Question 1

01. What is managed threat detection and response?

Accepted Answer

Managed threat detection and response (MDR) is a fully outsourced security service where a dedicated team monitors your environment 24/7, detects malicious activity, and responds to incidents on your behalf. Unlike traditional tools, MDR combines AI-driven detection with human expertise to drastically reduce time-to-respond.

Question 2

02. How quickly do you respond to a security incident?

Accepted Answer

Our average automated containment time is 2.4 seconds. Human-led triage and escalation follows within minutes. All Professional and Enterprise plans include SLA-backed response guarantees with clear escalation paths and communication protocols.

Question 3

03. Do you support cloud-only and hybrid environments?

Accepted Answer

Yes. Kryphos ingests telemetry from AWS, Azure, GCP, on-premise infrastructure, and hybrid environments. Our zero-trust architecture is cloud-native by design and integrates with your existing identity providers, SIEM, and SOAR tooling.

Question 4

04. How does compliance work?

Accepted Answer

We automate evidence collection, control mapping, and audit readiness for ISO 27001, SOC 2 Type II, GDPR, and HIPAA. Your compliance dashboard provides real-time visibility into control status, and our team works directly with your auditors to streamline reviews.

Question 5

05. Is there a minimum contract length?

Accepted Answer

Starter and Professional plans are available on a monthly basis with no lock-in commitment. Enterprise plans typically involve a 12-month agreement to support custom deployment and dedicated staffing. All plans include a 30-day money-back guarantee.

Question 6

06. What sets Kryphos apart from traditional MSSP providers?

Accepted Answer

Most MSSPs are reactive — they alert you after something bad happens. Kryphos is built on proactive threat hunting, meaning our analysts actively search for adversaries inside your environment before they can cause damage. Combined with 2.4-second automated containment and a 99.98% detection rate, we operate in a different league.

Question 7

07. Which service should I start with if we have no existing security program?

Accepted Answer

We recommend starting with Threat Detection & Prevention paired with a Compliance Assessment. This gives you immediate visibility into your environment and a clear picture of your regulatory exposure — the foundation everything else builds on. Our onboarding team will help you sequence additional services based on your risk profile.

Question 8

08. Can I combine multiple services into a single engagement?

Accepted Answer

Yes — and most clients do. Our services are designed to work together as a unified security program. Professional and Enterprise plans bundle Threat Detection, Incident Response, and Compliance under a single SLA, with one dedicated account team managing the full engagement. Bundled plans also carry significant cost savings over individual service contracts.

Question 9

09. How does penetration testing differ from vulnerability scanning?

Accepted Answer

Vulnerability scanning is automated and surfaces known weaknesses. Penetration testing involves skilled human operators actively attempting to exploit those weaknesses — and discovering logic flaws, chained attacks, and zero-days that automated scanners miss entirely. Kryphos delivers both, with quarterly pentest cycles included in Professional and Enterprise plans.

Question 10

10. How long does onboarding take for a new service?

Accepted Answer

Most services go live within 30 days of contract signing. Threat Detection is typically active within 72 hours of agent deployment. Compliance requires a 2-week scoping phase before monitoring begins. Penetration Testing engagements are scoped and scheduled within the first two weeks. Our onboarding team manages the entire process with no burden on your internal team.

Question 11

11. Do you tailor services for specific industries?

Accepted Answer

Every engagement is tailored to your environment, threat model, and regulatory obligations. We have dedicated practice teams for Financial Services, Healthcare, Government, and Critical Infrastructure — each with deep domain expertise in the specific compliance frameworks and adversary patterns relevant to those sectors.

Question 12

12. Can Kryphos integrate with our existing security stack?

Accepted Answer

Yes. Kryphos integrates natively with leading SIEM platforms (Splunk, Microsoft Sentinel, Chronicle), SOAR tools, identity providers (Okta, Azure AD), EDR solutions, and cloud-native security services. We don't replace your existing investments — we make them more effective. Full integration is handled by our team within the first 30 days.

Question 13

13. Are the results shown in these projects typical?

Accepted Answer

Yes — these are representative outcomes, not cherry-picked exceptions. Every metric cited has been independently verified and reflects actual client data from the engagement period. Results vary based on environment complexity and starting security posture, but significant measurable improvement within the first 90 days is consistently what our clients experience.

