What We Do
How we do it
Oct 18, 2021
Grief Ransomware Gang Claims 41 New Victims, Targeting Manufacturers; Municipalities; & Service Companies in U.K. & Europe
Grief Operators Earned an Estimated 8.5 Million British Pounds in Four Months Key Findings: The Grief Ransomware Gang (a rebrand of the DoppelPaymer Ransomware Group) claims to have infected 41 new victims between May 27, 2021—Oct. 1, 2021 with their ransomware.Over half the companies listed on Grief’s underground leak site are based in the U.K. and Europe. The Grief Ransomware Gang appears to…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Oct 12, 2021
eSentire Launches MDR with Microsoft Azure Sentinel Extending Response Capabilities Across Entire Microsoft Security Ecosystem
Waterloo, ON – Oct. 12, 2021 -- eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announced the expansion of its award-winning MDR services with Microsoft Azure Sentinel, as part of its integration with the complete Microsoft 365 Defender and Azure Defender product suites supporting Microsoft SIEM, endpoint, identity, email and cloud security services.…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Sep 30, 2020

Endpoints are the new cybersecurity front lines of defense

CrowdStrike and eSentire Logos

It seems customary now to start a blog post or report with some commentary about 2020 being a year of unprecedented change. We’ve probably all read, seen or heard so many statements along those lines that we tune them out as clichés.

But most clichés are based on truths and the reality is that when it comes to cybersecurity, 2020 really, truly has been a time of (unprecedented) change. Unfortunately, change in cybersecurity creates gaps in defenses and opportunities for attackers—and failing to evolve your defenses as quickly as possible can have very serious consequences.

Gates at the Barbarians

One significant change that manifested in 2020 is the dissolution of the traditional defensive fortress that surrounded digital assets. Previously, information and equipment was housed behind a robust firewall, with employees securely accessing network resources from endpoints within that trusted network (i.e., inside the fortress).

Now, with the widespread adoption of work from home (WFH) models, millions of employees are accessing network services from endpoints located on home networks, which are often “protected” by no more than consumer-grade equipment, which in many cases still have the default configuration and passwords.

Last year, barbarians would attack the gate to try to break through; in 2020, the gates are distributed all over the internet.

Plus, the increased use of VPN services compounds risk in two ways:

  1. In many cases, the VPN systems were rolled out very quickly, which has left services exposed and increased the attack surface
  2. Because the VPN assumes that anyone connecting to it using the proper credentials is trustworthy, an attacker who successfully compromises an endpoint (e.g., a home office worker’s corporate laptop) will enjoy tremendous privileges for lateral movement within the corporate network

This is no mere conjecture: in just the first six months of 2020—covering only the first few months of widespread WFH—CrowdStrike observed a dramatic increase in the number of attacks. Moreover, the nature of attacks is evolving: data from the same period shows more hands-on-keyboard attacks than in all of 2019.

Clearly, attackers are trying to take advantage of the dissolved security perimeter, so it’s crucial that organizations bolster their defenses accordingly.

What’s the major takeaway here? Modern and effective endpoint protection is the first and perhaps the most important line of defense.

Note: to learn more about the shifting front lines of cybersecurity, be sure to check out the on-demand webinar, “Future Forward: The Distributed World.” In this webinar, experts from eSentire and CrowdStrike examine real-world incidents to showcase the capabilities of attackers—and to highlight the necessity of endpoint protection.

Using endpoint protection effectively

Endpoint protection has come a very long way in recent years. Modern endpoint agents deliver a tremendous amount of threat signals and contextual telemetry and defensive capabilities, including next-generation antivirus and proactive threat hunting. Crucially, they also provide security analysts with a plethora of actions to take during investigation and containment operations.

However, with all of these capabilities comes added challenges and complexity. Selecting, deploying, configuring, managing and fully leveraging (e.g., for real-time triage and remediation, when required) modern endpoint protection technology can easily exceed most organizations’ IT resources, especially mid-market businesses.

These are just a few reasons why managed endpoint protection services—which enable rapid deployment and optimization of endpoint prevention and provide ongoing, dedicated support—are valuable and increasingly popular.

Working together, eSentire’s Managed Detection and Response (MDR) capabilities and CrowdStrike’s Endpoint Detection and Response (EDR) provide effective defense against, and fast containment of, the sophisticated endpoint attacks that threat actors employ. The visibility and quality of data provided by CrowdStrike’s Falcon platform, combined with the SOC analysis and threat hunting capabilities of the eSentire team, provide organizations with the strongest possible defense on the new cybersecurity front lines.

Chris Braden
Chris Braden Vice President, Global Channels and Alliances

Chris Braden is a veteran sales and channel executive, bringing over 20 years experience building, leading, and executing successful programs around the world. In his current role as the Vice President, Global Channels and Alliances, he is responsible for eSentire's global channel program, overseeing strategic partner recruitment, international expansion, and growth with current partners through an improved enablement program. He is a 2019 CRN Channel Chief recipient.

Matthew Polly
Matthew Polly VP of Worldwide Business Development, Alliances, and Channels, CrowdStrike

Matthew Polly currently leads the Business Development and Global Alliances organizations for CrowdStrike. Matthew joined CrowdStrike in 2017 after building the partner business for AppDynamics, as it grew from an early stage startup to a $3.7B sale to Cisco. Prior to AppDynamics, Matthew had various sales, product marketing, and alliances roles at Informatica. Previous experience includes business intelligence strategy consulting, sales and marketing for a tech startup, and research for a venture capital fund. Matthew began his career as a corporate lawyer. He holds a J.D. from the University of Kentucky and a degree in English from the University of Virginia.