Sold by: Deepwatch
Deployed on AWS
Vendor Insights
Deepwatch is the leading managed security platform for the cyber resilient enterprise. Deepwatch extends security teams and proactively improves cybersecurity posture via its squad delivery model and patented Dynamic Risk Scoring alert engine. Deepwatch is a founding member of the AWS Level 1 MSSP Competency.
4.4
Overview
Deepwatch Managed Security Services
Sold by: Deepwatch Deepwatch operates as an extension of your cybersecurity team, providing comprehensive security management, 24x7x365 monitoring, and precise threat response. Deepwatch experts understand AWS security, allowing you to utilize existing security tools to improve visibility across your attack surface, and help organizations become more cyber resilient.
Highlights Human-led extension to customer security teams: high-touch squad delivery model that embeds resources within the customer organization Curated industry-leading SOC technologies: achieving rapid time-to-value around AWS, Splunk, and other foundational SOC tools with the Deepwatch Security Center Proactively drive SecOps program maturity: the Deepwatch proprietary Security Index includes quantitative analysis and industry benchmarking to drive ongoing security posture improvements
Product Overview Deepwatch partners with your team to deliver the cyber resilience your organization needs in todays global threat environment. Our dedicated team of security experts is on watch 24/7/365, and our technology provides the visibility and precision response required to overcome todays growing threats. Deepwatch builds and secures AWS environments and delivers unrivaled human-led security expertise, unparalleled visibility across your attack surface, precision response to threats, and the best return on security investments.
Benefits of Deepwatch include:
- More value from existing tools including AWS
- Access to Deepwatch Experts with real-time collaboration 24/7/365
- Deepwatch Platform of technology, people, and processes to improve cyber resilience
- Proprietary Security Index for managing security program growth
- Proactive Threat Hunting
- Precision response to threats
- Improved security posture
Deepwatch offerings include: Managed Detection & Response (MDR) Managed Endpoint Detection & Response (MEDR) Managed Vulnerability Management (VM) Managed Firewall (FW)
For more information and/or custom scoping and quote via Private Offer, reach out to Deepwatch at sales@deepwatch.com .
Highlights
- Human-led extension to customer security teams: high-touch squad delivery model that embeds resources within the customer organization
- Curated industry-leading SOC technologies: achieving rapid time-to-value around AWS, Splunk, and other foundational SOC tools with the Deepwatch Security Center
- Proactively drive SecOps program maturity: the Deepwatch proprietary Security Index includes quantitative analysis and industry benchmarking to drive ongoing security posture improvements
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Skip the manual risk assessment. Get verified and regularly updated security info on this product with Vendor Insights.
Security credentials achieved
(1)
AWS Managed Security Services Specialization
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
MDR | deepwatch MDR - dw-provided Splunk licensing 50gb per day | $245,198.00 |
MEDR | deepwatch MEDR - up to 1001 endpoints - dw-provided EDR licensing | $98,369.00 |
VM | deepwatch VM Essential - up to 2500 IPs - dw-provided VM licensing | $192,251.00 |
FW | deepwatch FW - up to 10 FW - BYOL Palo Alto, Check Point, or Fortinet | $50,160.00 |
Vendor refund policy
All orders are non-refundable unless otherwise dictated in the MSA.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
Support Information Deepwatch Managed Security Platform Deepwatch Experts Customers are assigned a designated squad of Deepwatch experts including a delivery team, customer success managers, analysts, detection engineers, firewall engineers, threat hunters, and threat responders. Customers will have specific direct communication points with their supporting squad members. Time Sensitive/Critical Issues: 1-844-477-8762, Option #1 Refund Policy All orders are non-refundable unless otherwise dictated in the MSA.
