Channel-Exclusive · MSP · MSSP · VAR
Any Technology. Or Ours. Either Way — One Elite SOC.
Two products. Six security domains. One 24/7 human SOC. ThreatRespond wraps around whatever your clients already run. ThreatDefend brings CrowdStrike Falcon — fully managed, zero procurement. Both include active containment, full white-label, and no minimums.
24/7 Global Human SOC SOC 2 Type 2 + ISO 27001 CrowdStrike Authorized Partner Full White-Label — Every Tier No Minimums · No Lock-In ~1 Hour Onboarding
2
Products — one answer for every client
6
Security domains — both products
1m
Median time to contain
~1hr
Full onboarding time
None
Minimums or lock-in
Choose Your Solution
One Question Decides It
Does the client want to keep their existing security tools — or have Vijilan provide the technology? Both products cover all six domains with the same 24/7 human SOC.
ThreatRespond™ — Vendor-Agnostic Managed XDR
Your Stack. Our SOC.
"Works with the tools your clients already run."
ThreatRespond is fully vendor-agnostic. Vijilan’s SOC wraps around whatever the client already has — any EDR, any firewall, any cloud, any identity provider. No rip-and-replace. At Premium tier, our SOC actively acts on the client’s existing tools without replacing them.
The Differentiator
At Premium tier, Vijilan’s SOC isolates a host running SentinelOne, disables an account in Entra ID, or blocks a phishing domain on the client’s email gateway — without replacing any technology. No competitor does this at any price.
Four Tiers — Choose Your Remediation Model
ThreatDefend™ — Fully Managed mXDR · Powered by CrowdStrike
We Bring the Technology.
"Zero license management. Zero procurement. Just protection."
ThreatDefend is for clients who want zero technology complexity. Vijilan deploys and manages the full CrowdStrike Falcon stack — TD EDR, TD SIEM, TD ITDR, TD XPM, and TD Hunt. The client pays one fee. Vijilan handles everything. SOC actively contains threats on every tier.
The Differentiator
Core already includes endpoint, SIEM, identity protection, and M365/Entra monitoring — things competitors charge extra for. Every ThreatDefend tier includes active SOC containment. No waiting. No guided-only tiers.
Four Tiers — SOC Acts on Every Single One
If the client has...
Existing security tools they want to keep
→ ThreatRespond wraps around their stack. Active containment on existing tools at Premium tier.
⟷
If the client wants...
Zero technology complexity
→ ThreatDefend brings CrowdStrike Falcon, manages everything. SOC acts on every tier from Core.
Attack Surface Coverage
Six Domains. Both Products. Always.
Whether a client chooses ThreatRespond or ThreatDefend, Vijilan’s SOC covers the same six security domains simultaneously. Cross-domain correlation catches the attacks that single-domain tools miss.
Endpoint
Workstations, laptops, servers — any EDR or Falcon
Network
Firewalls, switches, routers — any vendor
Identity
AD, Entra ID, Okta, Google Workspace
Cloud & SaaS
AWS, Azure, GCP, Microsoft 365
Email & Data
Mimecast, Proofpoint, Exchange, Defender for O365
Apps · IoT · OT
Web apps, IIS, IoT/OT devices, mobile
SIEM Included — No Data Volume Charges
Vijilan’s SIEM powered by CrowdStrike LogScale is included with both products at every tier. No separate purchase. No per-GB pricing. 90-day hot + 7-year cold retention at Core. 1-year hot + 7-year cold at Advanced and above.
Why Cross-Domain Correlation Matters
A phishing email compromises an identity. That identity accesses a cloud workload. The workload exfiltrates via an application API. Only a SOC monitoring all six domains simultaneously catches the full chain — not just the endpoint alert.
Tier Comparison
Core → Advanced → Premium → Elite
Every tier includes 24/7 SOC, SIEM, PSA integration, and full white-label. Pricing available exclusively through your Channel Manager.
🔒 Pricing available exclusively through your Channel Manager or Partner Portal. Never on this page.
