The line between MDR (managed detection and response) and traditional MSSPs has greatly blurred -- and in some cases it has disappeared. Hundreds of MSSPs now offer MDR services -- but Gartner says customers should be careful about pretenders in the market that have incomplete offerings.
To help clarify the situation, Gartner's 2021 Market Guide for Managed Detection and Response Services points to 40 companies that offer credible MDR capabilities -- up from about 20 companies in 2018.
- Gartner concedes, "This is not intended to be a list of all the providers in the MDR services market. It is not, nor is it intended to be, a competitive analysis of the providers."
- What About SMB?: Gartner tends to focus on midmarket and enterprise MDR companies, MSSP Alert believes, and overlooks fast-growing, MSP-friendly MDR providers such as Blackpoint Cyber, Huntress, Netsurion and Stellar Cyber. All four of those MDR providers have gained critical mass with MSSPs and MSPs.
- Related - Top 250 MSSPs & Top 25 SOCaaS Companies: Many of the MDR companies listed below also appeared on our Top 250 MSSP 2021 Company List and Research, and some of the MDR service providers also position as SOCaaS providers.
- Whom did we miss? Email MDR market thoughts and leads to Editorial Director Joe Panettieri ([email protected]).
Now, here's the Gartner MDR list (sorted alphabetically
) along with MSSP Alert's background on each company.
Top 40 MDR (Managed Detection and Response) Security Companies to Know
1. Ackcent (Barcelona, Spain):
As of mid-2020, AttackIQ
and Ackcent were partnering to provide breach and attack simulation (BAS) and continuous security validation (CSV) to joint customers across Europe. Ranked 108 in our Top 250 MSSP list for 2021.
2. ActZero (Toronto, Canada):
As of mid-2021, ActZero announced the Summit partner program
for MSPs, MSSPs and VARs. Summit enables ActZero partners to deliver MDR as a white-labeled service, the company said. Also, the company ActZero acquired Intelligo Networks
, a top MDR provider, in 2020 and also raised a $40 million seed round led by Point72 Hyperscale
3. Aiuken Cybersecurity (Madrid, Spain)
The company develops SOC Multi-Cloud and partners mainly with technology vendors
. Other than seeing Aiuken on the Gartner MDR list, the company has not been on MSSP Alert's radar.
4. Alert Logic (Houston, Texas, U.S.)
In a surprise move, Alert Logic in January 2021 promoted CFO John Post to CEO
, and hired multiple executives who previously held key roles at Carbonite
. The executive changes and updates came as Alert Logic strives to position itself as the top provider of SaaS-based MDR and SOAR (security orchestration and response) services. Private equity firm Welsh, Carson, Anderson & Stowe
has owned Alert Logic
since August 2013. New Alert Logic partner incentives
arrived in September 2021.
5. Arctic Wolf (Eden Prairie, Minnesota, U.S.)
Arctic Wolf could launch an IPO in 2022
. In preparation for that move, the company promoted President and Chief Revenue Officer Nick Schneider to CEO
in August 2021. Arctic Wolf raised $150 million
in Series F financing and achieved a $4.3 billion valuation in July 2021. Key investors include Viking Global Investors, Owl Rock, a division of Blue Owl Capital, and other existing investors, the technology company said at the time. Also, Arctic Wolf in June 2021 expanded its channel-focused security services and operations
to EMEA and incorporated Authorized and Wolf Pack tiers
into its channel partner program. Arctic Wolf also launched its Managed Security Awareness training solution
in May 2021.
6. Atos (Paris, France): Atos acquired MDR service provider Paladion
in early 2020. Paladion, founded in 2000 had more than 800 employees and services roughly 400 customers in 12 countries at the time of the deal. Also, Paladion generated about $29 million in revenue in 2019. Atos, meanwhile, has been struggling to drive growth in the company's overall IT consulting business.
