The Business Case
What Concord by IaxaI replaces.
What it returns.
Two readers, one page. The MSSP deciding whether Concord earns a slot in their delivery stack, and the regulated client whose audit evidence has to hold up in a room with an examiner. No prices on this page. Pricing is a conversation, not a download.
What Concord Replaces
Concord is not a SIEM, not a SOAR, not an MDR. It is the translation, correlation, and audit-evidence layer that sits across what you already run. Two readers see two different stories. Both real.
For the MSSP / MSP
What you stop paying for, in time and tools
- In-house parser maintenance every time a vendor changes a log shape. Concord ships 30+ vendor mappings and 6 production-ready connectors and self-heals when they drift.
- Per-client evidence assembly cycles where an analyst pivots through six dashboards to answer one auditor question. The audit ledger answers it from the source.
- Swivel-chair triage between SIEM, EDR, identity, and email tools. Semantic dedup pulls them into one narrative so an analyst stops correlating by hand.
- Bespoke dashboards per regulated client. Multi-tenant evidence flow lands in your existing delivery model, not next to it.
For the Regulated Client
What your team stops assembling the night before an exam
- Examiner-prep cycles. The FFIEC, SOC 2, HIPAA, NAIC, or CMMC packet drafts itself as events flow through, instead of weeks of screenshots and spreadsheets.
- Compliance consultant time that exists because nobody trusts the raw evidence. A tamper-evident ledger with hash-chained provenance gives the auditor what they actually want.
- Remediation projects on findings that came from broken evidence rather than broken controls. A control either ran or it didn't, and the ledger says which.
- The annual ritual of asking your MSSP "what are you actually doing for me?" The answer is a packet, not a status meeting.
What Gets Returned
Capacity. Confidence. Speed at the points where speed actually matters: when an analyst is triaging across tools and when an examiner is asking for evidence.
Analyst capacity
Time analysts spent assembling context (copy-pasting between SIEM, EDR, identity, email, and ticketing) comes back to threat hunting and tuning. Concord does the correlation; the analyst does the work that needs a brain.
Audit confidence
When an examiner asks "prove this control ran on this date," the ledger answers with raw event → correlated incident → action taken. Bring it to the meeting and stop rebuilding it after.
Faster evidence delivery
Compliance Auto-Packets compose from the ledger in a sitting instead of a quarter. MSSPs hand a regulated client an audit-grade deliverable on the cadence they want it, not the cadence the spreadsheet allows.
Less ops drag per tenant
Multi-tenant from day one. Drift detection and auto-repair mean a vendor log shift doesn't mean a Saturday for your engineer. Add a tenant by configuring it, not by re-onboarding.
Internal benchmarks of the underlying engines: 94.3% entity-resolution confidence and 83.4% semantic-similarity scores (internal benchmarks; security-domain validation in progress). We'd rather show them in a working call than print them on a billboard.
Which Tier Matches Your Practice
Three configurations. Pick the one that matches your delivery model and the regulatory weight of the clients you serve. Pricing is a conversation, not something we plaster on a website.
Core
Smaller MSP/MSSP practices, AI-era tech scale-ups, regulated clients beginning their evidence-automation journey
- Up to 10 vendor mappings active per tenant
- 1 compliance framework (FFIEC, SOC 2, HIPAA, NAIC, or CMMC)
- Semantic translation + entity resolution
- Audit ledger with tamper-evident hash chain
- Single-region deployment
- Business-hours partner support
Pro
MSSPs serving regulated mid-market clients: regional banks, healthcare payers, insurance carriers, defense-aligned tech
- Up to 20 vendor mappings active per tenant
- 2 compliance frameworks per tenant
- Drift detection + auto-repair workflow
- Compliance Auto-Packet generation
- Multi-tenant evidence flow with per-tenant chains
- On-prem Edge Gateway available
- 24/7 priority partner support
- Quarterly partner business review
Enterprise
Larger MSSP partners, upper-mid regulated institutions, defense-adjacent and pre-IPO tech with custom evidence demands
- Unlimited vendor mappings
- Unlimited compliance frameworks
- Custom mapping with delivery SLA
- Detection Portability Layer (reverse transpiler)
- Dedicated customer success manager
- Custom retention and key-custody options
- Air-gapped / on-prem deployment supported
- Audit-ready evidence package handoff
Every tier includes implementation, vendor-mapping updates, and engine improvements. No hidden professional-services line items. Add-ons (custom framework templates, extended retention, premium integrations, executive reporting, on-prem deployment) are scoped into the contract, not bolted on after.