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Updated weekly
By Deepwatch
By Sophos
By Rapid7
Top
10
In Healthcare & Life Sciences
Top
10
In Vulnerability and Patch Management, Data Governance
Sentiment is AI generated from actual customer reviews on AWS and G2
Functionality
Ease of use
Customer service
Cost effectiveness
Positive reviews
Mixed reviews
Negative reviews
AI generated from product descriptions
Alert Prioritization Engine
Patented Dynamic Risk Scoring alert engine for precise threat identification and response prioritization
Security Monitoring Coverage
24x7x365 monitoring and threat response across AWS environments, Splunk, and foundational SOC tools
Managed Security Services
Comprehensive offerings including Managed Detection & Response (MDR), Managed Endpoint Detection & Response (MEDR), Managed Vulnerability Management (VM), and Managed Firewall (FW)
Security Posture Assessment
Proprietary Security Index with quantitative analysis and industry benchmarking for SecOps program maturity evaluation
Threat Hunting Capabilities
Proactive threat hunting and precision response to threats across the attack surface
Threat Detection and Response
Automatic threat detection and neutralization with 99.98% threat interception rate, supported by 24/7 managed detection and response service with threat hunting and neutralization experts
Cloud Security Posture Management
Continuous scanning of cloud environments to identify assets, assess security and compliance settings, detect malicious activity, and identify misconfigurations with agentless malware scanning for S3 storage and integration with AWS GuardDuty and SecurityHub
Endpoint and Workload Protection
Agent-based protection for Windows and Linux hosts against modern threats including ransomware, fileless attacks, and advanced malware
Network and Firewall Protection
Cloud-native, virtual, and physical firewall appliances providing network visibility, protection, and response across public, private, and hybrid cloud environments
Unified Management and Orchestration
Cloud-based centralized management platform enabling configuration, reporting, and real-time threat information sharing across endpoint, firewall, network, email, cloud, and identity solutions with automatic response actions
Attack Surface Management
Aggregates comprehensive attack surface visibility across hybrid environments with external attack surface scans to provide 360-degree view of entire attack surface
Vulnerability Management
Delivers complete visibility across on-premise and remote endpoints to identify, communicate, and remediate vulnerabilities, misconfigurations, and risks
Cloud Security
Provides code-to-cloud protection for cloud-native applications with seamless CI/CD pipeline integration and agentless risk assessment based on reachability, exploitability, and potential impact
Next-Generation SIEM and XDR
Delivers accelerated detection and response with SaaS deployment, intuitive interface, out-of-the-box detections informed by MDR SOC, and built-in automation capabilities
Threat Intelligence
Delivers high-fidelity actionable threat intelligence infused with proprietary threat and vulnerability research from Rapid7 Labs and community-driven tools
Standard contract
No
No
No
Customer reviews
Pranay Jain
Continuous monitoring has strengthened payment security and now reduces incident impact quickly
Reviewed on May 03, 2026
Review from a verified AWS customer
What is our primary use case?
Deepwatch provides continuous rest monitoring, detection, and response to protect our organization from cyberattacks.
In our organization, Deepwatch 's continuous monitoring and detection help us monitor logs from applications and infrastructure whenever there is suspicious activity. Unusual login attempts or malware are detected, which generates alerts and helps our team respond accordingly, ensuring security even outside business hours.
For our organization, Deepwatch continuously monitors our application whenever we deploy our application in the European regions, especially for another application in V4, which is a payment application gateway similar to PhonePe. Deepwatch improves the security posture by enabling faster threat detection and response, reducing the chances of any breaches that can happen.
What is most valuable?
Deepwatch offers continuous security watching, even when we are outside our business hours. We work here from 11 to 9, but after that, our application still needs to be monitored. Deepwatch functions as a 24/7 managed detection and response (MDR) with human-led SOC support. It provides continuous monitoring of systems, not just during business hours. The combination of human plus AI, with automated threat detection backed by security expert SOC analysts, leads to faster incident response, immediate alerts, and guided responses. The real impact is not just detecting threats; Deepwatch actively helps investigate and respond, significantly reducing the response time and risk.
Deepwatch has automation and human intelligence for real-time threat detection and response.
Deepwatch positively impacts our organization by reducing incident response time because previously, there was no mechanism to follow up on incidents, such as any security breach in the payment gateway. It has reduced response time by 40 to 60 percent. Threat detection accuracy has also improved significantly, with 24/7 monitoring even after business hours.
What needs improvement?
There are specific details that can be improved in Deepwatch. After implementing it, we tracked both response time and threat detection accuracy using the SIEM dashboard. We measured response time using MTTD and MTTR. There are areas that can be improved, such as every alert having a timestamp for detection time and acknowledgment. We observed the MTTR dropping from a few hours to under one hour after using Deepwatch, so baseline metrics can be enhanced.
