Question 1

What is ContraForce?

Accepted Answer

ContraForce is a Security Delivery Platform for MSSPs, MSPs, and security operations teams running Microsoft Sentinel and Defender. AI agents handle incident investigation and response. Gamebooks enforce consistent processes across every client. Your team reviews results and delivers outcomes without adding headcount. Deploy in 30 minutes on your current Microsoft stack.

Question 2

Is autonomous response safe?

Accepted Answer

Yes, and you control how much automation you allow. Gamebooks can require your team's approval before any response action runs. Every action is logged with a full audit trail. Most teams start with full manual review, then gradually enable automatic execution as they build confidence. You're never locked into full automation.

Question 3

What is a Security Delivery Agent?

Accepted Answer

Security Delivery Agents are AI agents that do the security investigation work your team doesn't have time for. They enrich incidents, run investigation steps, recommend next actions, and execute response workflows. Every action is logged. Your team stays in control of what gets approved and what runs automatically.

Question 4

How long does it take to deploy ContraForce?

Accepted Answer

About 30 minutes. ContraForce deploys in your Azure environment. Adding each client workspace takes minutes. Deploying additional client tenants and agents takes minutes too. Security data stays in each client's tenant. No data migration, no new infrastructure.

Question 5

How does ContraForce work with Microsoft Sentinel?

Accepted Answer

ContraForce connects to your clients' Microsoft Sentinel workspaces through secure federated access. No data leaves their tenant. AI agents investigate incidents, run Gamebook workflows, and execute approved response actions across every client from a single platform. No more jumping between portals.

Question 6

How does ContraForce improve service provider margins?

Accepted Answer

ContraForce reduces the time and headcount required per incident. AI agents handle investigation and response. Gamebooks enforce consistent execution across every client. You onboard more tenants without proportional headcount growth, which means higher margins on every contract. Partners typically see 30%+ margin expansion on managed security services within the first quarter.

Question 7

Does ContraForce replace Microsoft Sentinel or Defender XDR?

Accepted Answer

No. ContraForce runs on top of Microsoft Sentinel and Defender. Microsoft handles detection. ContraForce handles what happens next: investigation, response, and delivery across all your clients. Microsoft gives you the security tools. ContraForce is the delivery system that makes them run at scale.

ContraForce Service Provider Pricing - Partner Plans

XDR Only Plan - $500/month

XDR + SIEM Plan - $1,000/month

Additional Costs (Pass-through via Microsoft Azure)