MSSP Founders Program
Five MSSP partners. A full year, free. Direct line to the founders.
The Founders Program is a five-slot cohort for MSSPs and MSPs serving regulated mid-market clients: regional banks, healthcare payers, insurance carriers, defense-aligned tech. Founders Program partners help shape the product roadmap, get a direct line to Mike and Kyle for the life of the partnership, use the full product free for their first year, and then lock our lowest rate for the life of their contract.
Slots are real. When they're gone, the program closes. Apply if your practice already serves regulated clients and the audit-evidence handoff is the part that hurts.
Five slots. First year free, then our lowest rate for life.
Direct line to Mike (CEO) and Kyle (CTO).
Roadmap input on the next surfaces shipped.
White-label evidence handoff to your clients.
Implementation: One to Three Weeks Per Tenant
No twelve-month migration. No army of professional-services consultants billing hourly. Concord reads from your existing telemetry. It does not replace anything your team already runs.
Week 1
Connect
Point existing syslog and API feeds at the tenant's Concord instance. Universal Adapter auto-detects the vendor stack against the 30+ shipped mappings. Concord reads; it does not write back into your tools.
Week 2
Tune
Review the first correlated incidents with the tenant's analyst lead. Adjust priority thresholds, confirm entity-resolution merges, and lock in the compliance framework mapping for the audit packet.
Week 3
Live
Production. Correlated narratives, audit ledger active, evidence flow ready for the tenant's next exam window. No parallel-run period required. The source telemetry still flows to whatever lived there before.
What an MSSP commits
- One delivery engineer for ~half a day per tenant onboarded: feed configuration and tenant scaffolding.
- One analyst lead for one to two hours during Week 2 tuning per tenant.
- A named partner success contact for quarterly review.
- Existing syslog / API access to the tenant's tools. No new agents.
What the regulated client commits
- Read-only feed access for the tools already in production.
- A compliance lead to sign off on the framework mapping during Week 2.
- No new hardware. No agents. On-prem Edge Gateway available where data residency demands it.
- Nothing leaves the tenant's environment without their say-so.
What It Takes to Run It
Concord does not create a new operating burden. It removes ones you're already carrying.
| Resource | Time Required | Notes |
|---|---|---|
| Dedicated Concord administrator | 0 FTEs | Self-maintaining. Vendor-mapping updates ship as part of the platform. |
| Daily SOC usage | Existing workflow | Analysts use Concord as the investigation surface. It replaces dashboard-hopping, not the analyst. |
| Quarterly tuning review | ~2 hours | Review correlation thresholds and merge decisions; check new mappings. |
| Vendor log-format drift | Auto-repair | Drift detection proposes the new mapping; an engineer approves it; the ledger records it. |
| Adding a new vendor or tenant | Configuration, not migration | Park-and-flag onboarding wizard handles unmapped sources without blocking the receive path. |
Trust: Because Your Auditor Will Ask
Audit-grade is a claim a lot of vendors make. Here's the version we ship.
Audit ledger
Append-only, hash-chained, Ed25519-signed evidence chain. Per-tenant chains. Replay from the receipt back to the source event. The evidence holds even if the engine is offline.
SOC 2 Type I
Targeted Q3 2026. The gate that unlocks regulated-client deployments through MSSP partners. Scoping is in flight; we'll publish the report at attestation, not before.
On-prem Edge Gateway
For tenants whose data cannot leave their environment: defense-aligned tech, CMMC-bound contractors, regulated healthcare. Cloud control plane stays in scope; evidence stays at home.
Patent-pending engines
The Semantic Translation and Entity Resolution engines that anchor the platform are under active US patent prosecution. We don't lead with the patents. But if a competitor tells you nobody's ever built this part before, ask them whose name is on the application.
Talk to the founders.
Mike Hancock built the production MVP. Kyle Scott runs the engine roadmap. Pricing, tier fit, and Founders Program qualification are conversations we'd rather have with you on a call than with a download form.
Channel-only. We sell through MSSPs and MSPs serving regulated mid-market clients. We don't bypass our partners.