The Respond Analyst Packaging

The Respond Analyst augments your frontline team, finding and escalating only important security incidents across your alerts and data.  Respond Software offers flexible packaging options to fit your specific security requirements.

Please call us at 1 (650) 282-2270 or contact us through our website for pricing details.


Signature-based sensor XDR

  • Network Intrusion and Detection Protection Systems
  • Endpoint Protection Platforms
  • Up to 10K endpoints
  • 2 users

Organizational context:
DHCP, Safe Lists, Incident History, Vulnerability scans, Manual Asset & Account Criticality Lists

Intelligence sources:
OTX Threat Intel, Public VPN Information Service, Geolocation Service, Geo Suspicious, TOR Anonymization Information Service


Advanced sensor XDR

  • Includes Standard package sensor evidence
  • Endpoint Detection and Response
  • Web filter/proxy
  • Industrial Control Systems (ICS) Intrusion and Detection Systems
  • Up to 25K endpoints
  • 4 users

Organizational context:
Standard, plus Automated Asset & Account Criticality Identification, Active Directory, Geo Location Importance, TTP Importance

Intelligence sources:
Standard, plus VirusTotal Threat Intel, Whois service, custom TIP support (STIX/TAXII)


Enterprise XDR

  • Includes Premium package sensor evidence
  • Unlimited endpoints
  • Unlimited users

Organizational context: 
Same as Premium

Intelligence sources:
Same as Premium

Use Cases:
All Premium Package use cases.

Cybersecurity Scenarios

Cybersecurity scenarios incorporate the MITRE ATT&CK® Framework and broader situations that require incident response.


  • Initial Access Exploitation
  • Malware Communications
  • Malware Outbreak
  • Exploitation Platform/Tools
  • Lateral Movement Exploitation
  • Network Reconnaissance Discovery


All Standard Package Scenarios included, plus:

  • Endpoint Malware
  • Credential Compromise

*Premium Scenarios include additional data from EDR and web filtering sensors for triaging, scoping and escalating incidents.


All Standard and Premium Package Scenarios included.

Investigative Actions

All packages include Investigative Action capabilities relating to the defense of the environment.  Premium and Enterprise Packages are enhanced by additional sensor data from Endpoint Detection and Response and web filtering event collection.

Investigative Action Standard Premium Enterprise
External System Reputation Analysis
Internal System Vulnerability Classification
Asset Criticality and Classification Identification
Internal System Previous and Current Incident Analysis
Network Intrusion Signature Classification
Network Intrusion Signature Importance Analysis
Network Traffic Direction Analysis
Network Traffic System Behavior Analysis
Network Traffic System Behavior Analysis
Network Malware Beaconing Analysis (IP Address)
Network Malware Outbreak Analysis
Network Lateral Movement Analysis
Account Criticality and Classification Identification
Endpoint Malware Classification
Endpoint Malware Importance Analysis
Endpoint Malware Outbreak Analysis
Endpoint Repeat System Offender Classification
Endpoint Repeat User Offender Classification
Endpoint Agent Action Analysis
Endpoint Hash Reputation Analysis
Endpoint Scan Type Classification
Endpoint Detection Type Classification
Endpoint File Characteristic Analysis
Exploitation Tool Detection
Premium* External System Reputation Analysis
Premium* Internal System Vulnerability Classification
Premium* Internal System Type Classification
Premium* Internal System Criticality Classification
Premium* Internal System Previous and Current Incident Analysis
Premium* Account Type Classification
Premium* Account Criticality Classification
Premium* Endpoint Agent Action Analysis
Premium* Endpoint Hash Reputation Analysis
Endpoint Signature Classification
Endpoint Signature Importance Analysis
Endpoint Command Line Evasion Analysis
Endpoint File Signature Verification Analysis
External Domain Registration Information Analysis
External Domain Reputation Analysis
External Domain Associated File and URL Analysis
Web Traffic Malware Beaconing Analysis (Domain)
Premium* Exploitation Tool Detection
Premium* Investigative Actions include additional data from EDR and web filtering sensors for triaging, scoping and escalating incidents. 

What Analysts Are Saying

“It’s critical to identify, investigate, and escalate the critical security alerts across your existing security stack. The Respond Analyst can assist beleaguered security teams to do so.”

Christina Richmond, Principal Analyst, ESG


The Respond Analyst, an XDR Engine Data Sheet

The Respond Analyst, an XDR Engine, is the first decision automation system for cybersecurity. With the speed, scale and consistency, the Respond Analyst is ready to go to work, out-of-the-box.