Managed SOC for MSPs

Partner with ThreatDefence to deliver fully managed and white labelled cybersecurity solutions to your customers.

ThreatDefence is the only Australian SOC-as-a-Service and Managed Detection and Response provider using Australian-grown technology and providing comprehensive coverage across all parts of your enterprise. Take advantage of our scalable business model and get full access to our platform and our 24×7 team of security experts. We will provide you with everything you need to start and grow your cyber security business, from technology and 24×7 support to marketing collateral.

From MSP to MSSP Overnight

  • Establish ongoing visibility and assurance for your customers with our SIEM/XDR platform.
  • Detect cyber threats proactively and provide rich reporting and visualisations.
  • Start providing advanced 24×7 cyber security services to your customers virtually right away.

Implementing cyber threat prevention and detection services traditionally required significant investments across staff, operational tools, implementation, maintenance and technology. As an Australian cyber security vendor, ThreatDefence has created an easy-to-implement solution specifically designed for MSPs. Our MDR and SOC services will enable you to enhance your cyber security detection and response capabilities without conducting expensive staff training or investing in long-term implementation projects.

Deployed and operational in a fraction of the time and cost, versus a do-it-yourself (DIY) model. ThreatDefence MDR and SOC services are designed to get you started immediately, providing scalable 24x7x365 threat detection and incident response.

Our flexible growth model allows you to start now and bring to market advanced Security Operations, Managed Detection and Response, and Threat Hunting services tailored to the specifics of your industry and your business.

Instant Deployment

We have everything ready to go for you – people, process & technology, as well as sales & marketing collateral and MSSP service packages to deliver to your customers. Our cyber security experts will work with your team to launch your cyber security program and get you started. We do not require any minimum commitment from you and are ready to onboard your customers immediately.

Our technology is 100% cloud-based and can be deployed to your customer environments right now, providing full coverage across endpoint, network, Syslog, cloud and other sources such as Dark Web.

Why Partner With ThreatDefence

ThreatDefence is the only solution in the industry that delivers continuous assurance across all your cyber security functions. It enables your security operations with rich threat context and unbeatable visibility across endpoints, servers, cloud and SaaS applications.

Paired with our 24×7 SOC as a Service, managed Threat Hunting and Incident Response services, ThreatDefence delivers unprecedented value to MSPs of any size.

SEE BEYOND the limitations of your current security tools.

REPORT on any security metric and is able to analyse any security event.

PREVENT BREACHES with continuous vulnerability management and device hardening.

DETECT THREATS with automated detection and threat hunting.

PREDICT COMPROMISES with Dark Web monitoring and digital brand protection.

RESPOND TO INCIDENTS with 24x7 SOC and proactive incident response.

Business Case For Your MDR and SOC Services

It’s not easy to set up a Security Operations Centre for your customers. Off-the-shelf products will always limit your capabilities and will take months to deploy.

ThreatDefence is the only Managed SOC solution that allows you to start now and quickly move between service tiers and focus on what works the best for your business at any particular moment. With ThreatDefence, you can start with our 24×7 SOC service and build your cyber security capability at your own pace. At any point in time, you can get your people to take over day-to-day security operations and continue using our platform with an in-house team of security analysts.


Mitigate your resource constraints and start delivering 24×7 SOC Services Now:


Modern Technology provisioning (SIEM, XDR, threat hunting)

End-to-end onboarding support

SaaS delivery model

Ongoing platform management

Build your own SOC

24×7 Incident response

SIEM and SOC services

Real-time dashboards

Customisable reports

MITRE ATT&CK mapping

24×7 alerts

Threat hunting

Investigation and incident response

Network traffic analysis

Dark Web monitoring

Vulnerability management

Cloud monitoring and assurance

Daily compliance checks

Log management and data retention

Compliance reporting

Customer Portal with real-time and historical data

Value Proposition For Your Customers

It takes 50 days on average for a business to detect a security incident, allowing attackers a lot of time to execute their objectives. If your customer organisation is breached tomorrow, do you know what you will do? Security Incident Response is a relatively expensive activity, requiring weeks of security experts’ time working on premium rates and burning an enormous amount of time from your business, making recovery efforts extremely time-consuming.

Most businesses have no visibility into what is happening on their network. They, therefore, cannot confidently detect cyber threats or quickly understand the extent of the danger in case of a compromise.

