Acronis has introduced Acronis MDR by Acronis TRU, a new 24/7/365 managed detection and response service aimed at solving one of the channel’s major bottlenecks: delivering advanced cybersecurity without the need to establish and operate a dedicated SOC. The company announced on April 7 that the service is now globally available and has been specifically designed for MSPs of any size, offering continuous monitoring, rapid incident response, and integrated cyber resilience capabilities within the same platform.
The move makes sense in the current market landscape. Many small and medium-sized businesses increasingly rely on their managed service providers not only for infrastructure, backups, or support but also for advanced threat detection and incident response. The challenge is that building such a service internally typically requires specialized analysts, mature processes, and 24-hour coverage—something difficult for a mid-sized MSP to sustain. Acronis aims to bridge this gap with a packaged offering operated by its Threat Research Unit (TRU), which combines security, remediation, and business continuity in a single service.
A Threat Detection and Response Service Designed for Partners, Not Large Corporate SOCs
The main difference in this launch isn’t so much the concept of MDR itself—already well known in the industry—but the target customer profile. Acronis emphasizes that its solution isn’t just for large organizations with mature security teams, but for MSPs seeking to add an advanced protection layer without increasing operational complexity. The company describes it as a service built on Acronis EDR and XDR, providing continuous oversight, investigation, containment, and response by specialized analysts.
According to official information, the new service also incorporates features that Acronis considers differentiators from traditional MDR solutions: patch management, attack rollback, and a business continuity layer supported by its data protection capabilities. This integration is significant because Acronis’s commercial approach for years has revolved around “cyber protection”—the combination of cybersecurity and recovery. In this case, the company extends that philosophy to MDR, emphasizing that detection alone isn’t enough—threats must also be contained and affected systems recovered swiftly.
Acronis also states that critical incidents can be resolved in as little as 15 minutes, though that figure should be taken with the usual caution associated with corporate communications: it reflects the declared goal and capability of the service, not a universal guarantee across all environments and incident types. Nonetheless, it clearly indicates the product’s focus: short response times and continuous operation for partners who would otherwise find it very challenging to deliver such coverage cost-effectively.
An Attempt to Simplify a Market-Driven Offer That Not Every Provider Can Deploy
The announcement aligns with broader industry realities. In their MSP trend analysis for 2026, Acronis referenced an Omdia report predicting managed services will grow by around 10% in 2026, a pace below historical levels amid budget pressures, commoditization, and margin compression. This environment makes heavy internal investments in cybersecurity talent and SOC operations even harder to justify. Thus, the appeal of a packaged MDR lies in enabling partners to sell more security services without building all the infrastructure themselves.
Acronis supports this approach with a flexible access model and a relatively straightforward deployment. The company emphasizes that the service is scalable and profitable for MSPs, alleviating operational burdens compared to creating a dedicated SOC. This message is backed by testimonials from partners like SIX ICT, whose CEO highlights the difficulty of providing 24/7 coverage with internal resources at a mid-sized provider. As with any such endorsements, these are provided by the manufacturer but serve to illustrate the kind of clients Acronis aims to attract.
A Global Strategy with a Local Layer
Another key aspect is that Acronis doesn’t limit its MDR strategy to a single centralized SOC. It presents Acronis MDR by Acronis TRU as its main offering but supplements it with two additional channels: Acronis MDR by Legato Security in North America, and delivery via regional MSSPs within its MSSP program. The idea is that MSPs can scale the service with support from specialized partners when needed, while maintaining local adaptation in language, regulatory compliance, and regional support.
This approach can be particularly relevant in European markets and for regulated clients. Managed cybersecurity increasingly hinges on data sovereignty, audit requirements, and national or sector-specific frameworks. An overly centralized service might not fit seamlessly across different territories. Acronis seeks to address this by combining global operations with local extensions, although the actual deployment and depth of regional partnerships still need to be demonstrated in practice.
Ultimately, the launch of Acronis MDR by Acronis TRU doesn’t transform the MDR market overnight, but it confirms industry trends: more packaged services, greater integration with data protection, and a focus on channel distribution as the primary route to SMBs. For Acronis, the opportunity is clear. If it can position its MSP base to see MDR as a natural extension of their platform—not an overly complex leap—it could strengthen its position, competing not only in backup and EDR but also as the comprehensive operational layer of security and continuity for its partners.
Frequently Asked Questions
What is Acronis MDR by Acronis TRU?
A 24/7/365 managed detection and response service tailored for MSPs, operated by the Acronis Threat Research Unit, offering monitoring, investigation, containment, response, and recovery functions.
How does it differ from traditional MDR?
Acronis presents it as an integrated offering that combines EDR, XDR, patch management, and recovery/rollback capabilities, rather than a service focused solely on alerts or monitoring.
Is it already available or still in pilot phase?
Acronis announced the global availability starting April 2026, offering it through its own TRU team as well as via selected MSSP partners.
What types of partners is it aimed at?
Primarily MSPs looking to expand their cybersecurity offerings without bearing the costs and complexities of running a full-time SOC.
via: acronis