What We Do
How we do it
Resources
SECURITY ADVISORIES
May 11, 2022
CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability
THE THREAT Microsoft has disclosed a new vulnerability impacting Active Directory Certificate Services (ADCS) tracked as CVE-2022-26923 (Active Directory Domain Services Elevation of Privilege Vulnerability). If exploited successfully, an authenticated attacker can escalate privileges in environments where ADCS is running on the domain. eSentire is aware of technical details and tooling [2] for…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1200+ organizations in 75+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
May 10, 2022
Cybersecurity Leader eSentire Introduces e3 Partner Ecosystem Transforming How Value Is Delivered to Business Leaders
Waterloo, ON, May 10, 2022— eSentire, the Authority in Managed Detection and Response (MDR), today announced the launch of its e3 partner ecosystem, representing experience, expertise, eSentire. The e3 ecosystem focuses on mapping partner engagement, productivity and overall experience to how business leaders are choosing to consume best-in-class cybersecurity services. Believing that we all have…
Read More
Partners
PARTNER PROGRAM
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
ECOSYSTEM PARTNER RESOURCES
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
Resources
Blog — Jan 02, 2020

The Seven Categories of MDR - #7 – MD-Big-R (Full Telemetry)

Speak With A Security Expert Now

Emerging from the traditional managed security service provider (MSSP) model, Managed Detection and Response (MDR) is an answer to the fact that threat actors have increased their ability to circumvent traditional detection measures. As early as 2011, MDR emerged (uncategorized at the time) with a single guiding principal: Acknowledge that a breach will happen. When it does, minimize threat actor dwell time to reduce risk.

However, as the MDR market has evolved, four criteria remain constant as key to minimizing threat actor dwell time in the event of a breach: visibility, fidelity, detection capabilities and response. When these criteria are measured against in-house resources, risk tolerance and available budget, they can be used to choose the appropriate MDR vendor based on your organizational requirements.

To help organizations make an informed cybersecurity solutions choice, eSentire has authored, The Definitive Guide to Managed Detection and Response (MDR) (and this blog series) which examines seven categories of MDR providers, measured across four criteria, which include:

MDR Category #7 – MD-Big-R (Full Telemetry)
MDR-FT is a viable option for organizations that have substantial security budgets and are looking for complete threat and IR Lifecycle coverage across any environment.

Profile
MD-big-R (Full Telemetry), or MDR-FT, represents the MDR indus- try’s most complete offerings.

Full visibility across on-premises and cloud environments, coupled with integrated machine learning and behavioral analysis, feeds threat hunters with vital information and facilitates near real-time threat detection and containment. Additionally, SLAs strictly outline potential threat actor dwell time, limiting client-side requirements for IR Lifecycle coverage.

Accordingly, the cost to remove those requirements for in-house capabilities across people, process and technology is typically hefty.

Importantly, organizations looking to outsource to MDR-FT providers must have complete trust in the provider’s capability to deliver on SLAs, or else the organization could be put at risk without adequate internal resources to address gaps. MDR-FT is a viable option for organizations that have substantial security budgets and are looking for complete threat and IR Lifecycle coverage among on-premises and cloud workloads.

Coverage

Strengths

Weaknesses

Questions and considerations:

While this blog provides a snapshot of one category of MDR, the intricacies and interdependencies are the varying types is complex. To learn more about the strengths and weaknesses for each of the seven MDR categories and how you can make an informed decision about what MDR solution best suits your organization, download The Definitive Guide to Managed Detection and Response (MDR) here: https://www.esentire.com/resource-library/the-definitive-guide-to-managed-detection-and-response-mdr

View Most Recent Blogs
Akash Malhotra
Akash Malhotra Technical Developer/Writer
With diverse knowledge of computer security, threat intelligence and front-end web development, Akash has worked with developing and documenting API libraries with Cymon.io, our open source threat intelligence aggregator.