Frequently Asked Questions.
Everything you need to know about SecurityBox — what it does, how it deploys, and what it costs.
General.
M4 SecurityBox is a managed continuous behavioral risk assessment platform. It evaluates the risk posture of every host in your environment through behavioral analysis, assigns confidence-rated risk scores, and delivers actionable recommendations. The goal is measurable risk reduction — taking organizations from critical risk to sustained low-severity conditions.
Mantix4 MDR/NDR is our Managed Detection and Response solution with integrated Network Detection and Response. It provides 24/7 continuous monitoring, AI/ML-enhanced threat hunting, and actionable intelligence across your Network, Cloud, and Endpoint environments.
A SIEM produces event correlation, rule matches, and alert volumes that require skilled analysts to interpret. Mantix4 produces prioritized investigative objects, context-rich case artifacts, and actionable recommendations. The difference is operational: a SIEM creates work for your team, Mantix4 eliminates it.
Not necessarily. Mantix4 aggregates security information from multiple sources — network traffic, Active Directory, cloud services, identity providers, and EDR — correlates them, and produces prioritized findings with actionable recommendations. If you already have a SIEM or need one for regulatory reasons, all Mantix4 detections and alerts can be forwarded to it. Every case and risk report is retained for a minimum of one year by default for compliance purposes.
Mantix4 serves organizations of all sizes that need measurable risk reduction. Small businesses benefit from the fully managed model that requires no in-house security expertise. Managed service providers use M4 SecurityBox to deliver continuous risk assessment to clients. Organizations in regulated industries rely on the continuous compliance documentation and board-ready reporting.
Deployment.
Both run the same risk assessment platform. SecurityBox-Network is an on-premise appliance that ingests all signal sources — Active Directory, identity, cloud services like M365 and Azure, EDR — plus network traffic analysis via a bi-directional port mirror. SecurityBox-Cloud is for organizations with no physical office: we provide a cloud-hosted instance that does everything except network traffic analysis, since there's no physical network to mirror.
The appliance has two network interfaces. The management interface connects to a standard user VLAN — this is how it communicates, receives updates, and sends assessment data. The monitoring interface connects to a port mirror (SPAN port) on your firewall or edge switch — this captures bidirectional network traffic for analysis.
SecurityBox-Network deploys on-premise in hours — not weeks. SecurityBox-Cloud requires no hardware at all; we provision a cloud-hosted instance and begin assessment immediately. Baseline risk posture is established quickly, and you begin seeing measurable risk trends within the first week.
No. M4 SecurityBox is an agentless platform — there is nothing to install on your workstations, servers, or devices. It assesses risk by ingesting signals from your existing infrastructure: network traffic, Active Directory, cloud services, and identity providers. The only exception is SentinelOne XDR, an optional add-on that installs a lightweight endpoint agent for autonomous host protection and deeper telemetry.
The Deliverable.
Every host under management carries a continuously updated risk score — a single confidence-rated number from clean to critical. The score reflects behavioral anomalies, baseline deviations, and correlated signals. It tells you exactly where each host stands without requiring technical interpretation.
Mantix4 produces weekly risk trend reports, per-host risk summaries, executive risk posture overviews, and detailed case artifacts for investigated findings. Reports are designed for both technical teams and business leadership.
Mantix4 follows a three-phase approach: baseline your current risk posture, reduce critical and high-severity conditions through prioritized recommendations, and sustain low-risk conditions through continuous behavioral assessment. Weekly trend reports show measurable progress.
In a fully managed engagement, our team handles continuous risk assessment, investigation, and recommendations. Your team receives prioritized findings and acts on clear guidance. In a co-managed engagement, your security team works alongside ours with direct visibility into risk states and investigations.
Technical.
An identity is a Microsoft 365 or Google Workspace email account. Each identity is monitored for sign-in anomalies, geographic impossibilities, privilege changes, and access pattern deviations. Service accounts and shared mailboxes that have sign-in capability count as identities.
A host is any device with an operating system and an IP address that communicates on the network. This typically includes workstations, laptops, servers, and networking devices. VoIP phone systems are also hosts but are not counted in licensing.
The platform includes AI/ML-driven analysis, continuous behavioral risk assessment, per-host risk scoring, weekly risk trend reports, executive summaries, actionable recommendations, and fully managed operation. No feature gates — you get the full platform from day one.
All Mantix4 deployments include platform support. For general inquiries, contact us through the contact page or at Contact Us.
Still Have Questions? Let's Talk.
Our team is here to help. Get a personalized walkthrough of SecurityBox and see how it fits your environment.