Deepwatch can reduce alert fatigue since sometimes it generates a high volume of alerts that overwhelm our team. This can create too many alerts in a short amount of time, making it hard for our team to understand what to do. Additionally, the dashboard can be improved for better user-friendliness for end-users, requiring better visualization of MTTR, threat trends, and risk scoring. Improvements can also be made in more automated playbooks for automated response to common threats, and there is room for deeper integration capabilities, as integration with some internal tools may require additional effort.
For how long have I used the solution?
I have been currently working in my current field for the last three years.
What do I think about the stability of the solution?
Deepwatch is quite stable in my case.
What do I think about the scalability of the solution?
Scalability-wise, Deepwatch is excellent. We have grown from 10,000 users to 10 lakh users, and Deepwatch is still working fine for our payment gateway applications.
How are customer service and support?
Deepwatch customer support is excellent. We haven't used customer support extensively, but they do have a 24/7 helpline number and a feedback mechanism for paying customers, which is commendable.
What was our ROI?
I have seen a return on investment because, as I mentioned previously, our downtime due to security issues used to be two to three hours, but now it is reduced to under one hour. The MTTR is reduced by 40 to 60 percent. Incidents that previously took two to three hours are now resolved in under one hour. The impact includes faster containment of threats, reduced damage and downtime, and a lower need for a large security team due to not having to build a full 24/7 in-house SOC team. Additionally, detection efficiency has improved, with false positives reduced by 30 to 40 percent, alongside risk avoidance and hidden ROI from preventing potential data breaches, compliance penalties, and reputation loss.
What's my experience with pricing, setup cost, and licensing?
My experience with pricing, setup costs, and licensing was mostly positive. Pricing was subscription-based, with costs dependent on logs, data volume, number of assets, endpoint monitoring, and the level of MDR services. Pricing was somewhat on the higher side compared to basic tools but justified due to the inclusion of 24/7 SOC support. Setup costs involved moderate initial effort, which was manageable.
What other advice do I have?
My advice for others considering using Deepwatch is that if someone has an application where security threats are common, especially in regions with strict security compliance requirements in Europe, then Deepwatch is an excellent application to use. I would rate this review an eight out of ten.
Shivam Dhang
Continuous monitoring has improved threat detection and reduces incident response time
Reviewed on Mar 26, 2026
Review from a verified AWS customer
What is our primary use case?
Deepwatch is my main platform for managed detection and response across cloud and hybrid environments, providing 24/7 SOC monitoring. It helps with real-time threat detection, incident response, and log analysis, improving security posture and reducing response time in operations.
For example, using Deepwatch , we detected suspicious login attempts in a cloud workload via real-time log analysis. The platform triggered alerts and guided response actions, allowing us to quickly isolate the account, enforce MFA, and prevent a potential breach, reducing response time significantly.
Additionally, with Deepwatch, we use it for continuous monitoring of cloud logs, such as AWS CloudTrail and Azure Monitor , to detect anomalous activity and policy violations. It also helps in incident correlation and automated response playbooks, improving SOC efficiency and reducing mean time to detect or respond.
How has it helped my organization?
Deepwatch has positively impacted my organization by improving security posture and response efficiency through providing continuous monitoring and faster incident detection. It has also reduced SOC overload, workload, and alert fatigue, allowing teams to focus on critical threats instead of manual log analysis, improving overall operational efficiency.
With Deepwatch, I have seen a 40 to 50% reduction in MTTR due to faster detection and guided response playbooks. False positives have also dropped significantly by 40 to 50% through better correlation and risk scoring, which significantly reduced SOC workload and improved analyst efficiency.
What is most valuable?
Some of the best features of Deepwatch include 24/7 MDR plus with AI plus human expertise, providing continuous threat detection, investigation, and response across cloud and hybrid environments.
The most valuable feature for us in Deepwatch is its 24/7 managed detection and response with AI plus human expertise. This ensures us continuous monitoring, proactive threat hunting, and rapid incident response, significantly reducing the MTTR and alert noise while improving detection accuracy.
One additional outstanding feature in Deepwatch is its context-driven alerting and risk scoring with prioritized real threats instead of generating alert noise.
What needs improvement?
Deepwatch could improve with more granular customization of detection rules and alert tuning to better fit specific cloud workloads and use cases. Additionally, it can be improved by enhancing the dashboarding.
It should also support deeper cloud-native integrations such as AWS , Azure , and GCP, which would further improve operational efficiency and control.
