Service Tiers & Pricing
Monitoring that acts.
Response that doesn't wait.
You run a business. We run your security operations. 24/7 monitoring, AI-enriched threat investigation, and managed response from a veteran-owned team. So you are never the last to know and never handling an incident alone. Built for industries with compliance obligations. Available to any organization that takes security seriously.
What a breach actually costs your organization
$10.22M
Average cost of a U.S. data breach in 2025. A new all-time record. Healthcare leads all industries for the 14th consecutive year at $7.42M average.
IBM Cost of a Data Breach 2025
$5.08M
Average cost of a ransomware or extortion incident. 63% of organizations now refuse to pay. Average recovery still takes over 100 days.
IBM Cost of a Data Breach 2025
$51,744
FTC Safeguards Rule penalty per violation per day. Every CPA firm without a compliant WISP faces this exposure.
FTC 2025 inflation-adjusted rate
■
Organizations that take security seriously don't wait for a breach to act. The practices, firms, and agencies we work with don't see MDR as a cost. They see it as the difference between a contained incident and a seven-figure crisis. If you're reading this, you're already thinking the right way.
Contract discounts | Click any option to apply a discount. Click again to clear
Annual · 12-month
10% off
Onboarding fee waived
2-year · Best value
17% off
Most common contract term
3-year
25% off
Rate locked for full term
Service tiers
Guardian
Core MDR
For organizations with IT staff who are able to act on guidance. We monitor and alert. You decide what happens next.
$15/endpoint/mo
$500/mo minimum · 25 ep min · $13/ep annual
Without MDR, the average breach goes undetected for 241 days. IBM 2025
Monitoring
- 24/7 behavioral endpoint monitoring
- Automated threat containment. Platform isolates in seconds.
- Documented investigation on every alert in plain English
- Automated forensic collection at critical thresholds
- Microsoft 365 email security monitoring
- Removable media monitoring
Reporting
- Monthly security report
- Quarterly vulnerability scan
- 90-day log retention
Emergency response. Confirmed critical events only.
| Trigger | Confirmed ransomware or active breach |
| Included | 2 hours per incident |
| Quarterly cap | 2 incidents |
| Additional hours | $275/hr on demand |
| Human response | Under 30 minutes |
Most Popular
Fortress
Advanced MDR
For regulated businesses without dedicated security staff. We handle incidents on your behalf and produce the compliance documentation your frameworks require.
$22/endpoint/mo
$500/mo minimum · 25 ep min · $19/ep annual
◆ $250,000 breach warranty included
60% of all breaches involve a human element — phishing, social engineering, or insider action. Verizon 2025 DBIR
Everything in Guardian, plus
- Shadow IT and rogue device discovery. Onboarding plus quarterly.
- Proactive weekly threat hunting
- Monthly phishing simulation
- 365-day log retention. Full year for audits and breach investigations.
- Annual security risk assessment and technology-side IR plan
- Breach response records and notification support
- Dark web credential and domain monitoring. Included.
Security program documentation. Included for your vertical.
- ABA 483 evidence package for law firms
- FTC Safeguards and WISP evidence package for CPA practices
- NAIC Model Law ISP package for insurance agencies
- HIPAA Security Rule documentation for healthcare practices
Incident response. Bundled, rolling 30-day bank.
| Included | 10 hrs/mo. Unused hours roll forward. |
| Trigger | Any event warranting response |
| Per-incident cap | 20 hours |
| Additional hours | $250/hr |
| Critical response | Initiation under 1 hr. On-call under 15 min. |
10 hrs/mo rolling IR bank. Unused hours carry forward every month. $250K breach warranty if we miss a confirmed incident.
Aegis
Professional Services
Add to either tier. Analyst time and specialist engagements beyond the platform. Scoped per engagement.
