The new capability extends Adlumin’s MDR service, and provides the root cause and remediation that MDR by itself does not.

Security operations provider Adlumin, which offers MDR [managed detection and response] services as part of their Security Operations Platform, has beefed up the platform’s capacity with the addition of a subscription-based incident response (IR) offering. The IR extends the SOAR [security orchestration, automation and response] capabilities of Adlumin’s platform with Adlumin’s 24×7 expert response team. It will deliver 24×7 incident response within one hour, and up to 80 hours of support with an annual subscription, while providing comprehensive forensics and investigation, advanced threat intelligence and proactive threat hunting.

While MDR is a major feature of the Adlumin platform, it is only one part of it, stressed Robert Johnston, founder and CEO of Adlumin.

“We classify ourselves as a security operations provider, because MDR for us is a feature and not a product,” he said. “We aim to consolidate all security tasks onto a SaaS application. Our partners in the channel want to decrease complexity, reduce multivendor spend and reduce complexity. We are a SaaS application that let them consolidate all software managed security products into one SaaS application MDR is a popular widget, but one of only nine that we sell today.”

The full platform with all the nine attributes typically sells into the midmarket, but Adlumin sells well below this too, and their partners sometimes sell a broad assortment of widgets at the low end.

“We address the lower end of the market, as few as 10 seats or so, with our MSP route to market, as part of our Go-to-Market strategy for the nine widgets,” Johnston said. He also expects that the newly-announced IR solution will find a ready market at the entry level.

“Demand is high for the managed security at the low end of the market because they don’t have the manpower to do this themselves,” he stated. “The new product solves a problem with has existed with MDR. There is a limit where MDR stops, and incident response takes over. MDR’s job is to stop the bleeding and do initial triage, but there is a broader process of root case analysis and remediation that is required after that, and which MDR does not do. MDR is not a cradle to grave solution, which is what many customers thought. With our MDR and IR combined, we do provide a cradle to grave solution, both backed by our elite research team.”

The lower part of the market is increasingly getting hit by heavy costs of data breaches. IBM’s 2023 Cost of a Data Breach Report found that while  larger organizations are seeing the cost of a data breach drop, it’s rising significantly for smaller organizations. The average cost of a data breach fell by 2.5% year-over-year to $5.24 million for organizations with more than 25,000 employees, while rising 13.4% to $3.31 million for organizations with less than 500 employees.

Johnston also emphasized that the new IR solution, at $300 a month, costs much less than traditional products in this space.

“The product will compete with incident response retainers, which would typically be $350 an hour at its lowest point and some of them are several dollars a month higher,” he said. “This IR retained model is really for larger enterprises and does not work at the midmarket or SMB level. We sell it like an insurance product, where instead of having a predefined price for each hour, our subscription model has a bank of 80 hours which you use when you need them. It’s also than more just a bank of IR hours because the threat hunting is included.”

Johnston said the IR solution has gotten an enthusiastic response from channel partners.

“We built this because our channel partners asked us to, because their customers were asking them for the same thing,” he indicated. “Partners are very excited about selling it, because they get the same comments about the limitations of MDR products.”