Regarding the support, I would say that the support team should be more responsive because ideally, the response time of the support is quite long, which is sometimes frustrating. However, I do agree that for easy issues, they respond within the expected time, but for complex issues, they do take time to respond.
For how long have I used the solution?
I have been using Deepwatch for three years.
What do I think about the stability of the solution?
Deepwatch is stable.
What do I think about the scalability of the solution?
Deepwatch is scalable from smaller enterprise to large enterprise without any challenges.
How are customer service and support?
The customer support is good, and the response time is still not good but can be improved.
Which solution did I use previously and why did I switch?
We previously used traditional SIEM setups like Splunk with an in-house SOC operation. We switched to Deepwatch for managed detection and response to reduce operational overhead, improve threat detection accuracy, and get 24/7 expert-driven monitoring without scaling internal teams.
How was the initial setup?
Overall, the pricing for Deepwatch is premium, but it provides high value, especially for organizations replacing or augmenting an in-house SOC. The setup cost generally is low to moderate, and the onboarding can be as quick as less than one hour. However, tuning and integration add more effort.
What was our ROI?
There is a clear ROI observed with Deepwatch, both in operational and cost savings. In the operational part, we have seen a 40 to 50% reduction in incident response time and a significant reduction in analyst workload due to automation and expert-led triage. We have also seen an 86% reduction in event response cost and savings equivalent to multi-FTEs.
Which other solutions did I evaluate?
We evaluated several other options before selecting Deepwatch.
What other advice do I have?
I would recommend going for this product, and I would suggest asking the sales team for discounts because they do provide discounts. It is necessary to ask them and get the best deal out of it. My review rating for this product is 8.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
Bhavik T.
Amazing Security Operations with Expert Guidance and Continuous Monitoring by Deepwatch.
Reviewed on Feb 23, 2026
Review provided by G2
What do you like best about the product?
Deepwatch manages our Security Services by enhancing organization security operations and providing continuous monitoring. Deepwatch's team acts as true security guider rather than just a service provider. They deliver actionable insights clear communication and strategic guidance that helpping us stay ahead of upcoming threats also in out automation platforms like Torq Hyperautomation to orchestrate faster response workflows and reduce manual effort.
What do you dislike about the product?
We observed the documentation could help us a lot if the smoothness was better in transition. When we had big amount of log data than Splunk searches can be slow and this really depends on how driven the query is. In last if integrated partner systems have limitations can cause constraint to Deepwatch's performance and visibility.
What problems is the product solving and how is that benefiting you?
The team at Deepwatch was knowledgeable and able to help us negotiating some problems on our side which is awesome. They were very organized and able to provide adhere to a project plan. Even the team was willing to help us when we added more servers.
Uday L.
Reliable and Advanced AI Driven Cybersecurity With Deepwatch Nexa.
Reviewed on Feb 17, 2026
Review provided by G2
What do you like best about the product?
Deepwatch has provided a reliable and consistent service and deepwatch has collaborated with us to deliver a robust solution and has surpassed our expectations in addressing complex security issuse.The evaluation and contract negotiations were smooth at the right time.The transition went superior to anticipated and with what we would consider typical challenges.
What do you dislike about the product?
Initial on boarding and fine -tuning may take time for complex environments.Faster UI performance and more flexible integrations with niche security tools would also improve the overall experience and maintenance of the different service components has been a bit difficult.
What problems is the product solving and how is that benefiting you?
We recommend it for all Cybersecurity Company Organizations because Deepwatch Nexa Agentic AI is designed to solve and automate threat detection investigations and responses to help our teams reduce risk improve efficiency and corporate data being sold on the (DWMR) Dark Web Monitoring and response provides takedown services.
Geeta S.
Best tool for secure employee data and compliance
Reviewed on Jan 17, 2026
Review provided by G2
What do you like best about the product?
It is keeping our employee data very safe. The dashboard is showing clear reports of any suspicious activity by staff. It is giving peace of mind that our sensitive HR records are fully protected 24/7.
What do you dislike about the product?
The price is on a higher side for a mid size company budget. Some of the technical words in the weekly reports are simply beyond me (I am not a professional), too. "We need more plain language for the management team.
What problems is the product solving and how is that benefiting you?
We’re using it to protect employee- and salary-sensitive information against hacking. It’s also enabling us to watch for the insider threats. We are now in compliance of data privacy laws and feel a lot more comfortable.