Guardz Adds Identity Threat Detection to Help MSPs Deliver Packaged MDR Services

Guardz is rolling out a new Identity Threat Detection and Response (ITDR) capability as part of its unified MDR platform, giving managed service providers (MSPs) deeper visibility into user behavior and identity-driven attacks across Microsoft 365, Google Workspace, and other cloud environments.

As credential-based attacks rise, Guardz’s ITDR aims to close visibility gaps by focusing on the tactics attackers now use most, token theft, mailbox takeovers, session hijacking, and subtle authentication anomalies. The goal is not just detecting unusual login activity, but providing actionable, real-time intelligence on whether behavior signals compromise.

“Guardz’s ITDR uniquely combines real-time behavioral analytics, AI-driven threat hunting, and human expertise,” told Dor Eisner, CEO and Co-Founder of Guardz to MSSP Alert. “Unlike traditional tools focused only on alerts or identity management, Guardz proactively identifies and responds to sophisticated identity threats such as token theft, mailbox takeovers, and authentication anomalies.”

Beyond Alerts: Connecting Identity Signals Across Cloud Apps

Rather than relying solely on alerts, Guardz connects the dots across identity, logins, OAuth tokens, email rules, and user context to distinguish real threats from benign anomalies. Detection is powered by AI agents trained to identify patterns across identity-related telemetry, with 24/7 validation and response support from Guardz’s SOC team for customers on the Ultimate Plan.

Eisner explained, “Guardz connects the dots: comprehensive, native detections across identities, logins, authentication, tokens, apps, email rules, data access, and more. It’s built for MSPs—with streamlined setup, clear and actionable incident insights, and expert guidance tailored specifically for MSP workflows.”

MSPs Stay in Control During Incident Response

One of the platform’s core design principles is preserving MSP control, especially during escalations. Guardz enables customizable response workflows that reflect each MSP’s preferred engagement style.

“The MSP-first approach in the platform is clearly reflected in our MDR service,” Eisner said. “Guardz emphasizes MSP control with customizable response settings. Admins configure OAuth permissions, define pre-approvals for automated actions, and specify emergency outreach preferences.”

This approach ensures incident response can happen quickly—even in noisy environments—without removing the MSP from the decision-making loop.

Simple Pricing, Packaged Identity MDR for SMBs

With identity now the leading attack vector, Guardz is aligning its platform strategy and pricing to help MSPs deliver identity-centric security without added complexity. “Guardz plans are simple and transparent,” Eisner noted. “The Pro Plan gives MSPs full access to identity threat detections. The Ultimate Plan includes 24/7 MDR for identity and endpoint threats, enabling MSPs to deliver robust, packaged security services to SMB clients backed by expert SOC support.”

The new ITDR capability is available to all Guardz customers, expanding the company’s AI-native platform and reinforcing its focus on equipping MSPs to respond to the modern identity-centric threat landscape.