What We Do
How we do it
Resources
TRU INTELLIGENCE CENTER
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
SECURITY ADVISORIES
Aug 17, 2022
Increase in Observations of Socgholish Malware
THE THREAT Starting in early August 2022 and continuing through the month, eSentire identified a significant increase in Socgholish (aka. FakeUpdates) malware incidents. Socgholish is a loader type…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1500+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Sep 20, 2022
eSentire Recognized as Top Global MDR Provider by MSSP Alert, CrowdStrike and G2
Waterloo, ON - September 21, 2022 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), celebrated multiple industry recognitions as the leading global MDR provider, over the last week: Named #9, and the top pure play MDR provider on MSSP Alert’s Top 250 MSSPs global rankingRecognized as the CrowdStrike 2022 Global MSSP Partner of the Year Earned G2’s industry-renowned status…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Sep 30, 2020

Endpoints are the new cybersecurity front lines of defense

3 minutes read
Speak With A Security Expert Now
CrowdStrike and eSentire Logos

It seems customary now to start a blog post or report with some commentary about 2020 being a year of unprecedented change. We’ve probably all read, seen or heard so many statements along those lines that we tune them out as clichés.

But most clichés are based on truths and the reality is that when it comes to cybersecurity, 2020 really, truly has been a time of (unprecedented) change. Unfortunately, change in cybersecurity creates gaps in defenses and opportunities for attackers—and failing to evolve your defenses as quickly as possible can have very serious consequences.

Gates at the Barbarians

One significant change that manifested in 2020 is the dissolution of the traditional defensive fortress that surrounded digital assets. Previously, information and equipment was housed behind a robust firewall, with employees securely accessing network resources from endpoints within that trusted network (i.e., inside the fortress).

Now, with the widespread adoption of work from home (WFH) models, millions of employees are accessing network services from endpoints located on home networks, which are often “protected” by no more than consumer-grade equipment, which in many cases still have the default configuration and passwords.

Last year, barbarians would attack the gate to try to break through; in 2020, the gates are distributed all over the internet.

Plus, the increased use of VPN services compounds risk in two ways:

  1. In many cases, the VPN systems were rolled out very quickly, which has left services exposed and increased the attack surface
  2. Because the VPN assumes that anyone connecting to it using the proper credentials is trustworthy, an attacker who successfully compromises an endpoint (e.g., a home office worker’s corporate laptop) will enjoy tremendous privileges for lateral movement within the corporate network

This is no mere conjecture: in just the first six months of 2020—covering only the first few months of widespread WFH—CrowdStrike observed a dramatic increase in the number of attacks. Moreover, the nature of attacks is evolving: data from the same period shows more hands-on-keyboard attacks than in all of 2019.

Clearly, attackers are trying to take advantage of the dissolved security perimeter, so it’s crucial that organizations bolster their defenses accordingly.

What’s the major takeaway here? Modern and effective endpoint protection is the first and perhaps the most important line of defense.

Note: to learn more about the shifting front lines of cybersecurity, be sure to check out the on-demand webinar, “Future Forward: The Distributed World.” In this webinar, experts from eSentire and CrowdStrike examine real-world incidents to showcase the capabilities of attackers—and to highlight the necessity of endpoint protection.

Using endpoint protection effectively

Endpoint protection has come a very long way in recent years. Modern endpoint agents deliver a tremendous amount of threat signals and contextual telemetry and defensive capabilities, including next-generation antivirus and proactive threat hunting. Crucially, they also provide security analysts with a plethora of actions to take during investigation and containment operations.

However, with all of these capabilities comes added challenges and complexity. Selecting, deploying, configuring, managing and fully leveraging (e.g., for real-time triage and remediation, when required) modern endpoint protection technology can easily exceed most organizations’ IT resources, especially mid-market businesses.

These are just a few reasons why managed endpoint protection services—which enable rapid deployment and optimization of endpoint prevention and provide ongoing, dedicated support—are valuable and increasingly popular.

Working together, eSentire’s Managed Detection and Response (MDR) capabilities and CrowdStrike’s Endpoint Detection and Response (EDR) provide effective defense against, and fast containment of, the sophisticated endpoint attacks that threat actors employ. The visibility and quality of data provided by CrowdStrike’s Falcon platform, combined with the SOC analysis and threat hunting capabilities of the eSentire team, provide organizations with the strongest possible defense on the new cybersecurity front lines.


Join 100,000+ Security Leaders

Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime.

By clicking the button below I confirm that I have read and agree to the eSentire privacy policy.

View Most Recent Blogs
Chris Braden
Chris Braden Vice President, Global Channels and Alliances

Chris Braden is a veteran sales and channel executive, bringing over 20 years experience building, leading, and executing successful programs around the world. In his current role as the Vice President, Global Channels and Alliances, he is responsible for eSentire's global channel program, overseeing strategic partner recruitment, international expansion, and growth with current partners through an improved enablement program. He is a 2019 CRN Channel Chief recipient.

Matthew Polly
Matthew Polly VP of Worldwide Business Development, Alliances, and Channels, CrowdStrike

Matthew Polly currently leads the Business Development and Global Alliances organizations for CrowdStrike. Matthew joined CrowdStrike in 2017 after building the partner business for AppDynamics, as it grew from an early stage startup to a $3.7B sale to Cisco. Prior to AppDynamics, Matthew had various sales, product marketing, and alliances roles at Informatica. Previous experience includes business intelligence strategy consulting, sales and marketing for a tech startup, and research for a venture capital fund. Matthew began his career as a corporate lawyer. He holds a J.D. from the University of Kentucky and a degree in English from the University of Virginia.