Inforcer has launched a Threat Detection and Response product for managed service providers, extending its Microsoft 365 security platform into incident detection and remediation.
The London-based software supplier is targeting MSPs that want to manage preventative controls and breach response in one system rather than through separate tools. The service is available through an early access programme.
For the past three years, Inforcer has focused on what security teams often call "left of boom" work: preventative controls designed to reduce the likelihood and impact of attacks before they happen. The new release moves the business into "right of boom" operations, covering detection, incident management and response after a threat has emerged.
Inforcer sells multi-tenant Microsoft 365 management software to MSPs. Its platform is already used by more than 1,200 partners across North America, Europe, the Middle East, Africa and Asia-Pacific. The company argues that many providers have built fragmented security stacks that separate prevention, visibility and response, creating operational gaps.
Microsoft focus
At the centre of the new product is monitoring across Microsoft 365 services. Inforcer says the system collects telemetry from Entra, Defender, Purview, Teams and SharePoint, alongside wider Microsoft 365 activity, to give MSPs a broader view of events inside customer environments.
That wider scope matters because many detection tools focus mainly on identity signals, leaving service providers to piece together alerts and context from several products. Inforcer says its approach is intended to give operators a fuller picture of user actions and security events while reducing false positives.
The broader pitch reflects a shift in the MSP market, where providers are under pressure to show customers not only that they have preventative controls in place, but also that they can identify and contain breaches quickly when they occur. Remote working and wider use of artificial intelligence have added to that pressure by increasing the number of possible attack paths and reducing the cost and speed of launching attacks.
Single workflow
By combining preventative management with detection and response, Inforcer is positioning itself as a single operational layer for MSP teams managing multiple Microsoft 365 tenants. The company says this could help partners consolidate workflows instead of adding more specialist security products.
That strategy also reflects the economics of the MSP sector. Service providers often need to prove the value of ongoing security work to retain clients and protect recurring revenue. Visible threat monitoring and response can also be easier for customers to understand than preventative configuration work alone.
Inforcer was founded to help MSPs standardise Microsoft 365 policies across customer tenants, automate configuration and monitor compliance. The tools are designed to reduce reliance on manual scripting and flag policy drift that can increase risk over time.
The company has expanded quickly since launching in 2023, adding offices in the United States, Australia, the Netherlands and Denmark alongside its Richmond headquarters in London. It also says more than 100 MSPs are adopting the platform each month.
Jamie Daum, Chief Executive Officer at Inforcer, outlined the company's ambition for the platform in comments accompanying the launch.
"At Inforcer, we're building the complete security platform MSPs can use for the long term," said Jamie Daum, Chief Executive Officer at Inforcer. "We're consistently innovating and expanding, so MSPs can innovate and expand alongside us. With Threat Detection and Response, Inforcer is now the single, centralised platform for multi-tenant Microsoft 365 management across the entire security lifecycle, both left of boom and right of boom."