eSentire White Logo

Blog | Sep 30, 2020

Endpoints are the new cybersecurity front lines of defense

CrowdStrike and eSentire Logos

It seems customary now to start a blog post or report with some commentary about 2020 being a year of unprecedented change. We’ve probably all read, seen or heard so many statements along those lines that we tune them out as clichés.

But most clichés are based on truths and the reality is that when it comes to cybersecurity, 2020 really, truly has been a time of (unprecedented) change. Unfortunately, change in cybersecurity creates gaps in defenses and opportunities for attackers—and failing to evolve your defenses as quickly as possible can have very serious consequences.

Gates at the Barbarians

One significant change that manifested in 2020 is the dissolution of the traditional defensive fortress that surrounded digital assets. Previously, information and equipment was housed behind a robust firewall, with employees securely accessing network resources from endpoints within that trusted network (i.e., inside the fortress).

Now, with the widespread adoption of work from home (WFH) models, millions of employees are accessing network services from endpoints located on home networks, which are often “protected” by no more than consumer-grade equipment, which in many cases still have the default configuration and passwords.

Last year, barbarians would attack the gate to try to break through; in 2020, the gates are distributed all over the internet.

Plus, the increased use of VPN services compounds risk in two ways:

  1. In many cases, the VPN systems were rolled out very quickly, which has left services exposed and increased the attack surface
  2. Because the VPN assumes that anyone connecting to it using the proper credentials is trustworthy, an attacker who successfully compromises an endpoint (e.g., a home office worker’s corporate laptop) will enjoy tremendous privileges for lateral movement within the corporate network

This is no mere conjecture: in just the first six months of 2020—covering only the first few months of widespread WFH—CrowdStrike observed a dramatic increase in the number of attacks. Moreover, the nature of attacks is evolving: data from the same period shows more hands-on-keyboard attacks than in all of 2019.

Clearly, attackers are trying to take advantage of the dissolved security perimeter, so it’s crucial that organizations bolster their defenses accordingly.

What’s the major takeaway here? Modern and effective endpoint protection is the first and perhaps the most important line of defense.

Note: to learn more about the shifting front lines of cybersecurity, be sure to check out the on-demand webinar, “Future Forward: The Distributed World.” In this webinar, experts from eSentire and CrowdStrike examine real-world incidents to showcase the capabilities of attackers—and to highlight the necessity of endpoint protection.

Using endpoint protection effectively

Endpoint protection has come a very long way in recent years. Modern endpoint agents deliver a tremendous amount of threat signals and contextual telemetry and defensive capabilities, including next-generation antivirus and proactive threat hunting. Crucially, they also provide security analysts with a plethora of actions to take during investigation and containment operations.

However, with all of these capabilities comes added challenges and complexity. Selecting, deploying, configuring, managing and fully leveraging (e.g., for real-time triage and remediation, when required) modern endpoint protection technology can easily exceed most organizations’ IT resources, especially mid-market businesses.

These are just a few reasons why managed endpoint protection services—which enable rapid deployment and optimization of endpoint prevention and provide ongoing, dedicated support—are valuable and increasingly popular.

Working together, eSentire’s Managed Detection and Response (MDR) capabilities and CrowdStrike’s Endpoint Detection and Response (EDR) provide effective defense against, and fast containment of, the sophisticated endpoint attacks that threat actors employ. The visibility and quality of data provided by CrowdStrike’s Falcon platform, combined with the SOC analysis and threat hunting capabilities of the eSentire team, provide organizations with the strongest possible defense on the new cybersecurity front lines.


Chris Braden

Chris Braden

Vice President, Global Channels and Alliances

Chris Braden is a veteran sales and channel executive, bringing over 20 years experience building, leading, and executing successful programs around the world. In his current role as the Vice President, Global Channels and Alliances, he is responsible for eSentire's global channel program, overseeing strategic partner recruitment, international expansion, and growth with current partners through an improved enablement program. He is a 2019 CRN Channel Chief recipient.

Matthew Polly

Matthew Polly

VP of Worldwide Business Development, Alliances, and Channels, CrowdStrike

Matthew Polly currently leads the Business Development and Global Alliances organizations for CrowdStrike. Matthew joined CrowdStrike in 2017 after building the partner business for AppDynamics, as it grew from an early stage startup to a $3.7B sale to Cisco. Prior to AppDynamics, Matthew had various sales, product marketing, and alliances roles at Informatica. Previous experience includes business intelligence strategy consulting, sales and marketing for a tech startup, and research for a venture capital fund. Matthew began his career as a corporate lawyer. He holds a J.D. from the University of Kentucky and a degree in English from the University of Virginia.