ThreatRespond™ — Vendor-Agnostic Tiers
Core
Any tech · Entry tier
“24/7 SOC across all 6 domains. Any technology stack.”
📋 Guided — SOC instructs
- ✓24/7 SOC — all 6 domains
- ✓Any EDR — vendor-agnostic
- ✓Network & firewall monitoring
- ✓Active Directory + Entra ID
- ✓Microsoft 365 monitoring
- ✓Vijilan SIEM — 90-day hot
- ✓ThreatSensor (Cribl Stream)
- ✓Guided remediation
- ✓PSA integration + white-label
- — Full ITDR — Advanced
- — Active containment — Premium
⭐ Most Popular
Advanced
Compliance · ITDR
“Full identity, dark web, compliance reporting.”
📋 Guided — SOC instructs
- ✓Everything in Core, plus:
- ✦Full ITDR — BEC, impossible travel, credential stuffing, OAuth abuse, lateral movement
- ✦Okta + Google Workspace
- ✦AWS, Azure, GCP monitoring
- ✦Dark web monitoring
- ✦1-year hot + 7-year cold SIEM
- ✦HIPAA, PCI DSS 4.0, NIST CSF 2.0, CMMC L1
- ✦Priority 15-min SLA
- ✦White-labeled QBR templates
Premium
Regulated · High-risk
“SOC acts on clients’ existing tools — no replacement.”
⚡ SOC Acts — Existing Tech
- ✓Everything in Advanced, plus:
- ✦Isolate hosts on SentinelOne, Defender, any EDR
- ✦Disable accounts in Entra ID / AD
- ✦Block phishing domains on email gateways
- ✦Enforce firewall rules — any vendor
- ✦Exposure management via SOC
- ✦IoT/OT + mobile monitoring
- ✦CMMC L2 + SOC 2 audit evidence
- ✦Dedicated named SOC concierge
By Invitation
Elite
Enterprise MSSPs
“Makes Premium the obvious rational choice.”
⚡ Bespoke mXDR
- ✓Everything in Premium, plus:
- ✓Custom detection engineering
- ✓vCISO advisory hours
- ✓IR retainer — 1-hour SLA
- ✓Forward-deployed engineer
- ✓CMMC L3, DORA, NIS2
Pricing anchor — Elite makes Premium look like the rational choice for most clients.
ThreatDefend™ — CrowdStrike-Powered Tiers
Core
Full protection — day one
“EDR + identity + M365 + SIEM — all managed. SOC acts.”
⚡ SOC Acts — Every Tier
- ✓TD EDR — Falcon Prevent + Insight XDR + Firewall Mgmt + Device Control
- ✓TD SIEM — LogScale, no data volume charges
- ✓TD ITDR — Falcon Identity Protection — full ITDR on Entra ID, AD, Okta
- ✓M365 + Entra ID monitoring — included
- ✓SOC: host isolation, process kill, file quarantine, account lockdown
- ✓Charlotte AI agentic detection
- ✓Vijilan manages all licensing
- — TD XPM — Advanced
- — TD Hunt (OverWatch) — Premium
⭐ Most Popular
Advanced
Exposure + asset intelligence
“Adds full exposure management — every asset, every risk.”
⚡ SOC Acts + Exposure
- ✓Everything in Core, plus:
- ✦TD XPM — Falcon Exposure Management (includes Spotlight + Discover + external attack surface)
- ✦Asset inventory + shadow IT visibility
- ✦Vulnerability prioritization by active threat context
- ✦External attack surface discovery
- ✦1-year hot + 7-year cold SIEM retention
- ✦HIPAA, PCI DSS 4.0, NIST CSF 2.0, CMMC L1
- ✦Zero licensing complexity across all modules
Premium
Dual threat hunting
“OverWatch inside Falcon. Vijilan SOC across all 6 domains.”
