Sell cybersecurity services — under your name
zcr handles everything end-to-end — present, demo, PoC, implementation, and managed 24×7. You focus on the customer relationship, then we share the revenue. No platform to build, no team to hire.
Your customers need cybersecurity — but most partners still can’t sell it.
The Computer Act requires service providers to retain logs. PDPA mandates data protection and breach notification. The Cybersecurity Act requires monitoring and response for critical infrastructure. Together they create real demand. You already have the customer base — what’s missing is something you can actually sell.
Sources: Verizon DBIR 2024 and industry estimates. Refresh against the latest sources as needed.
Why most partners don’t enter the cybersecurity market
- ✕Build a SOC yourself THB 3–5M / year
- ✕Specialists are scarce and expensive analysts, threat hunters, IR — all tight markets.
- ✕Invest in infrastructure before selling SIEM, storage, licensing costs hit before the first deal.
- ✕Risk of failing to deliver Sell, miss the deadline, damage the customer relationship.
zcr ลบอุปสรรคทั้ง 4 ข้อ — คุณได้ทั้ง platform, ทีมผู้เชี่ยวชาญ และการส่งมอบ 24×7 ในนามคุณ โดยไม่ต้องลงทุนอะไรเลย
zcr is not new — national-scale organisations already trust us
We protect Thailand’s critical infrastructure — banks, energy, government, retail, and global manufacturers.
Founded 2023 · fast growth built on trust from Thailand’s critical infrastructure operators.
Three reasons zcr beats every product in your portfolio
Better margin
Recurring monthly revenue with margins higher than one-off hardware/product sales — and long contract terms on top.
We do it all
present · demo · PoC · implement · managed 24×7 — under your name. You barely have to lift a finger.
Zero investment
A revenue-share model — no SOC to build, no team to hire, no infra to buy. Sell first, share the profit.
Transparent pricing — customers check themselves at sizing.zcr.ai. Close deals fast, set your mark-up with confidence.
Better margin than the rest of your portfolio
- ✓Recurring revenue (MRR/ARR) Income arrives every month or year — not a one-off hardware sale.
- ✓High margin Service-based, no infra or stock cost on your side.
- ✓Long contracts = stable revenue Customers sign 1–3 year terms; churn stays low.
- ✓Easy, ongoing upsell Start with zcrLog → expand to SIEM · CTEM · SOC · MDR.
* Revenue-share rates vary by partner tier and volume. Talk to the zcr team for the exact numbers.
We do it all — under your name
From the first pitch to daily monitoring, zcr is the entire back-office team. The customer sees your brand — you focus on the relationship and closing deals.
Customers & contracts
Always under the partner’s name
Delivery & 24×7
zcr specialists (back-office)
Billing & reporting
Under the partner’s name
ลูกค้าเป็นของคุณ — zcr เป็นทีมหลังบ้านเท่านั้น แบรนด์และความสัมพันธ์ที่ลูกค้าเห็นคือคุณ (การคุ้มครองช่องทาง & deal registration ระบุในสัญญาพาร์ทเนอร์)
Zero investment — Revenue Share
Sell first, then split the revenue. No big upfront payment to start a cybersecurity business.
- ✕millions upfront
- ✕Hire in-house specialists
- ✕Pay first — ROI unclear
- ✓฿0 upfront Use zcr’s platform and team
- ✓No need to build a SOC team in-house
- ✓Sell → share revenue Cash-flow positive from deal one.
upfront investment to start selling — turn your existing customer base into recurring revenue today.
Transparent pricing — calculate it yourself in seconds
Customers and partners enter the organisation size and see the real price instantly. Close deals fast, build trust, and set your mark-up with confidence.
* Starting prices — final price depends on scope and volume. Calculate the full number at sizing.zcr.ai or request a quote from the zcr team.
Platform — software the customer runs themselves
End-to-end modular coverage: Visibility → Protection → Response. Sell modules individually or as a bundle.
Log Management
Centralised log retention under the Computer Act — the easiest deal to close.
SIEM
Detect, correlate and investigate threats across sources — with MITRE ATT&CK coverage.
SOAR
Automated playbooks that speed response and cut analyst manual work.
