Managed endpoint, old and new
EDR vendors built premium 24/7 managed services around the endpoint. The breaches that defined 2023 to 2025 did not start there. A walk through the correlation gap, why per-endpoint pricing is the wrong shape, and what comes next.
The biggest line item in your endpoint security budget is probably labeled "managed."
Most enterprises with EDR are also paying for the vendor's premium 24/7 managed wrap on top: CrowdStrike Falcon Complete, SentinelOne Vigilance, Microsoft Defender Experts for XDR, Sophos MDR, Trend Micro Managed XDR. The per-endpoint price typically runs two to three times the cost of EDR alone. The pitch is that the vendor's own analysts, with the vendor's own toolset, are watching the endpoint 24 hours a day.
The pitch worked when "the endpoint" was where attacks happened. It is increasingly not.
CrowdStrike's 2025 Global Threat Report documented that 79% of detections in 2024 were malware-free, up from 40% in 2019. Verizon's 2025 DBIR put stolen credentials as the top initial access vector at 22% of confirmed breaches. Microsoft's 2024 Digital Defense Report logged 600 million identity attacks per day. Mandiant's M-Trends 2025 put global median dwell time at 11 days.
None of those numbers describe an endpoint problem. They describe an identity problem, a cloud problem, and a SaaS problem, and the managed service most enterprises are paying for sees the smallest of the three.
This post is about what managed endpoint used to be, what it actually is now, and where the model breaks.
How we got here
Managed security started with MSSPs in the late 1990s. Counterpane (Bruce Schneier, 1999), ISS Managed Services, SecureWorks, Symantec. They monitored firewall and IDS logs, parsed signatures, escalated tickets. Endpoint coverage in this era was AV, not behavioral.
EDR arrived in 2013. Anton Chuvakin coined "Endpoint Threat Detection and Response" in a Gartner blog post in July of that year. CrowdStrike Falcon launched the same year. SentinelOne was founded the same year. Carbon Black followed in 2014. Microsoft Defender ATP went GA in 2017, renamed Microsoft Defender for Endpoint in 2020.
Gartner published the first Market Guide for Managed Detection and Response Services in 2016. MDR was defined as 24/7 monitoring, detection, and lightweight response delivered via the vendor's own toolset, distinct from MSSP log forwarding. Over the next eight years every major EDR vendor wrapped a managed service around its agent.
- CrowdStrike Falcon Complete (2017)
- Sophos MTR (2019, rebranded Sophos MDR in 2022)
- SentinelOne Vigilance (2019, with a Respond Pro tier added later)
- Microsoft Defender Experts for Hunting (Aug 2022) and for XDR (June 2023)
- Trend Micro Managed XDR (built on Vision One)
- Palo Alto Unit 42 MDR
The economics are roughly the same across the board: a premium tier priced at a multiple of base EDR, marketed as "best in class" coverage with a Service Level Agreement on response time.
What the EDR-vendor MDRs actually do
Worth being precise about scope, because the marketing pages tend to elide the boundary.
CrowdStrike Falcon Complete. Managed monitoring and response over Falcon endpoint, identity (Falcon Identity Threat Protection), and cloud workload (Falcon Cloud Security) telemetry. Native scope outside the Falcon ecosystem is limited. Public list pricing is not standard; channel benchmarks have placed Falcon Complete at roughly two to three times the cost of Falcon Pro or Enterprise.
SentinelOne Vigilance Respond / Respond Pro. Managed coverage over Singularity (XDR) data. Respond Pro adds DFIR and proactive hunting. Cross-source correlation depends on the customer pulling third-party data into Singularity Data Lake. Pricing not listed.
Microsoft Defender Experts for XDR. Managed service over Microsoft 365 Defender (Endpoint, Identity, Office 365, Cloud Apps). Strong inside the Microsoft estate, blind outside it. Public pricing was announced at GA in June 2023 at roughly $14 per user per month for E5 customers, depending on workload counts.
Sophos MDR. Three tiers (Essentials, Standard, Complete), priced more openly via channel at roughly $5 to $13 per user per month depending on tier and term. Complete includes a Breach Protection Warranty up to $1M. Notably broader than the other vendor MDRs in third-party data source support, including Microsoft, CrowdStrike, SentinelOne, and firewall vendors.
Trend Micro Managed XDR. Service wrap over Vision One (endpoint, email, network, cloud, identity). Sold via credits and quotes; not list priced.
Pure-play and hybrid alternatives. Arctic Wolf MDR is a SIEM-led pure-play, ingests endpoint, network, cloud, and identity, sold per user. Red Canary is EDR-agnostic, expanded over time from Carbon Black-only into identity, cloud, and SaaS. Expel is bring-your-own-tools by design, with broad scope across endpoint, AWS/GCP/Azure, SaaS, identity, and network.
The split that matters: the EDR-vendor MDRs are endpoint-anchored. They can ingest other sources, but their detection engineering, their playbooks, and their pricing are organized around the endpoint agent. Pure-plays and broad-scope SOC services are bring-your-own-tools and are organized around correlated telemetry from the start.
The correlation gap, in incidents
The simplest way to see why endpoint-anchored MDR is structurally limited in 2024 and 2025 is to walk through what actually breached organizations and where the detection would have fired.
Scattered Spider on MGM (Sep 2023) and Caesars (2023). Identify employees on LinkedIn, vish the IT help desk, request a password and MFA reset, log into the SSO, take an OAuth grant or AWS console session, exfiltrate from SaaS. ESXi ransomware came days later. Across the first four steps, there is no endpoint event at the victim. CISA's joint advisory AA23-320A catalogs the same TTPs across multiple targets. Endpoint MDR catches the ransomware stage, after the data is gone.