⚡ SOC Acts + Dual Hunt
- ✓Everything in Advanced, plus:
- ✦TD Hunt — Falcon OverWatch — CrowdStrike elite 24/7 threat hunting inside Falcon platform
- ✦Vijilan SOC threat hunting — network, email, cloud, apps, IoT/OT (domains OverWatch cannot reach)
- ✦Two independent hunting layers simultaneously
- ✦CMMC L2 + SOC 2 audit evidence packages
- ✦Dedicated named SOC concierge
- ✦Cross-domain coordinated response
By Invitation
Elite
Enterprise MSSPs
“Makes Premium the obvious rational choice.”
⚡ Bespoke mXDR
- ✓Everything in Premium, plus:
- ✓Custom YARA detection engineering
- ✓vCISO advisory hours
- ✓IR retainer — 1-hour SLA
- ✓Forward-deployed Vijilan engineer
- ✓CMMC L3, DORA, NIS2
Pricing anchor — Elite makes Premium look like the rational choice.
MSP Partner Program
Registered. Silver. Gold. Built to Scale With You.
No minimum to start. NFR licenses at Silver and Gold let your team experience both products on your own environment before you sell them. The first time Vijilan locks a compromised account on your own Entra ID tenant — automatically, without waking anyone up — that’s the moment you’re sold.
NFR Licenses by Partner Tier
| Tier | ThreatRespond NFR | ThreatDefend NFR |
|---|---|---|
| Registered | Core — 10 users Guided |
Not included |
| Silver | Advanced — 25 users SOC Acts |
Core — 10 endpoints SOC Acts |
| Gold | Premium — 50 users Full Active |
Advanced — 25 endpoints SOC Acts + XPM |
Internal use only · Partner’s own production environment · Renewed annually
Built for MSP Growth
Turn Vijilan Solutions Into a Profitable Security Practice
Give clients enterprise-grade cybersecurity without building your own SOC. Vijilan combines a 24/7 human SOC, AI-driven detection, white-label delivery, flexible terms, and fast onboarding so partners can launch and scale security services with less complexity.
500+
MSPs worldwide trust Vijilan
24/7
Global human SOC coverage
~1hr
Typical onboarding time
30-day
Risk-free opt-out option
100%
White-label ready delivery
Partner Growth Advantages
Everything MSPs Need to Sell, Deliver, and Scale Security
The merged Solutions overview should show more than product features. It should show MSPs how Vijilan helps them build a repeatable, profitable security practice around ThreatRespond and ThreatDefend.
Unlock New MRR
Add high-margin security services to your portfolio while Vijilan handles SOC operations behind the scenes.
Your Instant 24/7 SOC
Extend your team with an always-on Security Operations Center without hiring analysts or building infrastructure.
Go-to-Market Enablement
Use co-brandable materials, sales decks, proposal support, and partner-ready positioning to win more deals.
Radical Flexibility
No minimum commitments, full white-label delivery, and a 30-day opt-out path reduce risk for partners and clients.
Simplified Compliance
Support HIPAA, GDPR, PCI DSS, CMMC, and other requirements with reporting, logs, and audit-ready documentation.
Vendor-Agnostic Integration
Work with client environments across firewalls, endpoints, cloud, identity, email, and existing security tools.
Operational Workflow
From Security Alert to Client Ticket — Without Adding Headcount
Vijilan is not only a SOC. It is designed to fit how MSPs already sell, support, and manage clients.
Alert-to-Ticket Workflow
Vijilan monitors, investigates, and correlates events across the client environment, then turns priority incidents into actionable work inside the MSP workflow.
Network, endpoint, identity, cloud, email, SaaS, apps, IoT and OT telemetry.
The SOC validates alerts, enriches context, and separates noise from incidents that matter.
Priority events can flow into ConnectWise, Autotask, Zendesk, Jira, Freshdesk, and similar MSP systems.
Depending on the solution and tier, Vijilan guides response or actively contains threats.
Integrates With the Stack MSPs Already Use
The MSP page content highlights operational fit: Vijilan supports common security tools and connects security work to the service desk process MSPs already run.