7. Binary Defense (Stow, Ohio, U.S.)
The MSSP and MDR provider also surfaced on the Forrester Wave list of MDR leaders
. The company's offerings include SOC-as-a-Service, Managed Detection & Response, Security Information & Event Management, Threat Hunting and Counterintelligence.
8. Bitdefender (Bucharest, Romania):
Here's an example of a security software company competing in the MDR market while supporting MSP partners
. As of September 2021, Bitdefender offered three MDR packages
-- including Bitdefender MDR Core, Bitdefender MDR Advanced and Bitdefender MDR Enterprise.
9. BlueVoyant (New York, New York, U.S.):
BlueVoyant, formerly named BlueteamGlobal
, launched in 2017. As of November 2021, BlueVoyant
apparently was seeking to raise $150 million, and the funding round could value the next-generation MSSP at $1.4 billion
— though terms are not finalized. See this story for complete BlueVoyant business history
and strategy updates, as of November 2021.
10. Booz Allen Hamilton (McLean, Virginia, U.S.)
Booz Allen Hamilton, which operates a Top 250 MSSP business unit, is seeking to make more tuck-in acquisitions in such areas as cybersecurity services
and healthcare technology as of October 2021. Booz Allen expressed similar M&A views
in January 2021. The company since that time has acquired Liberty IT Solutions
for healthcare IT consulting, and cybersecurity services provider Tracepoint
. On the flip side, Booz Allen spun out the SnapAttack threat hunting & detection company
in November 2021.
Continue to page two for MDR security companies 11-20
Here's page two, featuring MDR security companies 11-20.
11. Critical Insight (Seattle, Washington, U.S.)
Formerly known as CI Security, Critical Insight integrated with Microsoft Defender Advanced Threat Protection
(ATP) in mid-2020. Still, haven't heard much from Critical Insight since the company raised $16 million
in Series B funding in 2019 to pursue growth in the healthcare market.
12. CriticalStart (Plano, Texas, U.S.)
CriticalStart launched a brand campaign
in early 2021 to bring plain talk and authenticity to cybersecurity. In doing so, Critical Start hopes to make cybersecurity “less scary and more accessible,” CMO Carrie Kelly said. Just as we were writing this blog, CriticalStart spun off CyberOne
, a value-added reseller (VAR) that generates more than $100 million in annual revenue, in November 2021. Earlier, Critical Start raised $40 million
in 2019 to expand nationwide across the United States. Also, the company integrated the Devo SIEM
(security information and event management) solution into its MDR service.
13. CrowdStrike (Sunnyvale, California, U.S.)
Best known as a cloud-based security software provider, but the company also has a major MDR focus. Most of CrowdStrike’s customer wins are partner-led deals
, and sales via the Amazon Web Services (AWS) marketplace are growing, CrowdStrike CEO George Kurtz said in December 2020. More recently, CrowdStrike acquired SecureCircle
in November 2021 extend from endpoint security to data security.
14. Cybereason (Boston, Massachusetts, U.S.)
This is another security software company with MDR capabilities. True believers include Google
-- which is a Cybereason investor. And in early 2021, Cybereason raised $275 million in Series F funding
, led by private equity and venture capital firm Liberty Strategic Capital
On the alliance front, Cybereason in July 2021 launched The Cybereason Defenders League
partner program. Also, the company in April 2021 unveiled a North American MSSP partner program
. The partner programs surfaced after Cybereason in February 2021 hired several executives
as part of its efforts to grow its channel partnerships. These hires included Stephan Tallent as VP of MSSPs for North America.
15. Cyberoo (Reggio Emilia, Italy)
MSSP Alert confesses -- we had not heard of Cyberoo before the Gartner MDR report for 2021 was released. Still, Cyberoo does have a reseller program
16. Cyderes (Kansas City, Missouri)
Cyderes is the security-as-a-service (SECaaS) division of Fishtech Group
and a Top 250 MSSP
. The company is working with Cybereason
to deliver an MDR solution to joint customers. And in January 2021, Cyderes partnered with SOC Prime
to deliver SOC Prime’s threat detection content to all Cyderes customers.
