eSentire vs Critical Start
eSentire
eSentire is one of the longest-operating pure-play MDR firms, protecting more than 2,000 organisations across 80+ countries. Its proprietary Atlas platform ingests signals across the customer's vendor stack and powers the firm's 24/7 SOC, threat hunting, and incident response. It runs an in-house Threat Response Unit (TRU) for original research and is well known for deep specialisation in financial services, legal, and insurance verticals.
Pros
- One of the most established pure-play MDR providers (operating since 2001)
- Strong vertical playbooks for financial services and legal, including hedge fund and law-firm specialisation
- Vendor-broad Atlas platform reduces lock-in to a single EDR
- In-house TRU threat research team backs proactive hunting
Cons
- Premium pricing; not positioned for the very low end of SMB
- Atlas terminology has shifted across MDR / XDR / agentic AI; clarify current taxonomy in contract
- Limited public pricing
Pricing: Custom (contact sales)
Critical Start
Founded in 2012 by Rob Davis to address alert fatigue, Critical Start's Trusted Behavior Registry (TBR) auto-resolves known-good behaviours at scale so analysts focus on true positives. The MOBILESOC iOS/Android app lets customers triage, escalate, and contain incidents from a phone. The firm runs MDR across multiple third-party EDR/XDR/SIEM stacks rather than shipping its own endpoint agent.
Pros
- Trusted Behavior Registry materially reduces alert noise at scale
- MOBILESOC is one of the more mature mobile SOC apps in the MDR market
- Multi-EDR / multi-XDR coverage gives customers stack optionality
- Strong transparency posture; customers see every alert decision and SLA in the portal
Cons
- Smaller scale than Arctic Wolf, Sophos/Secureworks, or eSentire
- Service quality depends on customers having a supported EDR/XDR already licensed
- Limited public pricing
Pricing: Custom (contact sales)