Priced per service · Contact for quote
55% of HIPAA penalties fall on small practices. Most had no IR plan. HHS enforcement data 2025
Advanced incident response
- Full response retainer with unlimited confirmed incidents
- Ransomware investigation, eradication, and recovery
- Breach notification drafting and regulatory filing
- HIPAA 60-day and state 30-day deadline management
- Annual tabletop exercise using DHS and CISA methodology
- Digital and mobile forensics
Advisory
- Virtual security officer retainer. $2,500 to $5,000/mo
- Penetration testing via certified partner. $5K to $15K/yr
- Compliance audit preparation. $5K to $25K
- Security attestation report. $2K to $2,500/yr
- Executive and board security briefings
Extended monitoring
- Cloud security monitoring for AWS, M365, and GCP. $300 to $500/mo
- Brand and typosquatting monitoring
- Vendor and supply chain risk assessment. $1,500 to $3,500/yr
- Regulatory change monitoring. $150/mo
Side-by-side comparison
Same detection engine. Same engineers. The tier you pick changes scope, documentation, and warranty — not capability. Hover any feature for definition.
Do the math
What MDR costs you. What a breach costs you. Side by side.
Set your endpoint count and vertical. We show your annualized Carbynix spend next to the published average cost of a breach in your industry. The math is the math.
Your annualized Carbynix spend $18,000
$1,500/mo · 100 endpoints · Guardian · monthly
vs.
Average cost of a breach in your industry $5,090,000
Legal services · IBM Cost of a Data Breach 2024 (avg)
A breach in your industry costs ~283× what one year of Guardian costs you.
Sources: IBM Cost of a Data Breach Report 2024 ·
Sophos State of Ransomware 2024.
Industry breach averages include forensics, notification, regulatory response, and downtime — not legal settlements or class-action exposure.
INV·2024·1187 Closed · verified benign
TriggerPowerShell — encoded payload, sysadmin host
Questions asked247
Counterfactuals9 ruled out
Time to verdict00:14:31
Verifying engineerM. Reyes — 8y federal IR
CARBYNIX · DETECTION ENGINEERING
What our clients stopped paying for
"The verdict on every alert is signed by the engineer who closed it. If the auditor asks why we believed it was benign, we hand them the record — not a marketing slide."
M. Reyes · Lead Detection Engineer · 8 years federal IR (DHS / CISA)
"97.5% less in breach-related loss. Not because you got lucky. Because we were watching before the attacker finished planning."
Sophos data · 282 organizations analyzed
"The Wacks Law Group took 5 months to detect a breach. The class action is still running. Their MDR subscription was $550 a month."
Real case. Real cost. The math is not complicated.
"When the regulator, the auditor, or your client's diligence team asks for evidence, you hand them the record. Not a marketing slide."
The artifact your audit chain reads
Add-on services
Included in Fortress
Dark Web Monitoring
Included in Fortress · $50/mo add-on for Guardian
Continuous monitoring of breach communities and criminal marketplaces for your organization's exposed credentials and domains. By the time attackers use stolen credentials, the average dwell time is 146 days. We find it first.
High Value
Ransomware Early Warning
Passive tripwires deployed across your environment. The difference between a contained incident and a $4 million ransom demand is detection at the staging phase. This is that detection.
High Value
Security Awareness Training
Managed employee training with compliance-mapped curriculum. Satisfies ABA 483, HIPAA, WISP, and PIDSA training documentation requirements. Monthly phishing simulation included with Fortress.
The evidence
97.5%
Less in breach-related loss for MDR users vs endpoint-only
Sophos · 282 organizations analyzed · 2025
60%
Of breaches involve a human element — phishing, social engineering, or insider action
Verizon DBIR · 2025
279
Average days to identify and contain a healthcare breach. Five weeks longer than any other industry.
IBM Cost of a Data Breach · 2025
15-25%
Cyber insurance premium reduction with active MDR
Coalition · Cowbell · Sophos · 2025
Our founder spent years at DHS, CISA, NIH, and Google hunting the same threats that now target law firms, CPA practices, and healthcare organizations. We built Carbynix because those organizations deserve the same level of protection that federal agencies and Fortune 500 companies receive. Most of them are paying far less than the cost of a single breach for a year of MDR. That math should not be this simple. But it is.