17. Cysiv (Dallas, Texas and Ottawa, Canada)
Cysiv, a security operations center-as-a-service (SOCaaS) platform provider, completed a $26 million Series A funding in 2020 led by venture capital firm ForgePoint Capital
. Cysiv was developed within Trend Micro
and launched in 2018 via a partnership with data protection standards development and certification organization HITRUST
18. deepWatch (Denver, Colorado)
, a Top 250 MSSP
and spin-out from GuidePoint Security
, received a $53 million Series B investment
led by Goldman Sachs
in October 2020. More recently, the company announced MDR Essentials
-- which leverages Splunk SIEM technology.
19. eSentire (Waterloo, Ontario, Canada)
eSentire has grown from the US to EMEA
, and the company in June 2021 purchased CyFIR
, a digital forensics and investigation tools provider. As of mid-2021, more than 1,000 organizations across 70 countries use these services to secure their data and applications. The MDR provider recorded nearly 100 percent year-over-year growth
in the first quarter of 2020. Also, eSentire raised $47 million in early 2019.
20. Expel (Herndon, Virginia, U.S.)
Expel raised $140.3 million in Series E funding
and become a unicorn — a rare privately held business with a valuation above $1 billion -- in November 2021. As of mid-2020, Expel had established partnerships with multiple MSP-friendly endpoint security companies — including SentinelOne
and VMware Carbon Black
. Also, MSP-friendly network relationships include Cisco Systems
and Palo Alto Networks
Continue to page three for MDR security companies 21-30
Here's page three, featuring MDR security companies 21-30.
21. F-Secure (Helsinki, Finland)
F-Secure in early 2021 announced a usage-based business model
for its channel partners and customer. The company had over 200 service provider partners as of early 2021. Also, F-Secure in 2018 unveiled a Rapid Detection & Response endpoint detection and response (EDR) solution for MSPs and MSSPs
. Earlier that year, F-Secure acquired MWR InfoSecurity
to bolster its cybersecurity services and detection and response solutions portfolio.
22. IBM Security (Armonk, New York)
Our complete IBM Security coverage is here
, though we haven't heard much about specific MDR initiatives.
23. Kaspersky (Moscow, Russia)
Here's another example of an endpoint security software company moving into the MDR market. Kaspersky has an MSP partner program, but the program doesn't generate much chatter in the United States. The obvious reason: The U.S. government has repeatedly alleged that Kaspersky may have ties to Russia's government, though Kaspersky has repeatedly denied the allegation.
24. Kroll (New York, New York)
Kroll acquired MDR provider Redscan
in early 2021. Ahead of the M&A deal, Redscan in 2020 achieved accreditation from CREST for its Security Operations Centre (SOC).
25. Kudelski Security (Cheseaux-sur-Lausanne, Switzerland, and Phoenix, Arizona, U.S.)
Kudelski Security, the cybersecurity division of digital security and converged media solutions provider Kudelski Group
, integrated cloud-based traffic and data inspection
into its managed security services in 2019.
26. Mandiant (Milpitas, California, U.S.)
The company broke up with FireEye
in mid-2021. By November 2021, Mandiant CEO Kevin Mandia described the company's MSSP partner strategy
. Mandia also described a four-point R&D and innovation strategy. The overall strategy involves the Mandiant Advantage Platform — which is a SaaS-based XDR platform that addresses threat intelligence, security validation, automated defense and attack surface management. The related four-point technology strategy involves:
27. Mnemonic (Oslo, Norway)
Mnemonic back in 2017 selected Netscout Systems
‘ nGenius Packet Flow System to bolster its managed security services with packet visibility capabilities, the two companies said at the time. Fast forward to present day, and we haven't heard much from the company.