Exposure Management
See internet-exposed assets, vulnerabilities, and dark-web mentions from the attacker’s view.
Web / API Protection
Block OWASP Top 10, bots, and DDoS for customer web apps and APIs.
OT / ICS Security
Visibility and protection for industrial systems, passive — no impact on production lines.
Services — what our team does for you, under your name
Services are where the recurring margin is best, and where full white-label works — the customer sees your brand; our specialists do the work.
zcrSOC · zcrMDR — continuous monitoring & response, recurring revenue every month. 8×5 / 16×5 / 24×7 · Essential/Complete · BYO-EDR
Assessment & Simulation
- ✓Pentest / VAPT
- ✓DDoS Simulation
- ✓Web Defacement
Risk Management · CSRM
- ✓Attack Surface (ASM)
- ✓Data Leak / Dark Web
- ✓Supply Chain Attack
Secure Development
- ✓Secure Coding (SC)
- ✓Awareness Training (SAT)
Advisory & Delivery
- ✓Consulting · PDPA / ISO / BoT
- ✓Implementation & Deploy
- ✓Incident Response / DFIR
Managed Monitoring
- ✓zcrManaged Grafana
- ✓zcrManaged Zabbix
All services are delivered “under your name” — zcr is the back-office (see the White-label slide).
One sale — revenue that grows on its own
Start with the customer’s most urgent gap, then expand one step at a time — every step is incremental recurring revenue.
One customer = revenue that grows from tens of thousands / month to hundreds of thousands / year, with virtually no extra effort from you — zcr handles delivery at every step.
Everything zcr prepares so you can start selling
- ↗Presales & Sizing team Design scope and pricing for every deal.
- ↗Demo environment Ready to use, no setup required.
- ↗PoC support Test on the customer’s real environment.
- ↗Co-branded / white-label sales materials Slides · datasheets · reports.
- ↗Training & certification Get your sales and technical teams ready fast.
- ↗Deal registration Protect the deals you open.
- ↗Dedicated partner manager One point of contact for you.
- ↗24×7 delivery team SOC / MDR delivery under your name.
Where foreign vendors can’t compete
zcr is designed for Thai regulations from day one — that’s why banks, hospitals, and government agencies choose us.
Breach notification in 72 hours
Handle DSRs (data subject requests) · auto-mask PII.
Incident notification without delay
Workflow to notify NCSA for critical-infrastructure operators, with report drafts ready.
Control mapping
Map controls to Bank of Thailand guidelines.
Bilingual reporting
EN / TH ready for executives
Data residency in Thailand
Data stays in-country
Mapped to NIST / ISO / IEC
CSF 2.0 · 27001 · 62443
Any partner type can build on zcr
MSSP
Add SIEM · SOC · MDR · CTEM to your portfolio without expanding headcount or building a platform.
MSP
Build on your existing Managed IT base — add security, lift ARPU per customer.
Distributor
Managed security ready to push to resellers — multi-tier margin, transparent pricing.
ISP
Turn your existing enterprise/SME base on the network into recurring security-bundle revenue.
Commit more — earn more
Four tiers — start simple, grow with us. Higher tiers unlock higher revenue share and richer benefits.
- ✓Deal Registration
- ✓Demo / NFR license
- ✓Basic training
- ✓+ Priority presales
- ✓+ Starter MDF
- ✓+ Certification
- ✓+ Partner manager
- ✓+ Lead sharing
- ✓+ Target-based rebate
- ✓+ Co-sell with zcr
- ✓+ Full MDF + Exec support
- ✓+ Joint roadmap input
* Tiers and rates are indicative starting points — adjust to actual policy. % refers to the share of recurring revenue.
Become a partner — 4 steps
Typical timeline: sign & onboard ~1–2 weeks. After enablement your team is ready to sell. Open your first deal as soon as you have a customer in hand — the platform, team, and sales materials are already in place.
Become a zcr partner today
Turn your customer base into recurring cybersecurity revenue — no investment, no team to build.
Partner Program
hello@zcr.ai
Transparent Pricing
sizing.zcr.ai
zcr Platform
zcr.ai
Request a live demo · run a PoC on your own data · ask for industry-specific reference cases.