ConnectWise, Autotask, Zendesk, Jira, Freshdesk, with expanding support for N-able, Syncro, and ServiceNow.
Cisco, Fortinet, Palo Alto, Juniper, Sophos, WatchGuard, Meraki, SonicWall, CrowdStrike, SentinelOne, Microsoft Defender, and more.
Microsoft 365, Entra ID, Google Workspace, AWS, Azure, GCP, and cloud application logs are part of the broader visibility story.
Result: MSPs keep client ownership and workflow control while Vijilan operates as the security engine behind the brand.
Partner Enablement Built In
Support to Launch, Sell, and Scale
The MSP content adds an important layer to the Solutions page: Vijilan gives partners the tools to go to market, not just the technology to monitor clients.
Market Positioning
Position your MSP as the premium cybersecurity provider with enterprise-grade SOC capabilities and clear product paths.
Sales Enablement
Use co-brandable materials, sales decks, battle cards, ROI support, and proposal-ready messaging to shorten sales cycles.
Technical Training
Help your team understand the platform, service model, and client handoff with training from technical success resources.
Channel Support
Dedicated channel guidance, onboarding support, and partner resources help MSPs move from first deal to repeatable growth.
MSP Partner FAQs
Questions MSPs Ask Before They Launch
These additional FAQs preserve the important MSP page information while keeping the original Solutions FAQ section intact.
What does Vijilan do for MSPs?
Vijilan helps MSPs deliver managed security without building their own SOC. The team monitors client environments across network, endpoint, identity, cloud, email, applications, and user behavior, then investigates and escalates the incidents that need action.
How fast can an MSP onboard a client?
MSP content highlights a fast onboarding model, typically around one hour for initial setup, so partners can move clients toward live monitoring quickly without a heavy deployment project.
How does Vijilan fit into our PSA or service desk workflow?
Vijilan supports service-desk aligned workflows with integrations such as ConnectWise, Autotask, Zendesk, Jira, and Freshdesk, with additional support expanding for platforms such as N-able, Syncro, and ServiceNow. Security events can become actionable tickets inside the MSP’s existing process.
Can MSPs white-label Vijilan services?
Yes. Vijilan is designed for channel partners and supports white-label delivery, allowing MSPs to keep the client relationship and brand experience while Vijilan operates behind the scenes as the SOC and managed security engine.
What security tools and environments are supported?
Vijilan supports a broad range of environments, including common firewall vendors, EDR platforms, Microsoft 365, Entra ID, Google Workspace, cloud platforms, network devices, endpoints, and other security systems. ThreatRespond keeps this vendor-agnostic approach, while ThreatDefend provides a fully managed CrowdStrike-powered path.
How does Vijilan help partners grow recurring revenue?
Partners can add managed security services, compliance reporting, monitoring, and response capabilities to their portfolio without hiring a full SOC team. The model is built to help MSPs create security MRR while keeping operational complexity low.
How are pricing and terms handled for partners?
The Solutions page should keep pricing partner-only. Pricing is handled through the Channel Manager or Partner Portal, with flexible commercial terms, no minimums, and a 30-day opt-out message preserved from the MSP content.
What partner support does Vijilan provide?
Vijilan supports partners with channel guidance, onboarding resources, co-brandable sales materials, proposal-ready messaging, technical training, and partner enablement resources designed to help MSPs sell and deliver managed security confidently.
Common Questions
Everything Partners Need to Know
What's the difference between ThreatRespond and ThreatDefend?
ThreatRespond works with whatever technology clients already run — any EDR, any firewall, any cloud. No replacement required. ThreatDefend is Vijilan’s fully managed service — we bring CrowdStrike Falcon, manage all licensing, and the SOC acts on every tier. Both cover all six security domains.
Can I offer both products to different clients?
Yes — and most Vijilan partners do. ThreatRespond is right for clients with existing security investments they want to keep. ThreatDefend is right for clients who want zero technology complexity. Both are available through the same partner agreement and portal.
Does ThreatDefend Core really include identity protection?
