What We Do
How we do it
Resources
SECURITY ADVISORIES
Jul 29, 2021
UPDATE: PetitPotam NTLM Relay Attack
THE THREAT PetitPotam is a variant of the NTLM Relay attack discovered by security researcher Gilles Lionel. It is tracked as an authentication bypass vulnerability in Active Directory (Certificate Services); currently no CVE identifier has been assigned to this vulnerability. Proof of Concept (PoC) code released last week [1] relies on the Encrypting File System Remote (EFSRPC) protocol to…
Read More
View all Advisories →
Company
ABOUT eSENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Jul 12, 2021
Tecala and eSentire Partner to Protect Enterprises across APAC from Business-Disrupting Cyber Attacks
Sydney, 12 July, 2021 - Tecala, Australia’s award-winning technology services and IT consulting provider, today announced it has chosen eSentire, the global Authority in Managed Detection and Response (MDR) cybersecurity services, as their exclusive MDR solution provider in Australia and New Zealand. This partnership will enable Tecala to augment its cybersecurity practice and offer enterprises…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Resources
Blog — Mar 27, 2019

Effective security posture builds off a strong foundation

3 min read

As security threats continue to evolve and become more sophisticated, choosing the right combination of security tools to protect corporate environments becomes increasingly difficult. Security vendors, both start-up and well-established, are continuously developing new tools that solve very specific security problems. This further adds to the challenge of determining which products or services will satisfy a healthy balance between security and functionality, meet compliance requirements, and bring the organization’s overall security posture to a state that is within the bounds of acceptable risk.

Today’s CISOs, executives and boards have more choice than ever (for many, an overwhelming amount of choice) when it comes to products and services. So, what exactly is the best approach? Less is more? Zero-trust? Defense-in-depth? What does an organization actually need beyond a next-gen firewall and antivirus software in order to be considered secure? The answer (that will likely make you cringe as you read this) is, it depends. There is, unfortunately, no silver bullet that makes corporate assets completely safe and invulnerable to attack. Every organization has different drivers when prioritizing security needs: different budgets, compliance requirements, user behavior, etc.

In a world of not if, but of when threats make their way into IT environments, a good place to start in developing an effective security strategy is to find a solution that has strong foundational capabilities that allow for threats to be detected and responded to immediately. This is key to ensuring that the added tools effectively reduce risk and yield a return on the investment. Managed Detection and Response (MDR) provides organizations with threat data that allows them to better prioritize additional (technical) controls that might be necessary. In many instances, with MDR deployed there is a decreased need for additional spend on incremental solutions, as it adequately reduces potential organizational risk.

eSentire’s MDR service not only improves an organization's security posture by leveraging a team of highly skilled analysts to hunt for and respond to threats 24x7x365, it also provides deep visibility into the corporate environment. This level of visibility enables security teams to fully grasp where vulnerabilities lie, what areas of the network need improvement, and where to find risk associated with third-party vendors in order to reduce the attack surface and continue to mature the overall security posture.

Through eSentire’s esNETWORK, esENDPOINT, esLOG, and esINSIDER services, customers partner with a team of Security Operations Center (SOC) analysts, enabling them to quickly detect and respond to threats and drastically improve the level of visibility into network activity. Operating as an extension of internal security teams, eSentire SOC analysts focus on false positive reduction along with true positive detection and response and make recommendations by identifying areas of improvement within the environments they monitor.

In a noisy crowded space with more choice than need, the best path for ensuring a strong security posture, is to take the less is more approach and build a strong foundation first.

Tia Hopkins
Tia Hopkins Vice President, Global Sales Engineering