The One Security
The One Security is a unified security platform purpose-built for MSPs managing client environments. It brings together eight security disciplines — Security Awareness Training, phishing simulation, vulnerability management, SIEM/SecOps, GRC compliance, email security, dark web monitoring, and M365 posture — in a single, multi-tenant console.
What The One Security Does
| Capability | Description |
|---|---|
| Security Awareness Training | Assign courses, videos, quizzes, and policy acknowledgements; track completion rates and leaderboard |
| Phishing Simulation | Run simulated campaigns with five template types; auto-enroll clickers in remedial training |
| Vulnerability Management | Network scanning, CVE tracking with EPSS/KEV data, AI triage, patch management, remediation tracking |
| SecOps / SIEM | Alert pipeline, incident management, threat hunting, playbooks, response actions, log sources |
| Dark Web Monitoring | HIBP-powered breach scanning per email, 12h automated refresh, acknowledge/resolve workflow |
| M365 Posture | Monitor 10 suspicious event types across connected Microsoft 365 tenants; user risk scoring |
| Email Security | SPF/DKIM/DMARC domain management, DMARC aggregate report parsing, sender authorization |
| GRC & Compliance | Frameworks (HIPAA, SOC 2, GDPR, NIST CSF, CIS Controls), assessments, evidence collection, POAMs, vendor risk |
| Shadow AI Detection | Discover unauthorized AI services in use, classify risk, approve or block |
Pricing
| Package | Price |
|---|---|
| User Protection | $3/managed user/month |
| Full Security platform | Contact sales |
User Protection Package ($3/user/mo)
The User Protection bundle is designed for MSPs who want to protect every managed user without a full SIEM deployment:
- Security Awareness Training (SAT)
- Phishing simulation
- Dark web monitoring (HIBP breach scanning)
- M365 posture monitoring
- DMARC reports
See User Protection for the complete breakdown.
Who Uses It
| Role | Primary Use |
|---|---|
| MSP Security Analyst | Alert triage, incident response, threat hunting |
| vCISO | Executive reporting, compliance posture, vendor risk |
| Compliance Team | Framework assessments, evidence collection, POAMs |
| Account Manager | SAT completion tracking, phishing results, client-facing reporting |
How It Fits in the Stack
The One Security connects to your other One Stack products:
- Hub — SSO authentication; access from the Hub waffle menu
- PSA — Incidents and vulnerability findings auto-create tickets
- RMM — Device data enriches vulnerability context
- Defend — Alert correlation and IOC sharing between EDR and SIEM
- On-Call — Critical incidents escalate to the on-call technician
- CMDB — Asset criticality enriches alert severity
ℹ️The One Security requires an active Hub organization. All users authenticate via Hub SSO.
Next Steps
- Getting Started — First-time setup, connect M365, run your first scan
- User Protection — The $3/user bundle explained
- Vulnerability Management — CVE tracking, AI triage, patch management
- SecOps Overview — SIEM alerts, incidents, playbooks
- GRC & Compliance — Frameworks, assessments, evidence