Customers
Existing relationships that create visibility
Technology relationships give Softcat deep understanding of each customer's environment, risk profile, and priorities.
Softcat works with over 10,000 customers. Those relationships create a deep understanding of each organisation's environment, risk profile, and priorities. Our cyber security services build on that foundation.

Softcat closes the gap between security spend and security results. Existing technology relationships give our specialists real context for each environment. Verified credentials and operational depth back that up.
Technology relationships give Softcat deep understanding of each customer's environment, risk profile, and priorities.
Analysts operate at 60% capacity. That headroom means availability for priority incidents without queue delays.
Verified benchmarks for time-to-detect and time-to-respond. A requirement of Microsoft MXDR verification.
Credentials confirmed by independent bodies and vendor programmes.
Four connected services covering assessment, prevention, detection and response, and active incident handling. Each works independently. Together they cover the full lifecycle.
Pure-play managed security providers detect and respond. When the work extends beyond the SOC, the relationship reaches its limit. Softcat operates the SOC and the wider technology business behind it. One relationship covers assurance, platform operations, threat detection, incident response, and the supply chain that supports recovery.

Softcat works with security vendors across the market. Recommendations are based on what fits the environment, not a restricted product set.
Real outcomes from real engagements. See how organisations across the UK have strengthened their security posture with Softcat.
Get in touch
Common questions about Softcat Cyber Services, from managed detection and response through to advisory assessments and accreditations.
What is MXDR and how is it different from traditional managed security?
MXDR stands for Managed Extended Detection and Response. Traditional managed security forwards alerts for internal teams to investigate. MXDR analysts detect, investigate, and take containment actions across the environment. Softcat's MXDR is Microsoft-verified.
What security frameworks do Softcat assessments cover?
Assessments align to NCSC CAF, NIST CSF 2.0, CIS Controls v8, NIS2, DORA, and Cyber Essentials Plus. Each produces a maturity score, gap analysis, and prioritised roadmap. The Security Risk and Compliance Assessment and the Security Controls Assessment are the lead offers.
What happens during a security incident?
Softcat provides active incident response during live security events, covering forensic investigation, containment, and recovery. When incidents demand infrastructure rebuild, the wider Softcat technology business mobilises hardware and restores platforms alongside the security team.
Do we need to use all of Softcat's cyber services together?
No. Each service works independently. Some organisations start with an assessment and progress to managed services. Others begin with Cyber Defence & Response. The services are stronger in combination, but the entry point depends on priorities.
Does Softcat have its own Security Operations Centre?
Yes. Softcat operates a UK-based SOC staffed by specialist security analysts. The SOC provides 24/7 threat detection, investigation, and response. Analysts operate at 60% capacity to ensure availability for priority incidents.
Can Softcat help if we already use Microsoft E5 but have not activated the security features?
This is a common starting point. Many organisations have paid for Sentinel, Defender XDR, and Entra ID through E5 licensing but lack the skills to configure and run them. Softcat's MXDR activates and operates these tools as a managed service.
How does Softcat differ from specialist cyber security firms?
Pure-play managed security providers detect and respond. When the work extends beyond the SOC, the relationship reaches its limit. Softcat operates the SOC and the wider technology business behind it. That means a single relationship for assurance, platform operations, threat detection, incident response, and the supply chain that supports recovery.
What accreditations does Softcat hold for cyber security?
Softcat holds Microsoft-verified MXDR status (October 2024), MISA membership (since April 2024), and four Microsoft security designations: Cloud Security, Identity and Access Management, Data Security, and Threat Protection. Softcat is also an NHS SBS Cyber Security Framework supplier across all three lots, one of only seven approved providers.