Your Security Team.
Powered by AI.
Get 24/7 security operations without building a SOC. EyeR Managed Defense combines under-60-second AI analysis with expert human oversight to deliver enterprise-grade protection.
What's Included
Choose the service tier that matches your needs. Scale up as your organization grows.
Continuous Monitoring
Core24/7 security monitoring across cloud, SaaS, endpoints, identity, email, and dark web.
Threat Detection & Investigation
CoreAI-powered threat detection with autonomous investigation capabilities.
Incident Response
CoreAutomated incident response with complete forensics and documentation.
Threat Hunting
AdvancedProactive threat hunting to uncover hidden threats before they escalate.
Dark Web Monitoring
AdvancedContinuous monitoring of underground forums and dark web marketplaces.
Compliance Support
AdvancedCompliance monitoring and audit-ready reporting for industry standards.
Managed Detection & Response
Transparent Plans. No Surprises.
All plans include full platform access, onboarding support, and a complimentary bank of incident response hours for Professional and Enterprise customers.
Essential
Ideal for growing teams
Coverage
24/7
Endpoints
Up to 100
- AI-driven SIEM & log correlation
- Threat detection & alert triage
- Monthly executive report
- Email & ticketing escalations
- Basic vulnerability monitoring
- Onboarding & tuning session
Professional
Full-coverage MDR
Coverage
24/7
Endpoints
Up to 500
- Everything in Essential
- Full 24/7 SOC coverage
- Dedicated Customer Success Manager
- Proactive threat hunting
- Cloud & SaaS monitoring
- Identity & endpoint telemetry
- Weekly threat briefings
- Phone escalation support
Gift included: 10 hours of Incident Response on-boarding credit
Enterprise
Unlimited scale & custom SLAs
Coverage
24/7
Endpoints
Unlimited
- Everything in Professional
- Custom SLA & response times
- Multi-environment coverage
- Co-managed or fully managed
- Compliance reporting (SOC 2, ISO 27001)
- Red team integration available
- Executive dashboard & QBRs
- Dedicated analyst team
Gift included: 10 hours of Incident Response on-boarding credit
Full Feature Comparison
| Feature | Essential | Professional | Enterprise |
|---|---|---|---|
| Coverage Hours | 24/7 Service | 24/7 Service | 24/7 Service |
| Endpoint Coverage | Up to 100 | Up to 500 | Unlimited |
| SIEM & Log Correlation | |||
| AI Threat Detection | |||
| Proactive Threat Hunting | |||
| Cloud & SaaS Monitoring | |||
| Identity & Endpoint Telemetry | |||
| Dedicated CSM | |||
| Phone Escalation | |||
| Compliance Reporting | |||
| Custom SLAs | |||
| 10 IR Hours — Complimentary |
All plans are billed monthly. Pricing is scoped per environment — contact us for a tailored quote.
Supported Integrations
Verified telemetry sources already mapped in the offer
These are the verified telemetry sources currently used in the pricing engine and proposal flow. EyeR can also operate on top of the customer's approved EDR/XDR platform without forcing a tool replacement.
| Category | Integration | Support model | What it covers |
|---|---|---|---|
| Code / DevOps | GitHub | Native integration | Source code events, CI/CD pipeline activity, push events, and secret-scanning alerts. |
| Code / DevOps | GitLab | Native integration | Audit events, pipeline runs, repository activity, and access monitoring. |
| Endpoint | CrowdStrike | Native integration | CrowdStrike Falcon endpoint telemetry and detections ingested for MDR correlation. |
| Cloud | Microsoft Azure | Native integration | Azure Activity Log, Azure Monitor, Defender for Cloud, and resource diagnostics. |
| SaaS / Collaboration | Microsoft Office 365 | Native integration | Microsoft 365 Unified Audit Log for Exchange, SharePoint, Teams, and Entra ID. |
| SaaS / Collaboration | Google Workspace | Native integration | Google Workspace admin activity, authentication events, and Drive audit logs. |
| SaaS / Edge | Cloudflare | Native integration | WAF, DNS, Zero Trust access, and traffic telemetry. |
| Virtualization | VMware | Native integration | vSphere / ESXi host activity, VM operations, and infrastructure telemetry. |
| Business Apps | Atlassian Jira | Native integration | Jira project activity, admin changes, and user-behavior correlation. |
| Business Apps | Salesforce | Native integration | Salesforce login, export, API access, and Shield event monitoring. |
| Identity / Access | Okta | Native integration | Authentication, MFA, policy changes, and administrative actions. |
| Identity / Access | Cisco Duo | Native integration | MFA activity, authentication logs, and access event monitoring. |
| Secure Web / SSE | Zscaler | Native integration | Internet Access and Private Access traffic, policy, and threat events. |
| Network Security | Palo Alto Networks NGFW | Native integration | Traffic, threat, URL filtering, and WildFire logs. |
| Network Security | Fortinet | Verified Syslog / CEF ingestion | FortiGate traffic and security event logs via Syslog / CEF. |
| Network / Perimeter | Firewall / Network Device (Syslog / CEF) | Verified Syslog / CEF ingestion | Standard firewall, IDS/IPS, router, and network-device telemetry. |
Buyer Guidance
Common buyer questions, answered clearly
The commercial story should stay simple: what is protected, which service layers are included, which optional modules are selected, what is free, what is one-time, and how the monthly and annual totals are calculated.
Do we need to replace our current security tools?
No. EyeR can operate on top of the customer's current approved EDR/XDR platform and telemetry stack, including Microsoft Defender for Endpoint, CrowdStrike, SentinelOne, Cybereason, or another approved platform.
Is Microsoft 365 priced separately from identity?
No. Microsoft 365 monitoring is included under ITDR when identity protection is selected. This avoids duplicate billing for overlapping identity and O365 signals.
What determines the base MDR price?
The base recurring MDR price is determined by the number of protected assets and the selected recurring layers. Each proposal should show the exact line items used to calculate the monthly total.
What is included beyond alerting?
Investigation, analyst triage, escalation, containment guidance, reporting, continuous tuning, and practical remediation tracking are part of the service.
What costs extra?
Optional monthly modules, storage, DFIR retainers, IR hour banks, penetration testing, and setup / onboarding are listed as separate commercial lines.
What is not included by default?
Hardware repair, legal representation, ransom negotiation, on-site work, unmanaged third-party tool licensing, and out-of-scope project work are not included unless they are explicitly listed in the proposal or signed SOW.
Commercial Story
The offer should be easy to understand at a glance
Show the protected asset count, the selected recurring service layers, the optional modules, any storage assumptions, any one-time fees, and any free IR hours as separate commercial lines.
Managed Defense
See managed defense on the EyeR platform
Get 24/7 monitoring, autonomous investigation, and analyst-backed response on one operating model built for lean security teams.