What We Do
How we do it
Oct 19, 2021
Hackers Infect Employees of Law Firms, Manufacturing Companies, and Financial Services Orgs. with Increasingly Pervasive Infostealer, SolarMarker
SolarMarker Infects 5X More Corporate Victims Using Over a Million Poisoned WordPress Pages Key Takeaways eSentire has observed a fivefold increase in SolarMarker infections. Prior to September, eSentire’s Threat Response Unit (TRU) detected and shut down one infection per week. Beginning in September, TRU averaged the detection and shutdown of five per week. SolarMarker is a…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Oct 12, 2021
eSentire Launches MDR with Microsoft Azure Sentinel Extending Response Capabilities Across Entire Microsoft Security Ecosystem
Waterloo, ON – Oct. 12, 2021 -- eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announced the expansion of its award-winning MDR services with Microsoft Azure Sentinel, as part of its integration with the complete Microsoft 365 Defender and Azure Defender product suites supporting Microsoft SIEM, endpoint, identity, email and cloud security services.…
Read More
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Blog — Mar 02, 2016

Notes from RSA: the tough economics bridging from prevention to detection

In his opening keynote this week, RSA President Amit Yoran emphatically delivered one key message: prevention is no longer good enough and security practitioners, industry and vendors need to embrace a detection and response approach.

This is good news for eSentire clients. Detection and response has been our approach to cybersecurity since day one. It assumes the stance that compromise from unknown threats is inevitable, and to focus efforts on rapid detection and response upon breach, such that damage can be mitigated. This approach has greater integration and dependence on the human analyst to augment behavioral and machine learning technology. We couldn’t be happier that the infosec industry is pushing in this direction. In addition to validating the approach we’ve used for over a decade, the approach comes down to doing whatever best protects people and organizations from our constantly evolving adversaries.

Amit also pointed out that Gartner predicts spend on detection and response to quadruple over the next few years, rising to account for 60% of IT security budgets by 2020. A shift like this does raise some concerns, specifically highlighting the need for more security analysts and Security Operations Centers (SOC). A “hunting” approach is less automated and fundamentally places a greater emphasis on skilled humans as part of the detection and response equation.

Most of us are aware that there is a global cybersecurity talent epidemic. In the United States alone, 200,000 cybersecurity jobs are unfilled today. And by 2019, estimates tell us that there will be 1.5 million unfilled positions. This talent gap will become amplified as industry and vendors make the shift from prevention to detection.

Here are a couple of things that small-to mid-sized organizations looking for cybersecurity services might see in the future:

  1. Vendors that lack experience: Expect to see a flood of new vendors offering detection and response security services. Many existing MSSP’s will introduce these types of services to augment existing portfolios. eSentire has spent over a decade operationalizing the detection and response process, tools and technology within our global SOC.
  2. Limited access for mid-sized organizations: There’s already a major labor shortage in IT security. Vendors will look to secure talent to build-out operations that target large enterprise to maximize revenues, leaving small-to-mid sized organizations with fewer qualified vendors to turn to for help.

To summarize, make sure you understand how both technology and human analysts are involved in the detection and response process for any vendor you’re interviewing. What does the Service Level Agreement (SLA) for detection and response look like, or does the vendor even have an SLA at all? What technologies are being used to detect or signal an analyst investigation and response? What actions does the vendor take to “respond” to a breach?

If you’re a small to mid-sized organization looking for a cybersecurity solution, make sure you ask the right questions to avoid headache down the road. If you’re not sure where to start, we can help.

Shabbir Lasani
Shabbir Lasani Product Marketer

Shabbir Lasani is a savvy product marketing professional who helps bridge market needs with great products.