-approval and contract scope.
- –MDR analyst headcount or analyst-to-customer ratio is not public.
Also consider
Independent research. Verify details directly with the provider before making decisions.
