Skip to main content
What you can cancel on Monday

Stop buying security in pieces.
Start being actually protected.

The average SMB with 40 endpoints pays for standalone antivirus, a managed firewall, annual pen tests, vulnerability scanning, dark web monitoring, and Cyber Essentials certification — all from different vendors, none of them talking to each other.

SOC in a Box replaces or surpasses every one of those line items with a single service, watched 24/7 by a named analyst backed by eight years of AI. The maths aren't close.

Standalone EDR £1,800/yr
Managed firewall £3,600/yr
Annual pen test £4,500/yr
Awareness training £500/yr
Vulnerability scanning £2,400/yr
DLP £1,060/yr
Dark web monitoring £600/yr
Cyber Essentials £3,200/yr
Cyber Liability Insurance £500/yr
Your current piecemeal security spend £18,160/yr
SOC in a Box — Medium (50 assets) £7,200/yr
Your annual saving £10,960/yr

Figures based on a typical 40-person professional services firm (South East England, 2025 pricing survey).

Pricing

Not the cost of a SOC.
The cost of not having one.

Avg. breach cost

£15,300

Average cost of a cyber breach for a UK SMB (DCMS 2024).

ICO fines

£8k–£175k

Typical ICO fines for SMBs following a reportable data breach.

Lost business

Incalculable

Client trust, reputational damage, and contract losses after a breach.

SOC in a Box

33p

per asset per day

From 33p per asset per day (Large plan). Cancel anytime.

£335/month

Up to 25 assets · 44p per asset per day

  • Physical or virtual appliance
  • 24/7 monitoring by SOC365
  • Named analyst
  • EmilyAI triage (8 years in production)
  • SMB Data Loss Prevention
  • DecoyPulse deception sensors
  • Active cyber defence
  • Vulnerability management
  • Threat intelligence
  • Attack surface management
  • Cyber Essentials certification
  • Cyber Liability Insurance
  • Confidence Score dashboard
  • Incident response
CREST-certified MoD supply chain approved Cyber insurance included Cancel anytime

Need expert hands? See the Security Concierge — hourly, block, or retainer. Or let us handle the entire deployment.

Need more than 100 assets?

For organisations with 101–250+ assets, we build custom plans tailored to your infrastructure, compliance requirements, and budget. Same 24/7 analysts, same EmilyAI, same CREST-certified service — scaled to fit.

Book a scoping call Try the savings calculator
Save more

Pay annually, save 10%

Choose annual billing and get two months free. All plans qualify — same service, same flexibility, better price. Contact us to switch to annual billing at any time.

Small · 25 assets
£3,618/yr

was £4,020/yr · save £402

Medium · 50 assets
£6,480/yr

was £7,200/yr · save £720

Large · 100 assets
£10,800/yr

was £12,000/yr · save £1,200

Annual plans are billed upfront. All annual plans include the same cancel-anytime guarantee — unused months are refunded pro-rata if you cancel early.

Referral Programme

Refer a colleague, both get a month free

Know another organisation that could benefit from SOC in a Box? Refer them to us — when they sign up, you both receive one month of service free. No limits on referrals.

Refer someone now
Security Concierge

Expert hands. Your hours.

Need a CREST-certified security engineer for hardening, advisory, compliance preparation, incident support, or on-site work? Book our Security Concierge by the hour — remote or on-site, standard or urgent.

Remote

£150/hour

Standard hours · 1-hour minimum

Remote — Urgent

£200/hour

Out of hours & emergency · 1-hour minimum

On-site (UK)

£200/hour

Standard hours · Half-day (4-hour) minimum
+ travel

On-site — Urgent

£275/hour

Out of hours & emergency · Half-day (4-hour) minimum
+ travel

Save with pre-purchased hours

£135/hour

10-hour block
Save £150

£120/hour

20-hour block
Save £600

£600/month

Monthly retainer
5 hours guaranteed

  • Remote: 1-hour minimum booking
  • On-site: Half-day (4-hour) minimum booking
  • Travel: Charged at 50% of your hourly rate, plus expenses at HMRC advisory rates
  • Scope: Every engagement backed by a clear statement of work
  • Engineer: CREST-certified · vetted · insured
  • VAT: All prices shown are exclusive of VAT

Ready to book? Schedule a scoping call to discuss your requirements and agree a statement of work.

Frequently asked questions

Questions we get asked every week.

