Dimension scores are derived from public data and fields; weighted into the composite. Reference only.
Latacora is not a traditional single-point security tool vendor. Instead, it is a long-term service team that helps technology companies “build, grow, and maintain” their information security practices. Its model is closer to a combination of embedded vCISO, security engineering, and managed detection and response: it first helps customers build capabilities, then gradually transfers those capabilities back in-house when appropriate.
Its services cover vCISO, risk and compliance, sales enablement, application security/cryptography/SDLC, detection and response, infrastructure security, and IT security. The detection and response offering is relatively comprehensive, including Panther single-tenant SIEM, MDR rule tuning and detection engineering, SentinelOne EDR, 24/7 triage, IR, Sublime email security, and deception defenses such as canary tokens. Infrastructure security covers AWS, GCP, and Azure, as well as common SaaS and identity environments such as GitHub, Google Workspace, and Okta. On the management side, each customer has a project manager, with issues typically tracked through Slack and regular meetings.
For compliance, Latacora explicitly supports SOC 2, ISO 27001, HIPAA, GDPR, CCPA, and more. It can assist with audit preparation, evidence collection, control design, and communication with auditors. It is a Vanta MSP partner and can import evidence such as penetration testing reports into Vanta. Note that the website describes helping customers achieve compliance, but does not disclose Latacora’s own certifications.
No specific pricing is listed on the official website. What can be confirmed is that Detection & Response uses a scalable, predictable, monthly model with no long-term commitment, and it states there are no surprise fees. IR investigation hours come with a guaranteed rate, with discounts available for prepaid hours. Vanta-related services are available with discounts and monthly payment arrangements.
The strengths are broad service coverage, long-term support, gradual handoff capability, and solutions for both early-stage teams and mature organizations. It is especially suitable for companies facing significant compliance pressure, such as SaaS, fintech, healthcare, and banking integration businesses. The downside is that it is not a lightweight self-service SaaS product, and procurement requires prior discussion. Public information on pricing, SLAs, payment methods, and regional support is limited. If you only want a standalone scanner or a one-off penetration test, it may feel too heavy.
The source content does not provide information on network accessibility from mainland China, payment methods, or local delivery, so this is rated as “unknown.” Chinese companies that need local compliance, Chinese-language on-site support, MLPS, or data export assistance should also evaluate domestic MSSP, MDR, cloud security, and compliance consulting providers as alternatives.
⚠ This review is compiled from public sources and does not constitute a purchase recommendation. Verify all facts on the vendor's official site. Verify on horse.restaurant official site.
horse.restaurant is an United States Security provider. TG4G tracks its product information, an overall rating of 6.0/10, and a China-accessibility score of Workable. Click "Visit Official Site" to reach horse.restaurant directly.