On Average it Takes a Business:

50 days to detect a cyber breach
30 days to contain a cyber breach
The average cost of a cyber attack: $276,323

* Australian Government, 2020

The Cost of Being Protected is Not High – With Our SOC as a Service You Can Provide Your Customers With:

Robust XDR Platform

Our platform provides full enterprise coverage, integrating all the security data you can reach into, including data that directly resides within your network and on your endpoints, as well as the external data such as cloud workloads, SaaS applications, Dark Web breaches, compromised credentials, external vulnerabilities, and weaknesses and exposures related to third-party organisations in your supply chain.

The platform is fully ready for MSPs and provides robust multi-tenancy features, SSO capabilities, SOC dashboards with aggregated data from all your tenants and rich reporting.

You can provide customers with full access to their instance or deploy a dedicated Customer Portal for them with predefined report templates and high-level security posture and compliance overviews.

Visibility For Your Technical Stack

We integrate any technologies you might have, including your firewalls, security gateways, AV/EDR, cloud instances, or management systems. You will get complete visibility into all your managed systems and ensure that your technology stack will be 100% supported, whether it be Microsoft, G-Suite, AWS, or anything else.


  • Designed, developed, hosted and managed in Australia
  • No minimum commitment for Australian MSP’s
  • Unrestricted integration capability, support for any log source or custom data
  • 24×7 SOC based in Sydney


  • Easy installation, management, and support; 100% cloud-based platform
  • Multi-tenant environment, search and report across all of your tenants
  • Comes with integrated threat intelligence, dark web monitoring, vulnerability management, automated security assessment and many other features
  • White-labelled Customer Portal and Analyst Console


  • A lightweight agent deploys in seconds without any impact on user productivity
  • An extensive library of ready-to-go cloud and syslog integrations
  • Automated deployment options

We Become Part Of Your Team

Deployed within minutes, our cloud-based platform delivers immediate security backed by our 24/7/365 SOC team – all through an affordable, subscription-based service. Our SOC-as-a-Service provides MSPs with scalable options to grow your cyber security business. We offer multiple options on how you can get started. You can completely outsource your service to us or use us as the last line of your response capability and get your technical team to handle initial alerts and customer requests.

In any case, you will have direct access to our threat hunters, incident responders and platform engineers and will get your requests resolved in real-time. Whenever it comes to Incident Response, we work with your technical team to contain cyber threats as soon as possible. We support Incident Response lifecycle end-to-end, prioritising quick threat containment and root cause identification. As a breach is contained, we will collect evidence, determine instances of data exfiltration, conduct forensic analysis and prepare a detailed post-incident review.

How it Works

Our platform is 100% cloud-based and is available to be used immediately by you and your customers. It only takes a few simple steps to start using our solution:


Integrate your security data sources into the ThreatDefence cloud XDR platform in minutes—all data is hosted in Australia. We can collect data from your endpoints, cloud accounts, dark web, Syslog sources and applications.


Visualise your data and get security threats, vulnerabilities and weaknesses detected in real-time.

Get immediate visibility into your on-premises systems, Office365, AWS, and many other systems and platforms.


Visualise your data and get security threats, vulnerabilities and weaknesses detected in real time.

Get immediate visibility into your on-premises systems, Office365, AWS, and many other systems and platforms.


Customise your report templates and activate SOC notifications and alerts. We can send alerts and reports to your IT team, or directly to your customers.


Schedule a complimentary monthly meeting to get expert advice on your security posture, cyber risks and preventive technologies.


Schedule a complimentary monthly meeting to get expert advice on your security posture, cyber risks and preventive technologies.

White Labeled Reporting

We provide automated weekly and monthly reporting to your partners based on their operational and compliance needs. We will work with you to customise your report templates based on your technology stack and ensure your customers get all the information they need.

Our reporting covers security posture overview, ongoing operational issues, security trends over time, and various compliance frameworks such as ISO27001, APRA CPS 234, Essential Eight, PCI DSS and others.

Our 24×7 SOC reports also include analyst notes for notable security events and incidents, providing proactive advice on what can be improved or what remediation actions could be applied. All reports can be white labelled. Simply send us your logo, and we will do the rest.

Start Today For Free

At ThreatDefence, we know that seeing is believing. Many products claim to do wonderful things but disappoint when the rubber hits the road. For us, the opposite is true. When people see ThreatDefence live on their security data, the potential suddenly comes alive, and the value appears.

We can run a Proof of Value for your own infrastructure, as well as for 1-2 of your customers. We will create a multi-tenant instance for you and will onboard your data. You will get immediate access to all dashboards, alerts and reports, as well as to our 24×7 SOC team. If you like what you see, you can continue using the service every month – and your first month will be free!

Protect Your Organisation With ThreatDefence