Sold by: Deepwatch
Deployed on AWS
Vendor Insights
Deepwatch is the leading managed security platform for the cyber resilient enterprise. Deepwatch extends security teams and proactively improves cybersecurity posture via its squad delivery model and patented Dynamic Risk Scoring alert engine. Deepwatch is a founding member of the AWS Level 1 MSSP Competency.
4.5
Overview
Deepwatch Managed Security Services
Sold by: Deepwatch Deepwatch operates as an extension of your cybersecurity team, providing comprehensive security management, 24x7x365 monitoring, and precise threat response. Deepwatch experts understand AWS security, allowing you to utilize existing security tools to improve visibility across your attack surface, and help organizations become more cyber resilient.
Highlights Human-led extension to customer security teams: high-touch squad delivery model that embeds resources within the customer organization Curated industry-leading SOC technologies: achieving rapid time-to-value around AWS, Splunk, and other foundational SOC tools with the Deepwatch Security Center Proactively drive SecOps program maturity: the Deepwatch proprietary Security Index includes quantitative analysis and industry benchmarking to drive ongoing security posture improvements
Product Overview Deepwatch partners with your team to deliver the cyber resilience your organization needs in todays global threat environment. Our dedicated team of security experts is on watch 24/7/365, and our technology provides the visibility and precision response required to overcome todays growing threats. Deepwatch builds and secures AWS environments and delivers unrivaled human-led security expertise, unparalleled visibility across your attack surface, precision response to threats, and the best return on security investments.
Benefits of Deepwatch include:
- More value from existing tools including AWS
- Access to Deepwatch Experts with real-time collaboration 24/7/365
- Deepwatch Platform of technology, people, and processes to improve cyber resilience
- Proprietary Security Index for managing security program growth
- Proactive Threat Hunting
- Precision response to threats
- Improved security posture
Deepwatch offerings include: Managed Detection & Response (MDR) Managed Endpoint Detection & Response (MEDR) Managed Vulnerability Management (VM) Managed Firewall (FW)
For more information and/or custom scoping and quote via Private Offer, reach out to Deepwatch at sales@deepwatch.com .
Highlights
- Human-led extension to customer security teams: high-touch squad delivery model that embeds resources within the customer organization
- Curated industry-leading SOC technologies: achieving rapid time-to-value around AWS, Splunk, and other foundational SOC tools with the Deepwatch Security Center
- Proactively drive SecOps program maturity: the Deepwatch proprietary Security Index includes quantitative analysis and industry benchmarking to drive ongoing security posture improvements
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
AWS Managed Security Services Specialization
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
MDR | deepwatch MDR - dw-provided Splunk licensing 50gb per day | $245,198.00 |
MEDR | deepwatch MEDR - up to 1001 endpoints - dw-provided EDR licensing | $98,369.00 |
VM | deepwatch VM Essential - up to 2500 IPs - dw-provided VM licensing | $192,251.00 |
FW | deepwatch FW - up to 10 FW - BYOL Palo Alto, Check Point, or Fortinet | $50,160.00 |
Vendor refund policy
All orders are non-refundable unless otherwise dictated in the MSA.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support Information Deepwatch Managed Security Platform Deepwatch Experts Customers are assigned a designated squad of Deepwatch experts including a delivery team, customer success managers, analysts, detection engineers, firewall engineers, threat hunters, and threat responders. Customers will have specific direct communication points with their supporting squad members. Time Sensitive/Critical Issues: 1-844-477-8762, Option #1 Refund Policy All orders are non-refundable unless otherwise dictated in the MSA.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Deepwatch
By Sophos
By Rapid7
Top
10
In Healthcare & Life Sciences
Top
10
In Vulnerability and Patch Management, Data Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Alert Prioritization Engine
Patented Dynamic Risk Scoring alert engine for precise threat identification and response prioritization
Security Monitoring Coverage
24x7x365 monitoring and threat response across AWS environments, Splunk, and foundational SOC tools
Managed Security Services
Comprehensive offerings including Managed Detection & Response (MDR), Managed Endpoint Detection & Response (MEDR), Managed Vulnerability Management (VM), and Managed Firewall (FW)
Security Posture Assessment
Proprietary Security Index with quantitative analysis and industry benchmarking for SecOps program maturity evaluation
Threat Hunting Capabilities
Proactive threat hunting and precision response to threats across the attack surface
Threat Detection and Response
Automatic threat detection and neutralization with 99.98% threat interception rate, supported by 24/7 managed detection and response service with threat hunting and neutralization experts
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, detect malicious activity, and identify misconfigurations with agentless malware scanning for S3 storage and integration with AWS GuardDuty and SecurityHub
Endpoint and Workload Protection
Agent-based protection for Windows and Linux hosts against modern threats including ransomware, fileless attacks, and advanced malware
Network and Firewall Protection
Cloud-native, virtual, and physical firewall appliances providing network visibility, protection, and response across public, private, and hybrid cloud environments
Unified Management and Orchestration
Cloud-based centralized management platform enabling configuration, reporting, and real-time threat information sharing across endpoint, firewall, network, email, cloud, and identity solutions with automatic response actions
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Standard contract
No
No
No
Customer reviews
Pranay Jain
Continuous monitoring has strengthened payment security and now reduces incident impact quickly
Reviewed on May 03, 2026
Review from a verified AWS customer
What is our primary use case?