28. NCC Group (Manchester, UK)
NCC Group is an information assurance firm headquartered. Its service areas cover software escrow and verification, cyber security consulting and managed services. NCC Group claims over 15,000 clients worldwide. And yet... we've never really blogged about the company.
30. Open Systems (Zurich, Switzerland) 29. Obrela Security Industries (London, UK)
Here's another rare MDR security provider that we've rarely covered -- though Obrela did surface on our Top 250 MSSPs list...
Open Systems acquired Microsoft Azure Sentinel specialist Born in the Cloud
in mid-2020. Around the same time, Open Systems introduced a managed detection and response (MDR) service
that leverages Azure Sentinel SIEM.
Continue to page four for MDR security companies 31-40
Here's page four, featuring MDR security companies 31-40.
31. Optiv (Denver, Colorado)
Optiv in 2021 positioned itself as “the cyber advisory and solutions leader
.” New hires at the time addressed managed XDR, SIEM, SOC services & more.
32. Orange Cyberdefense (Paris, France)
in 2019 acquired SecureLink
, one of Europe’s largest independent MSSPs offering cybersecurity consulting as well as managed detection and response (MDR) services. The deal’s valuation was €515 million — or about US$577 million.
33. Pondurance (Indianapolis, Indiana, U.S.)
Pondurance, backed by private equity firm Newlight Partners
, acquired advisory and assessment services company Bearing Cybersecurity
in mid-2021. Bearing’s technology — particularly the MyCyberScorecard risk management platform — is expected to strengthen Pondurance’s MDR services and help its customers improve their security posture and comply with industry and regulatory standards, the buyer said.
34. Proficio (Carlsbad, California, U.S.)
is backed by Kayne Andersen Capital Advisors
. Additional company updates are here
35. Quorum Cyber (Edinburgh, UK)
This is another MDR security company that has somehow evaded our radar...
36. Rapid7 (Boston, Massachusetts, U.S.)
Rapid7 acquired Israeli Kubernetes security company Alcide.IO for approximately $50 million
in February 2021. The deal surfaced a few months after Rapid7 acquired cloud security posture management (CSPM) company DivvyCloud
in 2020. Rapid7 supports over 9,300 customers globally.
37. Red Canary (Denver, Colorado, U.S.)
The company in 2020 launched the Red Canary Alert Center
to help security teams view, manage and prioritize alerts, according to a prepared statement. Earlier in 2020, Red Canary launched Red Canary MDR for Microsoft Defender Advanced Threat Protection
38. Secureworks (Atlanta, Georgia, U.S.)
Secureworks, owned by Dell Technologies
, has been pushing hard into SaaS security software development and building out a channel partner program mainly for VARs and resellers.
39. Sophos (Abingdon, United Kingdom)
Sophos, owned by private equity firm Thoma Bravo
, is best-known for MSP-friendly security software. Sophos
in 2019 launched Managed Threat Response (MTR), a managed threat hunting, detection and response service, that MSPs can leverage.
40. Verizon (Basking Ridge, New Jersey, U.S.)
Verizon in 2020 incorporated the Securonix SIEM
(security information and event management) solution into its MDR service. Verizon’s MDR combines remote threat monitoring, detection and response capabilities with Securonix’s SIEM, the companies said.
18 MDR Companies no longer listed by Garter
The following companies, mentioned by Gartner in 2018 and/or 2020, were not mentioned in the 2021 MDR report:
Blog originally published November 21, 2019. Updated in November 2021 to reflect Gartner's MDR market guide coupled with MSSP Alert's editorial coverage.
- Blackpoint Cyber
- Cisco Systems
- Fidelis Cybersecurity
- Ingalls Managed Detection and Response
- IntelliGO Networks
- IronNet Cyber Operations Center
- Leidos (acquired by Capgemini)
- Raytheon Managed Detection & Response
- Rook Security MDR (acquired by Sophos)
- UnitedLex's MDR business (acquired by Ankura)