FAQ
Questions before you reach out
Direct answers about what ShieldWith AI does, how we engage with Canadian clients and what you should expect from a defensive MDR practice that uses AI tools alongside human analysts.
QUICK ANSWERS
Common topics
If your question is not covered below, contact us at [email protected] or use the contact form. We respond within two business days during Pacific business hours.
Pre-engagement briefings — we prefer plain answers over slogans.
Is ShieldWith AI an antivirus / VPN you buy, a 'health shield' or insurance, or a course — and do you guarantee we'll never be breached?
No. We are an AI-driven managed detection and response (MDR) firm — a security operations team that monitors, triages and responds for client organizations. The .life TLD is branding only; "Shield" means cyber defence, NOT physical security, health or insurance, and we are NOT a consumer antivirus / VPN product, NOT a course. AI does the first pass on alerts to cut noise, but a qualified human analyst reviews and makes the call.
We shorten detection and response times and reduce risk — but no service can guarantee zero incidents or that you'll never be breached; outcomes depend on your environment, scope and how fast we can act together.
How does AI-assisted triage work in practice?
Telemetry from your SIEM, EDR, identity platform and cloud sources feeds correlation and machine-learning models that rank and cluster related signals. When a pattern exceeds a threshold, it enters our analyst queue — it does not go directly to your team as a confirmed incident. A ShieldWith analyst reviews context: change tickets, user role, geography, and whether the activity matches intelligence for your sector.
Only after human verification does an escalation reach your designated contacts. False positives are logged and fed back into detection tuning. AI accelerates search and prioritization; humans apply judgment, accountability and communication.
What does a typical MDR engagement cost in Canadian dollars?
Pricing depends on log volume, source count and coverage hours. Indicative ranges: an initial SOC assessment or scoping workshop typically starts around C$4,800. Ongoing MDR retainers run from approximately C$7,500 to C$19,000 per month. Fixed projects — cloud identity reviews, awareness programmes, detection tuning — range from C$5,000 to C$22,000. Incident response retainers are scoped individually.
All figures are CAD, exclusive of applicable taxes. We provide a written scope document before work begins. See our Services page for per-discipline detail.
Which security tools do you support?
We integrate with major SIEM, EDR/XDR and cloud-native logging platforms rather than requiring migration to a single vendor. During onboarding we inventory your stack and define connector scope. Our value is analyst verification, detection tuning and response coordination — not licence resale. If logging gaps exist, we document them honestly in the scoping report.
Where is client data processed?
ShieldWith AI Inc. is headquartered in Vancouver, British Columbia. Client telemetry and enquiry data are processed under agreements aligned to PIPEDA. Sub-processors, if any, are disclosed in client contracts. See our Privacy Policy for website-specific practices.
Do you perform penetration testing or offensive hacking?
Our core practice is defensive — MDR, monitoring and response. We do not offer unauthorized access, exploit development for illicit use, spyware or surveillance of individuals. If you require authorized penetration testing, we can discuss partner referrals; that work is not performed under the ShieldWith AI MDR retainer unless explicitly scoped and authorized in writing.
How quickly do you respond to verified incidents?
Response timelines depend on your retainer tier and the severity classification assigned by our analysts. For active MDR clients with defined escalation paths, initial analyst contact for high-severity verified events typically occurs within minutes of human verification — not from the moment a raw alert fires. We document expected response windows in your statement of work rather than publishing universal SLAs that ignore context.