Skip to main content

Your Security Team.
Powered by AI.

Get 24/7 security operations without building a SOC. EyeR Managed Defense combines under-60-second AI analysis with expert human oversight to deliver enterprise-grade protection.

What's Included

Choose the service tier that matches your needs. Scale up as your organization grows.

Continuous Monitoring

Core

24/7 security monitoring across cloud, SaaS, endpoints, identity, email, and dark web.

Real-time threat detection
Automated alert triage
Threat intelligence correlation
Under-60-second AI analysis
Complete attack surface coverage

Threat Detection & Investigation

Core

AI-powered threat detection with autonomous investigation capabilities.

Behavioral anomaly detection
MITRE ATT&CK mapping
Automated threat investigation
Complete attack timelines
Threat intelligence enrichment

Incident Response

Core

Automated incident response with complete forensics and documentation.

Autonomous containment
Root cause analysis
Detailed incident reports
Post-incident recommendations
Complete audit trails

Threat Hunting

Advanced

Proactive threat hunting to uncover hidden threats before they escalate.

Hypothesis-driven hunting
IOC and TTP searches
Advanced persistent threat detection
Monthly hunting reports
Custom hunting rules

Dark Web Monitoring

Advanced

Continuous monitoring of underground forums and dark web marketplaces.

Credential leak detection
Breach notification alerts
Ransomware gang tracking
Brand monitoring
Executive protection

Compliance Support

Advanced

Compliance monitoring and audit-ready reporting for industry standards.

Continuous compliance monitoring
Automated evidence collection
SOC 2 / ISO 27001 support
Executive dashboards
Custom integrations (SIEM, SOAR, REST API)

Managed Detection & Response

Transparent Plans. No Surprises.

All plans include full platform access, onboarding support, and a complimentary bank of incident response hours for Professional and Enterprise customers.

Essential

Ideal for growing teams

Coverage

24/7

Endpoints

Up to 100

  • AI-driven SIEM & log correlation
  • Threat detection & alert triage
  • Monthly executive report
  • Email & ticketing escalations
  • Basic vulnerability monitoring
  • Onboarding & tuning session
Request Pricing
Most Popular

Professional

Full-coverage MDR

Coverage

24/7

Endpoints

Up to 500

  • Everything in Essential
  • Full 24/7 SOC coverage
  • Dedicated Customer Success Manager
  • Proactive threat hunting
  • Cloud & SaaS monitoring
  • Identity & endpoint telemetry
  • Weekly threat briefings
  • Phone escalation support

Gift included: 10 hours of Incident Response on-boarding credit

Request Pricing

Enterprise

Unlimited scale & custom SLAs

Coverage

24/7

Endpoints

Unlimited

  • Everything in Professional
  • Custom SLA & response times
  • Multi-environment coverage
  • Co-managed or fully managed
  • Compliance reporting (SOC 2, ISO 27001)
  • Red team integration available
  • Executive dashboard & QBRs
  • Dedicated analyst team

Gift included: 10 hours of Incident Response on-boarding credit

Request Pricing

Full Feature Comparison

FeatureEssentialProfessionalEnterprise
Coverage Hours24/7 Service24/7 Service24/7 Service
Endpoint CoverageUp to 100Up to 500Unlimited
SIEM & Log Correlation
AI Threat Detection
Proactive Threat Hunting
Cloud & SaaS Monitoring
Identity & Endpoint Telemetry
Dedicated CSM
Phone Escalation
Compliance Reporting
Custom SLAs
10 IR Hours — Complimentary

All plans are billed monthly. Pricing is scoped per environment — contact us for a tailored quote.

Supported Integrations

Verified telemetry sources already mapped in the offer

These are the verified telemetry sources currently used in the pricing engine and proposal flow. EyeR can also operate on top of the customer's approved EDR/XDR platform without forcing a tool replacement.

CategoryIntegrationSupport modelWhat it covers
Code / DevOpsGitHubNative integrationSource code events, CI/CD pipeline activity, push events, and secret-scanning alerts.
Code / DevOpsGitLabNative integrationAudit events, pipeline runs, repository activity, and access monitoring.
EndpointCrowdStrikeNative integrationCrowdStrike Falcon endpoint telemetry and detections ingested for MDR correlation.
CloudMicrosoft AzureNative integrationAzure Activity Log, Azure Monitor, Defender for Cloud, and resource diagnostics.
SaaS / CollaborationMicrosoft Office 365Native integrationMicrosoft 365 Unified Audit Log for Exchange, SharePoint, Teams, and Entra ID.
SaaS / CollaborationGoogle WorkspaceNative integrationGoogle Workspace admin activity, authentication events, and Drive audit logs.
SaaS / EdgeCloudflareNative integrationWAF, DNS, Zero Trust access, and traffic telemetry.
VirtualizationVMwareNative integrationvSphere / ESXi host activity, VM operations, and infrastructure telemetry.
Business AppsAtlassian JiraNative integrationJira project activity, admin changes, and user-behavior correlation.
Business AppsSalesforceNative integrationSalesforce login, export, API access, and Shield event monitoring.
Identity / AccessOktaNative integrationAuthentication, MFA, policy changes, and administrative actions.
Identity / AccessCisco DuoNative integrationMFA activity, authentication logs, and access event monitoring.
Secure Web / SSEZscalerNative integrationInternet Access and Private Access traffic, policy, and threat events.
Network SecurityPalo Alto Networks NGFWNative integrationTraffic, threat, URL filtering, and WildFire logs.
Network SecurityFortinetVerified Syslog / CEF ingestionFortiGate traffic and security event logs via Syslog / CEF.
Network / PerimeterFirewall / Network Device (Syslog / CEF)Verified Syslog / CEF ingestionStandard firewall, IDS/IPS, router, and network-device telemetry.

Buyer Guidance

Common buyer questions, answered clearly

The commercial story should stay simple: what is protected, which service layers are included, which optional modules are selected, what is free, what is one-time, and how the monthly and annual totals are calculated.

Do we need to replace our current security tools?

No. EyeR can operate on top of the customer's current approved EDR/XDR platform and telemetry stack, including Microsoft Defender for Endpoint, CrowdStrike, SentinelOne, Cybereason, or another approved platform.

Is Microsoft 365 priced separately from identity?

No. Microsoft 365 monitoring is included under ITDR when identity protection is selected. This avoids duplicate billing for overlapping identity and O365 signals.

What determines the base MDR price?

The base recurring MDR price is determined by the number of protected assets and the selected recurring layers. Each proposal should show the exact line items used to calculate the monthly total.

What is included beyond alerting?

Investigation, analyst triage, escalation, containment guidance, reporting, continuous tuning, and practical remediation tracking are part of the service.

What costs extra?

Optional monthly modules, storage, DFIR retainers, IR hour banks, penetration testing, and setup / onboarding are listed as separate commercial lines.

What is not included by default?

Hardware repair, legal representation, ransom negotiation, on-site work, unmanaged third-party tool licensing, and out-of-scope project work are not included unless they are explicitly listed in the proposal or signed SOW.

Commercial Story

The offer should be easy to understand at a glance

Show the protected asset count, the selected recurring service layers, the optional modules, any storage assumptions, any one-time fees, and any free IR hours as separate commercial lines.

Base recurring MDR price determined by protected assets and selected recurring layers.
Monthly and annual totals should always be shown before tax.
Optional items should never be buried inside the base MDR line.
Free IR hours should be highlighted as an explicit $0 customer benefit.

Managed Defense

See managed defense on the EyeR platform

Get 24/7 monitoring, autonomous investigation, and analyst-backed response on one operating model built for lean security teams.