Deepwatch provides continuous rest monitoring, detection, and response to protect our organization from cyberattacks.
In our organization, Deepwatch 's continuous monitoring and detection help us monitor logs from applications and infrastructure whenever there is suspicious activity. Unusual login attempts or malware are detected, which generates alerts and helps our team respond accordingly, ensuring security even outside business hours.
For our organization, Deepwatch continuously monitors our application whenever we deploy our application in the European regions, especially for another application in V4, which is a payment application gateway similar to PhonePe. Deepwatch improves the security posture by enabling faster threat detection and response, reducing the chances of any breaches that can happen.
What is most valuable?
Deepwatch offers continuous security watching, even when we are outside our business hours. We work here from 11 to 9, but after that, our application still needs to be monitored. Deepwatch functions as a 24/7 managed detection and response (MDR) with human-led SOC support. It provides continuous monitoring of systems, not just during business hours. The combination of human plus AI, with automated threat detection backed by security expert SOC analysts, leads to faster incident response, immediate alerts, and guided responses. The real impact is not just detecting threats; Deepwatch actively helps investigate and respond, significantly reducing the response time and risk.
Deepwatch has automation and human intelligence for real-time threat detection and response.
Deepwatch positively impacts our organization by reducing incident response time because previously, there was no mechanism to follow up on incidents, such as any security breach in the payment gateway. It has reduced response time by 40 to 60 percent. Threat detection accuracy has also improved significantly, with 24/7 monitoring even after business hours.
What needs improvement?
There are specific details that can be improved in Deepwatch. After implementing it, we tracked both response time and threat detection accuracy using the SIEM dashboard. We measured response time using MTTD and MTTR. There are areas that can be improved, such as every alert having a timestamp for detection time and acknowledgment. We observed the MTTR dropping from a few hours to under one hour after using Deepwatch, so baseline metrics can be enhanced.
Deepwatch can reduce alert fatigue since sometimes it generates a high volume of alerts that overwhelm our team. This can create too many alerts in a short amount of time, making it hard for our team to understand what to do. Additionally, the dashboard can be improved for better user-friendliness for end-users, requiring better visualization of MTTR, threat trends, and risk scoring. Improvements can also be made in more automated playbooks for automated response to common threats, and there is room for deeper integration capabilities, as integration with some internal tools may require additional effort.
For how long have I used the solution?
I have been currently working in my current field for the last three years.
What do I think about the stability of the solution?
Deepwatch is quite stable in my case.
What do I think about the scalability of the solution?
Scalability-wise, Deepwatch is excellent. We have grown from 10,000 users to 10 lakh users, and Deepwatch is still working fine for our payment gateway applications.
How are customer service and support?
Deepwatch customer support is excellent. We haven't used customer support extensively, but they do have a 24/7 helpline number and a feedback mechanism for paying customers, which is commendable.
What was our ROI?
I have seen a return on investment because, as I mentioned previously, our downtime due to security issues used to be two to three hours, but now it is reduced to under one hour. The MTTR is reduced by 40 to 60 percent. Incidents that previously took two to three hours are now resolved in under one hour. The impact includes faster containment of threats, reduced damage and downtime, and a lower need for a large security team due to not having to build a full 24/7 in-house SOC team. Additionally, detection efficiency has improved, with false positives reduced by 30 to 40 percent, alongside risk avoidance and hidden ROI from preventing potential data breaches, compliance penalties, and reputation loss.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup costs, and licensing was mostly positive. Pricing was subscription-based, with costs dependent on logs, data volume, number of assets, endpoint monitoring, and the level of MDR services. Pricing was somewhat on the higher side compared to basic tools but justified due to the inclusion of 24/7 SOC support. Setup costs involved moderate initial effort, which was manageable.
