General Questions

Table of Contents

• General Questions

  • Table of Contents

  • What is your pricing model?

  • What subscription tiers are available?

  • Data sovereignty – where does my data go?

  • What data can I onboard immediately?

  • How long does it take to onboard my business?

  • Can I get a trial or proof of concept?

  • Can the platform be white-labelled for MSPs?

  • How do I access the platform?

  • What are my responsibilities as a user?

    • SaaS SecOps Platform

    • Platform + SOC Service

What is your pricing model?

Our standard pricing model for MSPs and commercial customers is per user, per month. For large Enterprise or ICS/OT deployments, please contact your account manager for a tailored model.

What subscription tiers are available?

Two subscription tiers are available:

• TD Complete Tier – Includes full 24×7 SOC services.

• Platform-Only Tier – Use the platform to build and run your own SOC capability.

Data sovereignty – where does my data go?

For Australian customers, all data remains onshore in Australia and will not leave the country.

What data can I onboard immediately?

We support a wide range of log sources. Most customers begin with:

• ThreatDefence endpoint agents

• Microsoft 365 or Google Workspace logs

• AV/EDR telemetry

These sources typically provide 90–100% coverage for small to medium organisations.

How long does it take to onboard my business?

• Cloud and syslog integrations can be onboarded in minutes.

• The ThreatDefence endpoint agent supports automation, allowing deployment to hundreds of endpoints almost instantly.

Can I get a trial or proof of concept?

Yes. We offer a 30-day trial so you can experience the platform before committing. Please contact [email protected] for details.

Can the platform be white-labelled for MSPs?

Yes. White-labelling is available for larger deployments. Please speak with your account manager to confirm if your organisation qualifies.

How do I access the platform?

• Analyst Console: https://console.threatdefence.io

• Customer Portal: https://portal.threatdefence.io

What are my responsibilities as a user?

Active engagement with the platform increases awareness and reduces business risk. While our SOC triages alerts and performs threat hunting, tenants also have responsibilities depending on their subscription model.

SaaS SecOps Platform

You are responsible for the daily triage of alerts. For a medium-risk organisation, we recommend at minimum:

• Reviewing the Security Detections Dashboard daily (0900 and 1700).

• Monitoring and actioning email alerts, particularly for high-severity events.

Platform + SOC Service

Our SOC manages the full alert lifecycle. Your responsibilities are limited to:

• Responding to escalations sent via email from the SOC.

• Ensuring at least one representative attends the monthly 15–30 minute review meeting.