Snowflake / UNC5537 (mid-2024). Mandiant's writeup attributed roughly 165 customer-instance compromises to credentials harvested by infostealers running on personal and contractor devices, sold via Russian Market, and replayed against customer Snowflake tenants. AT&T, Ticketmaster, Santander, LendingTree, Advance Auto Parts. The endpoint footprint at the victim org is zero. The detection signal lives in the Snowflake audit log, the IdP log, and the network log.
Microsoft Midnight Blizzard (Jan 2024). Password spray on a legacy non-production tenant without MFA, then OAuth grant abuse, then read of senior leadership email. No endpoint compromise needed. HPE's January 2024 8-K describes the same actor reading HPE Office 365 mailboxes since May 2023, also entirely SaaS-resident.
Microsoft Storm-0558 (mid-2023). A China-aligned actor forged enterprise Exchange Online tokens using a stolen MSA consumer signing key. About 25 organizations including the US State Department and Commerce. Pure cloud token forgery. EDR is not in the picture.
Okta support unit (Oct 2023). A stolen service account credential gave the attacker access to support case files containing session tokens. Downstream impact at 1Password, BeyondTrust, Cloudflare. Endpoint events did not exist.
The pattern is consistent. Modern intrusions live in the IdP, the SaaS audit, the cloud control plane, and the network, sometimes for weeks before any endpoint signal arrives, and frequently without any endpoint signal at all. An MDR scoped to the endpoint sees the last 5% of the kill chain, after the data has already left.
The cost shape is also wrong
Per-endpoint pricing made sense when the endpoint was the attack surface. It does not anymore.
A modern SaaS-heavy company has roughly the same number of endpoints as employees, but it also has 80 to 200 SaaS applications, 4 to 10 IdP and MFA factors, several cloud accounts, and a growing number of AI agents and MCP servers with their own OAuth grants. The endpoint count is the smallest count in the building. Per-endpoint pricing charges only against the smallest surface and provides no scaling on any of the others.
IBM's Cost of a Data Breach 2024 report put global average breach cost at $4.88M (a record, up 10% YoY), with stolen or compromised credentials the most common initial vector at 16% of breaches and the longest to detect and contain. Public cloud breaches were the most expensive at $5.17M.
The procurement question that follows is uncomfortable. If your most expensive incidents are credential-driven and live in the cloud, why is your largest managed security line item priced on the smallest piece of the surface attackers actually use?
XDR was the first attempt, and it fell short
The industry recognized the gap and tried to close it with XDR.
Nir Zuk at Palo Alto coined the term in late 2018. Gartner published an Innovation Insight for XDR in March 2020 with subsequent updates. The thesis: natively integrate endpoint, network, identity, email, and cloud telemetry into one product, with vendor-curated correlation across them.
The execution had two structural problems.
Vendor lock-in. Each vendor's XDR sees its own ecosystem deepest. CrowdStrike XDR is great with Falcon, fine with a few partners, weak elsewhere. SentinelOne Singularity, the same. Microsoft 365 Defender, the same. The "X" in XDR was practical only inside one walled garden.
Shallow integrations. Outside the home ecosystem, XDR integrations were syslog ingest plus a few canned dashboards. Correlation rules were vendor-curated. The unified queue still required a human to tie a SaaS event to an endpoint event by hand.
The 2024 Gartner Hype Cycle for Security Operations placed XDR firmly past the Peak of Inflated Expectations. Open XDR (Stellar Cyber, Hunters, Anvilogic, Panther) and SIEM-led approaches (Splunk, Elastic, Sumo Logic) staked a counter-position. None of them solved the analyst-in-the-loop bottleneck. They moved the same investigation work into a different product.
The new way
The shape of the next thing is different from XDR in three places.
One: the model is the correlator, not a human SOC analyst. Mandiant's median dwell time of 11 days is mostly investigation time, not detection time. Compressing dwell time means compressing the analyst loop, not adding more analysts. AI agents that pull endpoint, IdP, cloud, SaaS, network, and email telemetry into a single graph and run the investigation autonomously is what changes the math. The first step in every Scattered Spider chain leaves a trace in the IdP. The first step in every Snowflake compromise leaves a trace in the Snowflake audit log. The same first step in a Storm-0558 chain leaves a trace in the Exchange Online audit. The signal exists; the bottleneck is the analyst time to reach it.
Two: the platform is the source of truth, not the EDR. The endpoint becomes one telemetry source among many, equal weight with the IdP, the cloud control plane, the SaaS audit log, and the network. Detection engineering targets entities (sessions, identities, tokens, hosts) rather than agents.
Three: the human MDR is an optional 24/7 add-on, not the product. A platform that runs the analyst loop end-to-end can plug a managed team in for off-hours coverage and edge cases. Organizations that want a single throat to choke get one. Organizations that already have a SOC get to scale it without hiring against the same labor pool everyone else is hiring against.
This is not XDR with a different logo. XDR put the vendor's tools in one console. The new pattern puts the customer's full telemetry into a model and removes the analyst from the path of every alert.
How we think about it
This is the problem we built Zaun for. The platform pulls telemetry across endpoint, IdP, SSO, SaaS, cloud, and network into a single correlated graph and runs investigation autonomously. The endpoint is one source among many, not the anchor. When the signal crosses a threshold, we contain, then explain.
For teams that want a 24/7 layer on top, our MDR offering plugs into the same platform. Same telemetry, same playbooks, same investigations.
If your managed endpoint line item is the most expensive thing your security team pays for, and your last three near-misses had nothing to do with the endpoint, come talk to us.