foresite.com

What It Is

Foresite positions itself as an Agentic SOC and MDR/MXDR provider for modern security operations, emphasizing “Google scale” capabilities. Built around Google SecOps, Mandiant/Google threat intelligence, and its own Catalyst platform, it delivers managed detection and response, security operations, GRC, endpoint security, threat intelligence, security testing, and AI security governance. Its goal is not to offer a single tool, but to combine platform management, managed SOC, consulting enablement, and assessment/migration into a continuous operations service.

Core Capabilities and Protection Coverage

In terms of protection areas, Foresite covers SIEM, SOAR, operationalized XDR, MDR/MXDR, EDR management, firewall policy tuning, attack surface exposure management, penetration testing, and adversary simulation. A key highlight is Glass Box AI: agents can perform detection, investigation, enrichment, and response orchestration, while final response actions are authorized by humans, with the reasoning chain, audit trail, and logs preserved. For management and alerting, the material mentions a 24/7 SOC, named analysts, shared channels, joint investigations, real-time risk analysis, dashboards, and compliance reporting, making it suitable for teams looking to reduce alert fatigue and improve MTTR.

Deployment, Integrations, and Compliance

Deployment is primarily delivered as managed services and platform management for cloud, hybrid, and enterprise environments. Its integration capabilities appear strong, with explicit references to unified visibility across Google SecOps, Google Cloud SecOps, Mandiant Threat Defense, SIEM/SOAR/XDR, endpoints, networks, and cloud data. It also mentions MCP and A2A for agent orchestration. On the compliance side, its GRC offering can map controls to PCI DSS, HIPAA, NIST, ISO 27001, and Google frameworks, while providing continuous compliance monitoring, vCISO services, risk assessments, and audit reports. However, Foresite’s own certifications and data residency details are not disclosed.

Pricing, Pros, and Cons

The material does not disclose pricing, plans, minimum purchase size, or payment methods, so sales engagement and a custom quote are likely required. Its strengths include a comprehensive service portfolio, tight integration with the Google security ecosystem, and AI automation that emphasizes transparency and human control boundaries, making it well suited to environments with high compliance and audit requirements. Limitations include a clear dependence on Google SecOps, meaning implementation costs for non-Google technology stacks need to be evaluated. Information on pricing, SLA, local support, and Foresite’s own compliance attestations is also insufficient.

Best Fit and Access from China

Foresite is better suited to mid-sized and large enterprises, public-sector organizations, financial institutions, healthcare providers, and organizations that already use or plan to migrate to Google SecOps. It can help supplement 24/7 SOC staffing, detection engineering, compliance, and incident response capabilities. Access from mainland China, payment options, and local service availability are not specified, so these should be considered unknown. If network, procurement, or compliance restrictions apply, alternatives to compare include domestic providers such as QiAnXin, DBAPPSecurity, Venustech, and NSFOCUS, as well as international options such as CrowdStrike, Arctic Wolf, and Rapid7 MDR.