Most clients cancel or don't renew: standalone EDR/antivirus, managed firewall monitoring, annual penetration tests, vulnerability scanning subscriptions, security awareness training platforms, dark web monitoring services, Cyber Essentials certification fees, and separate cyber liability insurance policies. SOC in a Box replaces or surpasses all of these. Read: The true cost of piecemeal security.

EmilyAI is our AI-augmented triage engine, in production since 2018. It pre-processes every alert, eliminates 92% of noise, enriches context with threat intelligence, and hands your human analyst only the signals that matter. Eight years of production data means fewer false positives and faster response than any vendor who launched their “AI” last year. Deep dive: How EmilyAI works.

Sensitive data classification, exfiltration monitoring (USB, cloud, email, shadow IT), pre-built policies for legal, accountancy, healthcare and professional services, insider threat detection with per-user behavioural baselines, and board-ready monthly reporting. Designed for small teams — not 10,000-seat enterprises. Read: What is DLP?

Five working days from scoping call to fully monitored. Day 1: scoping call. Day 2: appliance ships (next-day UK mainland delivery; virtual appliance available within 1 hour). Day 3: plug in and connect — under one hour to go live. Day 4: tuning, baseline, and DecoyPulse positioning. Day 5: 24/7 monitoring live with your named analyst. See the full deployment process.

No. SOC in a Box runs on the same SOC365 platform that protects MoD supply chain contractors and regulated enterprises. Same detection engine, same analyst team, same EmilyAI. The only difference is packaging and pricing — designed to make enterprise-grade security accessible to SMBs.

Cancel anytime. No lock-in, no exit fees, no minimum term beyond the current month. We keep clients by delivering value, not by trapping them in contracts.

Proactive threat hunting, dark web monitoring, attack surface management, vulnerability management with real-world exploitability prioritisation, and active remediation — including endpoint isolation, indicator blocking, and containment using your pre-approved response playbooks. We don’t just watch. We hunt. Learn more about active cyber defence.

Continuous scanning of dark web marketplaces, criminal forums, paste sites, and Telegram channels for your credentials, domains, email addresses, and data. When a match is found, your named analyst alerts you immediately and takes pre-agreed action — password resets, access revocation, or escalation. What is the dark web?

Continuous discovery of your external-facing assets — domains, subdomains, exposed services, open ports, shadow IT, and third-party integrations. You see what an attacker sees. Updated continuously, not once a year in a pen test report. Findings are triaged by your analyst and integrated into your Confidence Score.

Yes. SOC in a Box includes Cyber Essentials certification consulting, audit preparation, and the badge. Once certified, the government-backed Cyber Liability Insurance policy is included at no extra cost. Certification and cover from the same box. What UK insurers actually want to see.

Our Security Concierge gives you access to a CREST-certified security engineer — remote or on-site — for hardening, advisory, compliance preparation, incident support, or hands-free deployment. Rates start at £150/hour remote, with block-hour discounts and monthly retainer options available. See rates and packages. For on-site deployment, see the concierge deployment timeline.
Further reading

Still researching? We've got you covered.

What Does a Breach Cost?

The real figures behind a data breach for a small UK business — fines, lost revenue, and recovery costs.

Read

Cyber Essentials Guide

Everything UK small businesses need to know about Cyber Essentials certification — scope, cost, and process.

Read

Cyber Insurance Explained

What UK insurers actually want to see before they'll write a cyber liability policy for your business.

Read

50-Point Security Checklist

A comprehensive checklist of 50 controls every small business should have in place.

Read

Ransomware: The SMB Guide

How ransomware targets small businesses, what it costs, and how to prevent it.

Read

Phishing in 2025

Modern phishing attacks are harder to spot. What small businesses need to know to stay safe.

Read

The True Cost of Piecemeal Security

Multiple vendors, multiple invoices, no integration — why it costs more and protects less.

Read
Browse all articles
We sat down with our accountant and listed every security invoice we were paying — antivirus, firewall monitoring, pen test, vulnerability scans, Cyber Essentials. The total was over £1,400 a month and none of it talked to each other. SOC in a Box replaced the lot for less than we were spending, and now we have one analyst who actually knows our network.
Finance Director, 45-person accountancy practice, East Anglia

Download the SOC in a Box Brochure

Everything you need to know in one document — features, pricing, deployment, and how SOC in a Box replaces seven security invoices with one.

Download Brochure (PDF)

One box. One analyst. One invoice.
Eight years of AI behind it.

Book a 30-minute scoping call. We'll map your current security spend, show you what you can cancel, name your analyst, and quote your price — with no obligation.

Book your scoping call

5 working days to live monitoring · Next-day UK delivery · Cancel anytime