Where do my logs live?

On-premises on your sensor + a hardened nCrypt SOC location in Malaysia. No data leaves the country.

How is this different from MDR?

MDR (our /services/managed-detection-response/) typically uses endpoint and cloud telemetry. This adds network sensor capture, which is required by some regulators and catches threats endpoint EDR misses.

Network traffic metadata (Zeek logs), DNS queries, TLS metadata, file-transfer summaries. No full-packet capture unless requested.

15-min mean-time-to-acknowledge for high-severity alerts, 1-hour MTTA for medium. Documented quarterly with incident reports.

Do we need to send packets / PCAPs to the cloud?

No. Metadata-only analysis is standard. Full PCAP is captured locally and accessed by SOC analysts via VPN when needed.

Does this replace our SIEM?

It can complement or replace. For Enterprise deployments we integrate with your existing SIEM (Splunk, Sentinel, QRadar).

What about cloud workloads?

Sensor focus is on-prem. Cloud workloads are monitored via CloudTrail/VPC Flow Logs integration, sized into the bundle.

Can we see what your SOC sees?

Yes. Read-only portal access to all alerts, dashboards, and reports.

Hardware-as-a-Service · 36-month bundle

On-prem sensor + 24/7 SOC eyes. From RM4,500/month.

Network sensor capturing your traffic, feeding nCrypt SOC analysts for 24/7 monitoring, detection, and response — without sending your logs to a foreign cloud.

Calculate your bundle Talk to sales

What's included in the bundle

Sensor appliance (Zeek-based or Corelight)

TAP / SPAN port integration

24/7 SOC monitoring (SLA: 15-min MTTA for high-severity)

Monthly threat reports + quarterly threat hunts

Incident-response runbook tailored to your environment

Hardware refresh at month 30

Who this is for

✓BNM-licensed FIs with RMiT data-sovereignty requirements
✓Government agencies under NACSA guidelines
✓Healthcare with PHI that cannot leave the country
✓Companies with insufficient log-shipping bandwidth to cloud SIEM

Deployment timeline

Week 1

Network topology review, TAP/SPAN planning

Week 2

Sensor install, baseline traffic capture, tuning

Week 3-4

SOC onboarding, runbook delivery, first weekly review

Ongoing

24/7 monitoring, monthly reports, quarterly threat hunts

Sample bundles by company size

SMB

RM 4,500 – 7,000 / month

Single sensor, 1 Gbps capture, SMB SOC tier

MidMarket

RM 7,000 – 14,000 / month

HA sensors at 2-3 sites, 10 Gbps, Mid-Market SOC tier

Enterprise

RM 14,000 – 35,000+ / month

Multi-DC capture, 40+ Gbps, custom threat hunts, dedicated analyst

Aligned to your regulatory obligations

BNM RMiTNACSAPDPAISO 27001

Frequently asked questions

Need a one-off engagement instead of a leased bundle?

See our consulting service →

Ready to size SOC Sensor for your environment?

Three minutes in the calculator. A precise quote emailed within 24 hours.

Calculate my bundle Talk to sales

Financing available via our partner financial institutions. Indicative monthly figures based on standard 36-month terms; final pricing subject to credit assessment and signed master service agreement.

Ready to size SOC Sensor for your environment?

Three minutes in the calculator. A precise quote emailed within 24 hours.