Fenrir SOC
Fenrir SOCFenrir MDRGARM · gratisFenrir WP BridgeFenrir WP Central How it works Pricing Compliance
ON-PREMISE · SOVEREIGN · 24/7
Fenrir SOC

You sleep. Fenrir doesn’t.

An AI-driven SOC that detects and responds to attacks on its own, on your servers. On-premise, sovereign, in plain language, at a public price. Set up in 48 hours.

fenrir-soc · srv-prod-01 live
SSH
1,204
events / 24h
Web · Nginx
38,902
requests / 24h
Auth
312
logins / 24h
Firewall
47
blocks / 24h
Syslog
OK
no anomalies
Services
9/9
active
Recent events 1 CRITICAL
02:01 SSH brute-force blocked
203.0.113.42 · conf 94% BLOCKED
01:46 Port-scan · approval
198.51.100.9 · conf 72% APPROVE
00:12 Admin login · MFA ok
10.0.4.21 OK
yesterday Nginx anomaly · log only
203.0.113.7 · conf 41% LOG
01 · Why Fenrir SOC

A real SOC, within reach of the SMB.

Not an antivirus, not a firewall: a security operations centre that watches, understands and acts. Without building it, without a dedicated team.

9 monitors, 1 view
Access, traffic, processes, files, backups. Every sensor in a single console, in real time.
On-premise AI
The analysis runs on your servers. No data leaves the perimeter. Sovereign for real.
Autonomous response
Above 90% confidence it blocks or isolates on its own, in under a second. And it tells you.
MTTD < 15 min
On known attacks. Signatures, patterns and correlated anomalies, mapped to MITRE ATT&CK.
NIS2-ready
Audit pack for the DPO, log retention, DPIA. Compliance is a state, not a PDF.
Calm alerts
What happened, at what confidence, and the action already taken. Confirm with a tap.
02 · Live monitoring

9 monitors, in real time.

Fenrir watches what matters on your servers and brings it into a single view. Show, don’t tell.

SSH
1,204
events / 24h
Web · Nginx
38,902
requests / 24h
Auth
312
logins / 24h
Firewall
47
blocks / 24h
Syslog
OK
no anomalies
Services
9/9
active
File integrity
OK
hashes verified
Processes
184
monitored
Backup
OK
verified · 02:00
03 · Graduated autonomy

It acts on its own only when it’s sure.

We always state what it does automatically and what it doesn’t. Below 60% confidence it doesn’t act: it logs.

> 90%

Automatic

Immediate block. Action executed and notified.

brute-force, known scanners
60–89%

Approval

Alert on Telegram, confirm with a tap.

suspect IPs, new patterns
< 60%

Log only

Recorded in the digest. No action.

low-level anomalies
04 · Protection in action

SSH brute-force, at 2 a.m.

You sleep. The server defends itself. You hear about it afterwards, calmly.

SSH brute-force · at 2am CRITICAL · 94%
02:00
The attack begins

458 attempts from IP 203.0.113.42 in 30 seconds.

02:01
The AI classifies · 94%

SSH brute-force. Critical risk.

02:01
IP blocked

Firewall rule added. Attacker out.

02:01
Alert on Telegram

Notification with the details and the action taken.

You sleep. The server is protected. Response: < 1 second
05 · Compliance

NIS2, GDPR, ISO 27001. Auditor-ready.

The state of health of your compliance, measured and current. The audit pack for the DPO is one click away.

GDPR 98%
NIS2 92%
ISO 27001 86%
SOC 2 78%
Checks · audit pack
Data-at-rest encryption Compliant
Log retention policy Compliant
Backup integrity Attention
MFA on privileged access Non-compliant
Network segmentation Compliant
Incident response plan Compliant
06 · Pricing

Public price list. No “request a quote”.

€49, €99 or €199 per server per month. An IT manager can buy it without a tender and without a salesperson.

Standard
€49
/server · month · excl. VAT
For the SME that wants to be NIS2-ready without breaking the budget.
  • 9 monitors + AI analyst on-premise
  • Up to 10 servers
  • Live dashboard + Telegram alerts
  • GDPR / NIS2 / ISO 27001
  • Email support within 48h
Most chosen
Premium
€99
/server · month · excl. VAT
Frontier AI: superior reasoning, fewer false positives, precise investigations.
  • Everything in Standard, plus:
  • Frontier AI analyst
  • Autonomous response · 5 reversible actions
  • Up to 30 servers
  • Multi-client dashboard
  • Email support within 24h
Sovereign+
€199
/server · month · excl. VAT
For those carrying NIS2 criminal liability (art. 20) who cannot afford a false negative.
  • Everything in Premium, plus:
  • Audit-grade AI, top tier
  • Unlimited servers
  • DPIA + audit docs from the P3 DPO
  • Direct phone line within 4h

One-off setup: €1,500 Standard · €3,000 Premium · €5,000 Sovereign+. AI API costs are billed per use (€1–300/month by plan). All prices exclude VAT.

07 · The family

One AI brain, all your sensors.

Fenrir SOC is the gateway to the server line. The same AI covers WordPress and the managed service.

Server line
Fenrir SOC
The AI-driven SOC that detects and blocks attacks on its own, on your servers. On-premise, in plain language.
from €49 / server · month Open →
Server line
Fenrir MDR
Managed detection & response on Windows, Linux and macOS endpoints. The AI responds 24/7, you supervise.
from €12 / user · month Open →
free
WordPress line
GARM
The WordPress malware scanner: pure PHP, zero shell. Integrity via official checksums, on any hosting.
free · Pro €99/site/year Open →
WordPress line
Fenrir WP Bridge
The plugin that brings your WordPress sites into the same SOC: event capture, self-audit and plain-language AI investigation.
Lite free · Premium €948/year Open →
WordPress line
Fenrir WP Central
Multi-tenant MSP console to manage and protect WordPress fleets. Posture, CVE, malware and hardening in bulk.
€7 / site · month Open →

You sleep. Fenrir doesn’t.

Book a 30-minute demo. In half an hour you see the monitors, the classification and a real response.

Install GARM · free

Book a demo of Fenrir SOC

In 30 minutes: the monitors in real time, how the AI classifies an attack, and the timeline of a real automatic response.