Partner Program for EU MSSPs
EU-sovereign compliance infrastructure for managed-security-service-providers and resellers. Base + per-managed-client pricing. White-label included by default.
Early access. Design-partner cohort accepting the first 5 MSSPs. Shipped May 2026.
Partner / MSSP
Covers the partner portal, white-label brand override, partner-side SSO, and cross-tenant SOC view.
Each managed client gets a Growth-equivalent feature surface, billed to the MSSP rather than the end customer.
- −15% on the per-client fee at 10+ managed clients.
- −25% on the per-client fee at 25+ managed clients.
- White-label (email + invoice brand-color override).
- EU data residency on Scaleway France.
- Deep support: NIS2, DORA, GDPR, ISO 27001, EU AI Act, CRA, PCI DSS.
- Dedicated partner support (next-business-day on tickets, EU hours).
- Partner portal access at /partner/clients.
- API access for MSSP automation.
Run the numbers in 30 seconds.
Plug in your client count and your average per-client MRR. The calculator shows your FortisEU monthly cost, your monthly revenue, and your gross margin. No sales call, no quote form.
Total clients you would manage on FortisEU. Slider range 1–50.
What you charge each end-customer per month, on average.
These numbers exclude your labour cost. Add roughly €30–60 per client per month for SOC analyst time at typical AT/DE rates to refine. The math uses the published rate card only — no fabricated benchmarks.
First 5 MSSPs. 50% off for 12 months.
We are building the partner tier publicly. The first 5 MSSPs to ship into production receive 50% off the base and per-client fees for 12 months in exchange for a published case study and quarterly product feedback.
What we ask
- One monthly call with our PM and engineering lead.
- One published case study with your logo and 1–3 quotes.
- Pre-launch beta access on new MSSP features (you tell us what is broken before we ship to GA).
- 12-month commitment so we can plan the roadmap around your portfolio.
What we offer
- 50% off base + per-tenant fees for 12 months.
- Named PM contact and direct Slack/Signal channel.
- Influence on the multi-tenant control plane v2 roadmap.
- Early access to logo upload, custom domain, and per-customer cohort billing analytics when those ship.
Everything in the partner tier.
- Multi-tenant compliance dashboard for your managed clients.
- Brand-color override on outbound emails and invoices (text-only branding for now — not full white-label yet, honest framing).
- Cross-tenant SOC view at /partner/clients (post-login).
- Deep support: NIS2, DORA, GDPR, ISO 27001, EU AI Act, CRA, PCI DSS.
- Partner support — next-business-day on tickets in EU hours. Real 24/7 ships once volume justifies it.
- 3-tier sub-processor DPA template (static PDF for now; runtime generator on the roadmap).
Sub-processors: /legal/subprocessors
What is on the roadmap, not in the box today.
We are honest about gaps. The partner tier shipped May 2026 in MVP shape. The items below are real work, sequenced after the first paying MSSP signal.
- Logo upload and custom-domain mapping (email and invoice are text-only branding for now).
- Portal-wide CSS theming (brand-color override only today).
- Per-customer cohort billing analytics (manual export today; v2).
- Multi-tenant control plane v2 — single control tenant + cross-tenant aggregator view today; deeper control plane on the roadmap.
How ASK answers MSSP-specific questions
A static example of an ASK response to the question every MSSP buyer asks. Shipped from the same Mistral pipeline live customers use.
How do I deliver NIS2 evidence to a client whose data my MSSP processes under their DPA?
You're acting as a processor under your client's controller DPA (Art. 28(3) GDPR), and FortisEU is your sub-processor under Art. 28(4). Practically:
- Your client signs a controller-processor DPA with you. Your sub-processor disclosure to them must list FortisEU explicitly (we publish the cascade list at /legal/subprocessors with a version stamp).
- Onboard the client through /partner/clients. The 3-step wizard captures DPA cascade acknowledgement plus the audit-log fields a regulator looks for in an Art. 28 reconstruction.
- When the client's DPO requests evidence, the “Generate audit-readiness pack” action on /partner/clients/[id] produces a print-ready report covering per-framework conformance, regulatory landscape, and the sub-processor list version that was in force at the moment of generation.
Sources: GDPR Art. 28(3) + (4); ADR-0125 (partner-portal split); ADR-0131 (DPA cascade contract); /legal/subprocessors (live list).
Common partner questions.
- Can I evaluate before signing?
- Yes. Register for the regular 8-hour sandbox to evaluate the platform. Partner-tier provisioning is sales-led — talk to us once you know it fits.
- What happens if I exceed my tenant cap?
- There is no cap. The volume kickers (−15% at 10+, −25% at 25+) auto-apply to the per-tenant component. No overage fees in v1.
- How does sub-processor cascade work?
- We publish a 3-tier DPA template at /legal/subprocessors covering Client → MSSP → FortisEU. Static PDF for now; a runtime generator with per-engagement values is on the v2 roadmap.
- Is white-label real or vapor?
- Email and invoice brand-color override is shipped today. Logo upload and custom-domain mapping are v2 (post first paying MSSP). Honest framing — no marketing claims about full white-label until it actually ships.
- What is the design-partner commitment?
- 12 months at 50% off base + per-tenant. In exchange we ask for one published case study with your logo and one monthly product feedback call. Limited to the first 5 MSSPs.
Apply
Limited to the first 5 design partners.
Email or use the application form. We respond within one EU business day.