Yes. TD ITDR (Falcon Identity Protection) is included at Core — not gated behind Advanced. This covers full behavioral ITDR across Entra ID, Active Directory, and Okta. No competitor includes identity at their entry tier. That’s intentional. We believe identity is too critical to be optional.
What does "SOC Acts" mean exactly?
At ThreatDefend, the SOC acts on every tier — isolating endpoints, disabling accounts, quarantining files, and assisting through eradication and recovery. At ThreatRespond Premium, the SOC acts on the client’s existing tools — isolating a SentinelOne host, blocking a domain on Mimecast, disabling an account in Entra ID — without replacing any technology.
Are there minimum seat counts or annual contracts?
No minimums of any kind. No minimum seat count, no minimum spend, no annual contract. Partners can start with a single client. A 30-day no-questions-asked opt-out trial is available for both products.
What is TD Hunt and how does it work with Vijilan's SOC threat hunting?
TD Hunt is Falcon OverWatch — CrowdStrike’s elite 24/7 threat hunting team operating inside the Falcon platform across endpoint and identity telemetry. Vijilan’s SOC simultaneously hunts across all six domains — including network, email, cloud, applications, and IoT/OT, which OverWatch cannot see. At Premium, these are two independent hunting layers.
Two Products. Every Client Covered.
ThreatRespond works with what they have. ThreatDefend brings what they need. Both start in about an hour. Neither requires a minimum commitment.
ThreatRespond™
Vendor-agnostic. Any technology. Active containment at Premium on existing tools.
ThreatDefend™
CrowdStrike-powered. Fully managed. SOC acts on every tier. Identity included at Core.
Partner Program
Registered, Silver, Gold. NFR licenses at Silver and Gold. No minimums. 30-day opt-out.
Pricing exclusively through your Channel Manager or Partner Portal
Praxis AI Engine
The AI Brain Behind Every Response
Praxis is Vijilan’s proprietary AI detection and investigation engine — the intelligence layer running inside our SOC on every alert, across every domain, before a human analyst acts.
What Praxis Does
Machine Speed. Human Judgment. One Minute to Contain.
Every alert from every security domain passes through Praxis before a human analyst sees it. Praxis doesn’t replace the human SOC — it makes our analysts operate at a speed and fidelity no purely human team can match. It’s the engine behind Vijilan’s 1-minute median time to contain.
Investigation
Multi-agent LangGraph pipeline automatically investigates every alert — correlating signals across all six domains simultaneously before presenting findings to the analyst.
Enrichment
IOC enrichment from threat intelligence feeds, MITRE ATT&CK technique mapping, and severity scoring derived from real adversary behavior — not just CVE scores.
Triage
Automated alert triage separates confirmed threats from false positives before they reach a human analyst — reducing noise and ensuring every escalation is a real threat.
Context
RAG-powered threat context retrieves relevant historical patterns, similar incident precedents, and client-specific environment data to inform every investigation decision.
Praxis Capabilities
LangGraph Multi-Agent MITRE ATT&CK Mapping IOC Enrichment Auto-Triage Cross-Domain Correlation RAG Threat Context Behavioral Scoring Human SOC Amplifier
What Praxis Is Not
Praxis is not an autonomous agent that replaces human judgment. It is a force multiplier — the AI layer that enriches, correlates, and prioritizes so that human analysts spend their time on confirmed threats, not alert noise. Every containment decision is made by a trained human analyst informed by Praxis — not by an algorithm acting alone.
The Result
1-minute median time to contain.
Partners benefit from Praxis automatically — on every tier, both products. No configuration. No additional cost. Praxis is built into the Vijilan SOC, and the Vijilan SOC is what partners are buying.
Pricing — User-Based, Transparent, No Surprises
Vijilan managed security is priced per endpoint and per user per month — no flat fees, no data volume charges on SIEM, no hidden costs. Pricing scales with the client, not against them. Exact pricing is available exclusively to verified Vijilan partners through the Partner Portal or your Channel Manager.