The questions
we actually
get.

Measured MTTR in 2025 — 11 minutes across 187 qualified incidents. Our contractual commitments depend on the scope, but we typically commit to a contractual MTTR below 30 minutes for critical incidents, 24/7. The crisis cell activates in under one hour. The full SLA detail (by incident type, by criticality) is negotiated in the contract and reviewed monthly in steering committee.

An EDR (Endpoint Detection and Response) focuses on workstations and servers — it records process activity, network and file events, and detects malicious behaviour. An XDR (Extended Detection and Response) extends that logic to cloud, identity (Active Directory, Entra ID, Okta), network and email. It is a transversal consolidation that correlates an attack across multiple vectors. Hexceos Sentinel has been an XDR since version 1.2.

The follow-the-sun model outsources monitoring to different teams depending on the timezone — meaning heterogeneous skills, languages and contexts. Our 3×8 keeps the same French and Quebec team, with the same knowledge of your IT estate, 24 hours a day. It costs more to run, but it is what separates an 11-minute MTTR from a one-hour MTTR.

Our proprietary datacenter is in France (Île-de-France and Occitanie), operated by Hexceos employees, HDS-certified. No transfers out of the EU, no extra-European party in the critical chain. For workloads that must stay on a hyperscaler (technical or contractual reasons), we apply confidentiality architectures — end-to-end encryption, BYOK, strict segmentation, and regular audit of the subcontracting chain.

Yes, in the vast majority of cases. We plan migration by waves, with progressive cutover, regression testing, short switch windows (often overnight or over a weekend), and a documented rollback plan. No customer has suffered data loss since 2022. For applications incompatible with hot cutover, we communicate downtime windows several weeks in advance and we hold them.

No. Our user support is fully operated from France by Hexceos employees. No outsourcing, no offshore — this is a structural decision, not a paid option. In Quebec, support is operated locally by our Montréal team, also on Hexceos payroll.

Hexceos primarily manages SMBs and mid-market firms with 20 to 500 staff, in France and Quebec. We adapt the structure (named engineers, dedicated teams, steering committees) to the size of your IT estate and your business criticality. Below 20 staff, we offer a lighter package. Above 500, we work alongside your internal IT department in co-management rather than full outsourcing.

Our contracts are signed for 12, 36 or 60 months with annual budget alignment. For audit and compliance missions (point-in-time engagements), no duration commitment — flat-fee pricing per mission. End-of-contract reversibility is documented from day one: transfer of configurations, administrator accounts, documentation and ticket history. No hidden exit clauses, no imposed technical lock-in.

Reversibility is documented in the contract from signing: transfer of configurations, administrator accounts, operational documentation and ticket history. We support your successor (internal IT or another provider) during a typical 1 to 3 month transition phase, depending on criticality. Your data stays yours. No proprietary licence blocks the rollback — Hexceos Sentinel can be uninstalled without leaving residual dependency.

Managed SOC pricing depends on the volume of telemetry monitored (number of endpoints, cloud workloads, identities) and the service level (24/7 vs business hours, contractual MTTR, threat hunting). For an SMB with 100 endpoints requiring 24/7 coverage and a contractual MTTR under 30 minutes, the typical range is between €2,500 and €6,000 per month (excl. tax). We provide precise pricing after a 30-minute scoping call.

Hexceos is ISO 27001 and ISO 27005 certified across its full perimeter, fully GDPR-compliant, certified Health Data Host (HDS) for the relevant missions, and aligned with ANSSI recommendations. In Quebec we apply Law 25 and PIPEDA requirements. Our internal auditors are ISO 27001 Lead Auditor and CISA certified. For sector-specific missions (DORA finance, TISAX automotive), we hold the corresponding certifications.

Hexceos operates from its headquarters in Saint-Pierre-du-Perray (Essonne, France) and covers six service areas — Île-de-France, Montpellier, Béziers, Nîmes and Avignon in France, and Montréal in Canada. Our 24/7 SOC runs continuously across these locations, with a relay chain covering both continents. For point-in-time missions, we also operate across metropolitan France, Belgium, French-speaking Switzerland and Quebec.