What other advice do I have?
My advice for others considering using Deepwatch is that if someone has an application where security threats are common, especially in regions with strict security compliance requirements in Europe, then Deepwatch is an excellent application to use. I would rate this review an eight out of ten.
Bhavik T.
Amazing Security Operations with Expert Guidance and Continuous Monitoring by Deepwatch.
Reviewed on Feb 23, 2026
Review provided by G2
What do you like best about the product?
Deepwatch manages our Security Services by enhancing organization security operations and providing continuous monitoring. Deepwatch's team acts as true security guider rather than just a service provider. They deliver actionable insights clear communication and strategic guidance that helpping us stay ahead of upcoming threats also in out automation platforms like Torq Hyperautomation to orchestrate faster response workflows and reduce manual effort.
What do you dislike about the product?
We observed the documentation could help us a lot if the smoothness was better in transition. When we had big amount of log data than Splunk searches can be slow and this really depends on how driven the query is. In last if integrated partner systems have limitations can cause constraint to Deepwatch's performance and visibility.
What problems is the product solving and how is that benefiting you?
The team at Deepwatch was knowledgeable and able to help us negotiating some problems on our side which is awesome. They were very organized and able to provide adhere to a project plan. Even the team was willing to help us when we added more servers.
Uday L.
Reliable and Advanced AI Driven Cybersecurity With Deepwatch Nexa.
Reviewed on Feb 17, 2026
Review provided by G2
What do you like best about the product?
Deepwatch has provided a reliable and consistent service and deepwatch has collaborated with us to deliver a robust solution and has surpassed our expectations in addressing complex security issuse.The evaluation and contract negotiations were smooth at the right time.The transition went superior to anticipated and with what we would consider typical challenges.
What do you dislike about the product?
Initial on boarding and fine -tuning may take time for complex environments.Faster UI performance and more flexible integrations with niche security tools would also improve the overall experience and maintenance of the different service components has been a bit difficult.
What problems is the product solving and how is that benefiting you?
We recommend it for all Cybersecurity Company Organizations because Deepwatch Nexa Agentic AI is designed to solve and automate threat detection investigations and responses to help our teams reduce risk improve efficiency and corporate data being sold on the (DWMR) Dark Web Monitoring and response provides takedown services.
Geeta S.
Best tool for secure employee data and compliance
Reviewed on Jan 17, 2026
Review provided by G2
What do you like best about the product?
It is keeping our employee data very safe. The dashboard is showing clear reports of any suspicious activity by staff. It is giving peace of mind that our sensitive HR records are fully protected 24/7.
What do you dislike about the product?
The price is on a higher side for a mid size company budget. Some of the technical words in the weekly reports are simply beyond me (I am not a professional), too. "We need more plain language for the management team.
What problems is the product solving and how is that benefiting you?
We’re using it to protect employee- and salary-sensitive information against hacking. It’s also enabling us to watch for the insider threats. We are now in compliance of data privacy laws and feel a lot more comfortable.
Nicholas L.
Exceptional 24/7 Security Monitoring with Proactive Human Insight
Reviewed on Nov 20, 2025
Review provided by G2
What do you like best about the product?
Deepwatch brings together top-tier human analysts with smart tools and delivers 24/7 monitoring in a way that really feels like an extension of our security team. Their responsiveness has been excellent and their insight into our environment has helped us improve awareness and detection.
What do you dislike about the product?
One small point: their communication via certain channels (for instance Slack) can feel quieter than we’d like for real-time collaboration. Also, because they’re focused heavily on certain technologies (like Splunk) you might need to check how well your own tool-stack integrates.
What problems is the product solving and how is that benefiting you?
We were facing issues with alert overload, limited internal SOC capacity and stretched resources. Deepwatch stepped in to take on tier-1/2 triage, tune alerting, reduce false positives and bring more clarity to our security posture. That meant our internal team could focus more on strategic tasks, our detection improved and our operational load went down.