Predictable per-user pricing.
No per-GB games.
Vijilan pricing scales with the people and devices we protect, not with the data volume they generate. Dollar figures are shared with verified partners through the Partner Portal, where rates depend on partner tier, region and volume.
Per-user, per-endpoint pricing
Vijilan pricing scales with the people and devices we protect, not with the volume of data they generate. Predictable for your finance team, predictable for your customer.
No per-GB SIEM charges
Built on CrowdStrike LogScale (index-free architecture), Vijilan absorbs ingest costs. ThreatLog SIEM is included at every tier. Send us everything; we ingest it without an overage clause.
No long-term lock-in
30-day risk-free trial on every package. No minimum seat counts to start. Partners can flex tier and seat counts month-over-month as their book grows.
Your tools. Our SOC.
For partners whose clients already run an EDR. Vijilan's SOC wraps around your existing stack: any EDR, any firewall, any identity provider.
Core
24/7 SOC across all six security domains over any EDR. Guided remediation.
- 24/7 SOC monitoring across endpoint, network, identity, cloud, SaaS and email
- Works with any EDR (SentinelOne, Defender, Carbon Black, Cortex XDR, Sophos)
- Active Directory + Entra ID + M365 monitoring
- ThreatLog SIEM with 90-day hot retention
- PSA integration + full white-label
- Guided remediation playbooks for your team
Advanced
Full Identity Threat Detection & Response with extended retention and compliance packs.
- Everything in Core, plus:
- Full ITDR: BEC, impossible travel, credential stuffing, OAuth abuse
- Okta + Google Workspace identity coverage
- AWS, Azure, GCP cloud monitoring
- Dark-web monitoring
- 1-year hot + 7-year cold SIEM retention
- HIPAA, PCI DSS 4.0, NIST CSF 2.0, CMMC L1 compliance packs
- Priority 15-minute SLA
Premium
The SOC takes direct action on your client's existing technology, no replacement required.
- Everything in Advanced, plus:
- SOC isolates hosts on any EDR (SentinelOne, Defender, Carbon Black, etc.)
- SOC disables accounts in Entra ID / Active Directory
- SOC blocks phishing domains on the email gateway
- SOC enforces firewall rules across any vendor
- Exposure management via the SOC
- CMMC L2 + SOC 2 audit evidence
- Dedicated named SOC concierge
Elite
Custom detection engineering, vCISO advisory hours, and a 1-hour IR retainer.
- Everything in Premium, plus:
- Custom detection engineering
- vCISO advisory hours
- IR retainer: 1-hour SLA
- Forward-deployed engineer
- CMMC L3, DORA, NIS2 alignment
Our stack. Our SOC.
For partners who want zero technology complexity. Vijilan deploys and runs the full CrowdStrike Falcon stack end to end. Identity protection included at Core, no upgrade required.
Core
Endpoint, identity and M365 are all managed. SOC acts immediately.
- CrowdStrike Falcon MSSP Defend bundle (Falcon Prevent + Insight XDR + Firewall + Device Control)
- CrowdStrike LogScale SIEM with no data-volume charges
- Falcon Identity Protection across Entra ID, AD and Okta
- M365 and Entra ID monitoring included at Core
- SOC host isolation, process kill, file quarantine, account lockdown
- PSA integration + full white-label
Advanced
Adds Falcon Exposure Management: vulnerability prioritization, asset inventory, external ASM.
- Everything in Core, plus:
- Falcon Exposure Management (Spotlight + Discover + Surface)
- 1-year hot + 7-year cold SIEM retention
- Vulnerability prioritization by active exploitation, not just CVSS
- Extended ITDR coverage across federated identity providers
Premium
Falcon OverWatch joins Vijilan SOC hunting: two independent hunting layers operating simultaneously.
- Everything in Advanced, plus:
- Falcon OverWatch: CrowdStrike's elite 24/7 threat hunting
- Vijilan SOC + OverWatch hunt in parallel
- Compliance evidence packs for regulated industries
- Named SOC support with dedicated channel manager
Elite
Bespoke mXDR for enterprise MSSPs.
- Everything in Premium, plus:
- Custom detection engineering
- vCISO advisory hours
- IR retainer: 1-hour SLA
- Forward-deployed engineer
Actual rates live in the Partner Portal.
Apply to the Vijilan partner network and a channel manager will walk you through tier-specific pricing for your region, the NFR ladder, and the 30-day trial offer. Approval typically completes within 24 hours.
Common questions.
Why doesn't Vijilan publish pricing publicly?+
Vijilan is 100% channel-exclusive. Per-tier rates are shared with verified partners through the Partner Portal because the actual dollar figures depend on partner tier, region, volume commitment and currency. Publishing a single number that won't apply to most readers is more misleading than useful. We are happy to share the model and the tier shape; see this page.
Is pricing per-endpoint or per-user?+
Both. Endpoint-based pricing covers ThreatDefend modules (EDR, SIEM, Exposure). User-based pricing covers ITDR + SaaS coverage. A typical SMB engagement is mostly endpoint-heavy; identity-first organizations skew user-heavy.
Are there per-GB SIEM charges?+
No. ThreatLog SIEM is built on CrowdStrike LogScale's index-free architecture. Vijilan absorbs ingest cost. No overage clause. Send us everything.
Are there minimum seat counts?+
No minimums on Core and Advanced tiers. Premium and Elite have minimums tied to dedicated-resource allocation.
How long is the contract?+
Monthly, quarterly or annual. 30-day risk-free trial on every new engagement.
Can MSP partners migrate clients between tiers?+
Yes. Upgrade is immediate. Downgrade takes effect at the next billing period.
What payment methods are accepted?+
ACH, wire and major credit cards. Partners with sufficient credit history can be billed net-30 / net-45.
Does Vijilan sell directly to end customers?+
No. Vijilan is channel-exclusive. If an end customer contacts us, we route the lead to an authorized MSP/MSSP/VAR partner. This is structural to the business model; we cannot and will not bypass our partners.