ThreatRespond™
Your tools. Our SOC.
Vendor-agnostic managed XDR. Works with any existing EDR — SentinelOne, Microsoft Defender, Carbon Black, CrowdStrike, Cylance, Sophos. No rip-and-replace. Vijilan's SOC wraps around whatever the client already has.
One SOC. Every surface.
Endpoints & Devices
Any existing EDR — SentinelOne, Defender, Carbon Black, CrowdStrike, Cylance, Sophos, Malwarebytes
Identity & Access
Active Directory, Entra ID, Okta, Google Workspace, Azure AD, Duo
Data & Cloud Apps
Microsoft 365, Exchange Online, SharePoint, OneDrive, Teams, Google Workspace, Salesforce
Networks & Firewalls
Palo Alto, Fortinet, Cisco ASA/Firepower, SonicWall, WatchGuard, Meraki, Sophos, Juniper
Cloud Infrastructure
Azure, AWS, Google Cloud Platform, API activity logs
Applications & SaaS
Custom application logs, SaaS platforms, WAF logs, custom parsers (Advanced+)
Choose how deep our SOC goes.
SOC advises at Essential (your team acts). ThreatContain™ activates at Advanced — Vijilan SOC disables accounts, isolates hosts, and blocks IPs directly. Premium adds proactive threat hunting. Elite is dedicated, custom-built.
Foundation — 24/7 monitoring across 6 domains
- ✓24/7 SOC monitoring across 6 security domains
- ✓Works with any existing EDR (SentinelOne, Defender, Carbon Black, CrowdStrike, Cylance, Sophos)
- ✓ThreatLog™ SIEM — no data caps, no per-GB fees, 7-year retention
- ✓Microsoft 365 + Entra ID + Active Directory monitoring
- ✓White-label from day one — your brand only
- ✓Human analyst on every alert
- ✓Compliance documentation: HIPAA, PCI DSS, NIST CSF, CMMC (basic)
Active SOC — ThreatContain™, full ITDR, dark web
- ✓Everything in Essential, plus:
- ✓ThreatContain™ — SOC acts directly: account disable, host isolation, IP block
- ✓Full ITDR — BEC, OAuth abuse, MFA fatigue, impossible travel, lateral movement
- ✓Dark web credential monitoring across all covered users
- ✓Okta + Google Workspace identity coverage
- ✓15-minute SOC response on confirmed incidents
- ✓Volume discounts auto-apply at 250+ users
Threat hunting, EASM, CMMC L2 evidence
- ✓Everything in Advanced, plus:
- ✓Vijilan SOC proactive threat hunting (MITRE ATT&CK framework)
- ✓External Attack Surface Management — discovers shadow IT and forgotten assets
- ✓CMMC Level 2 audit evidence package (110 NIST SP 800-171 practices)
- ✓SOC 2 Type 2 quarterly compliance reporting
- ✓Named concierge analyst dedicated to the client
Named analyst, custom SLA, vCISO, IR retainer
- ✓Everything in Premium, plus:
- ✓Named senior concierge analyst (exclusive to this client)
- ✓Custom SLA — response times and escalation defined by client
- ✓Monthly threat intelligence briefing — industry-specific
- ✓IR retainer — pre-negotiated incident response capacity
- ✓vCISO access for board presentations and security program decisions
- ✓Custom detection content written for client applications
ThreatSensor™ onboarding in ~1 hour.
Virtual appliance powered by Cribl Stream. Deploy on-prem in under an hour. Routes telemetry from your client's existing tools — endpoints, identity, network, cloud — to the Vijilan SOC and ThreatLog™ SIEM.
ThreatLog™ is built on CrowdStrike LogScale and Falcon Next-Gen SIEM. No data caps. No per-GB fees. 7-year retention.
Day 7 Service Excellence Call
Not a co-sell pitch. A working session for:
- → Partner Portal walkthrough
- → SOC operations + ticket flow
- → Communication plan + escalation path
- → Cadence scheduling for ongoing reviews
Ready to wrap our SOC around your stack?
10-minute application. 24-hour approval. SOC live on Day 1.