All products

Managed SIEM

Sentinel-backed log management, threat detection, and alerting. We run it, you get the outcomes. Fixed monthly, standalone or as an add-on to your landing zone.


Options

Three tiers of coverage.

Pick the coverage and SLA that match your environment. Every tier is a fixed monthly fee. Azure and Log Analytics consumption is billed at cost.

Opinionated
Custom
Fixed monthly
$1,800
GST exclusive · per month

Managed detection on our default Sentinel ruleset. You self-select this tier; we watch it. Detection that someone is actually looking at.

What's included
  • Log ingestion from your defined sources
  • ISM-relevant detection rules
  • Alerting to your team
  • Business-hours triage
  • Monthly summary
Talk to us about Watch
Fixed monthly
$1,800
GST exclusive · per month
Talk to us

Azure and LAW billed at cost.

Fixed monthly
$3,500
GST exclusive · per month

Full managed SIEM, tuned to your environment and triaged by us. The anchor tier: real detection engineering, not just a dashboard.

What's included
  • Everything in Watch
  • Custom detections for your environment
  • Alert tuning to cut fatigue
  • Incident triage workflow
  • Extended SLA
  • Quarterly review
Talk to us about Complete
Fixed monthly
$3,500
GST exclusive · per month
Talk to us

Azure and LAW billed at cost.

From
$6,000
GST exclusive · per month

Scoped to your classification and estate, with the assurance evidence to match.

What's included
  • Detections mapped to your threat model
  • PROTECTED-aware log handling
  • Priority SLA
  • Assurance evidence pack
  • Dedicated analyst
Talk to us about Assured
Scoped to your estate

Priced from $6,000/mo plus a fixed scoping fee. Tell us your sources, classification, and SLA needs.

Talk to us
The work

Detection someone actually watches.

We run the SIEM. Add-ons sit alongside the tiers, priced separately.

Log ingestion

Bring hybrid and cloud sources into Sentinel without blowing up Log Analytics costs.

ISM-relevant detection

Detections written against events that matter for the ISM, not a generic ruleset.

Alert tuning

Tuning to cut false positives, so alerts mean something and get actioned.

Triage workflow

A defined triage path for a small in-house SOC, with clear escalation.

Splunk export (add-on)

Log export to Splunk, +$2,000/mo. Sits alongside any tier.

Sentinel workbooks (add-on)

Custom Sentinel workbooks, +$1,000/mo. Sits alongside any tier.


Architecture

How we build it

Three deep dives into the real problems behind managed detection.

Log ingestion from hybrid environments without blowing LAW costs Getting the right data in without a runaway Log Analytics bill. Sentinel alerting on ISM-relevant events without alert fatigue Detections tuned so the alerts that fire are the ones worth acting on. Building a triage workflow for a small in-house SOC A workable triage process for a team that is not a 24/7 SOC.

Detection that someone actually watches.

Tell us your log sources and we will scope the right tier.