Question 14

14. Can I speak with a client from one of these projects?

Accepted Answer

In many cases, yes. Several clients have agreed to serve as reference accounts and are willing to speak candidly about their experience. Reference calls are available at the proposal stage for Professional and Enterprise engagements. Contact our sales team to request a reference matched to your industry and use case.

Question 15

15. How long do these engagements typically last?

Accepted Answer

Project timelines vary by scope. Point-in-time engagements like penetration tests run 2–4 weeks. Compliance readiness programs typically run 60–120 days. Ongoing managed services like MDR and Security Operations are continuous, with most clients maintaining a 2–3 year relationship as their environments evolve.

Question 16

16. Do you work with organizations outside these industries?

Accepted Answer

Absolutely. The industries featured here represent our most documented engagements, not our limits. We work with organizations across education, non-profit, defense contracting, media, and professional services. If your sector isn't shown, reach out — we almost certainly have relevant experience and can connect you with comparable work.

Question 17

17. What does a typical project kickoff look like?

Accepted Answer

Every engagement begins with a discovery session where we map your environment, threat model, and business priorities. From there, we produce a deployment plan within 5 business days. Most services go live within 30 days of contract signing, with your dedicated account team providing weekly progress updates throughout the onboarding phase.

Question 18

18. How do you measure and report on project outcomes?

Accepted Answer

We establish baseline metrics at kickoff — detection coverage, dwell time, alert volume, compliance posture — and track them throughout the engagement. Monthly executive reports show progress against agreed KPIs. Quarterly business reviews with your leadership team provide strategic context and forward planning. You always have a clear picture of what we've achieved and what's next.

Question 19

19. What's included in every plan?

Accepted Answer

Every Kryphos plan — including Starter — includes 24/7 SOC monitoring, AI-powered threat detection, automated incident playbooks, a dedicated security advisory team, and access to our compliance dashboard. There are no feature gates for core security functions. Higher tiers unlock additional capacity, response SLAs, and advanced services like penetration testing and dedicated engineers.

Question 20

20. Are there any hidden fees or setup costs?

Accepted Answer

None. The price you see is the price you pay. Onboarding, agent deployment, integration with your existing stack, and the first 30 days of tuning are all included at no additional cost. There are no per-incident fees, no overage charges for alert volume, and no surprise line items on your invoice.

Question 21

21. Can I upgrade or downgrade my plan?

Accepted Answer

Yes, at any time. Upgrades take effect immediately with prorated billing. Downgrades take effect at the start of the next billing cycle. Your account team will handle the transition and ensure no monitoring gaps occur during any plan change.

Question 22

22. How does the 30-day money-back guarantee work?

Accepted Answer

If you're not satisfied within the first 30 days of any Starter or Professional plan, contact us and we'll issue a full refund — no questions asked, no negotiation required. Enterprise contracts have a separate trial period defined in the contract scope. Refunds are processed within 5 business days.

Question 23

23. What happens if I exceed my endpoint limit?

Accepted Answer

We'll notify you when you reach 80% of your endpoint limit and work with your team to plan an upgrade before coverage gaps occur. We don't cut off monitoring if you go slightly over — we reach out first. No unilateral charges are added without your explicit approval.

Question 24

24. Do you offer discounts for annual billing?

Accepted Answer

Yes. Annual billing saves 15% on Starter and Professional plans compared to monthly rates. Non-profit organizations, educational institutions, and government agencies are also eligible for additional discounts — contact our sales team for details.

Every Question. One Place.

FAQ

All Questions

2.4s

Avg. containment time

99.98%

Detection accuracy

GENERAL

SERVICES

projects & engagements

PRICING & BILLING

PLATFORM STATUS

99.98%

THREAT RATE

2.4s

AVG. RESPONSE

500+

CLIENTS PROTECTED

GLOBAL SOC MONITORING ACTIVE

EMAIL US

CALL US

HEADQUARTERS

Platform Status

99.98%

THREAT RATE

2.4s

AVG. RESPONSE

500+

CLIENTS PROTECTED

GLOBAL SOC MONITORING ACTIVE

EMAIL US

CALL US

HEADQUARTERS