eSentire MDR is about simplicity, not added complexity. Mitigating risk requires augmented security resources and a swift response. We empower our elite analysts with select, more effective detection tools, all operating at machine-scale. We uncover and disrupt cyber threats, from the simplest to the most sophisticated.

We are a partner that can amplify your in-house team, augment your MSSP, or be a full-service security solution. Based on your business and risk management needs, you choose the tier of services that best fits your company.

Security specific to you

Based on your business and risk management needs, you select from a spectrum of threat protection capabilities:

Rapid intrusion detection and response auto-detects and responds to known and unknown threats with:

  • Real-time blocking of IOCs, signatures, and previously unseen attacks, including phishing, malware, ransomware, and botnets
  • An extensive, proprietary rules library covering 40+ threat categories
  • Highly-customizable rules and policies, including executable whitelists, geo-IP, and blocking access to specific sites
     

Log aggregation for threat hunting enables log correlation and playbook development to support and guide analysts, regardless of the network size, by:

  • Aggregating and correlating log data to assist with reporting, compliance, and attack forensics
  • Finding, tracking, and mapping threats to affected resources by querying, exploring, and pivoting across logs
     

Insider and persistent threat detection, regardless of the tools, tactics, or procedures (TTPs) used, by focusing on the few fundamental adversary behaviors:

  • Automatically learns and constantly updates “normal” definitions for each host within a customer’s unique, growing, and changing environment
  • Understands and ties together internal reconnaissance, collection, and exfiltration behaviors across time and the network
  • Speeds investigations and provides comprehensive customer understanding with ThreatCases, contextual maps of unfolding threats
specArtboard 37 v2
Market Guide

Gartner 2019 Market Guide for MDR services

Read the report to learn more about the current MDR market and how you can evaluate services and providers.

Learn More

eSentire technologies

These threat protection capabilities are enabled by the esENDPOINT, esNETWORK, esLOG+, and esINSIDER technologies, and include:

  • Comprehensive data sources: north/south, east/west, endpoint activity, network sensors, log aggregation, netflow, DNS, proxy
  • Complete asset coverage: cloud, on-premises, and hybrid environments
  • Extensive human support: 24/7/365 SOC and advanced threat hunting

Technology partners

By working together with other industry-leading technology companies, we help you to reduce risks, protect your network, and realize lasting business value.

Integrated Technologies

chronicle logoChronicle’s Backstory platform empowers eSentire’s security experts with unmatched capabilities for threat hunting and incident investigation.
carbon blackCarbon Black’s Cb Response integrates into esEndpoint to continuously record and centralize all endpoint activity for eSentire’s Security Operations Center (SOC).
cyxteraCyxtera’s AppGate SDP zero-trust network offering delivers co-managed access to improve cloud policy enforcement, user access controls, and behavior-based response capabilities.
sumologic logoSumo Logic’s cloud-native solution integrates into esLog+ to provide full spectrum visibility to eSentire’s Security Operations Center (SOC).

Compatible Technologies

cisco vulnerabilityThe esNetwork sensor is built on Cisco’s UCS platform and provides eSentire’s Security Operations Center with a zero latency IPS/IDS and full packet capture (PCAP).
GarlandGarland Technology’s Aggregating Network TAPs hardware allows eSentire to capture and aggregate full duplex network traffic from copper and fiber sources.
palo alto logoPalo Alto Network’s SSL decryption ensures eSentire’s Managed Detection and Response customers have advanced protection across one of their biggest threat blind spots.
symantec logoSymantec’s SSL decryption ensures visibility into otherwise opaque network traffic and the ability for eSentire’s Security Operations Cetner (SOC) to detect and block malicious activity.
Capabilities

Security tailored to your risk profile

Safeguard your business operations with our expansive capabilities designed to fit a broad range of needs.

Risk Advisory services

Expert consultants who help your organization assess, improve, and test your current risk profile.

Managed Prevention

Next-generation threat prevention with continuous hardening against the evolving threat landscape.

Approach

Understanding how attackers think

Detect and disrupt known and unknown threats with the power of machine learning and the intuition of real people.

Ready to get started?
We're here to help.

Get Started
Reach out to schedule a meeting and learn more about our Managed Detection and Response, Risk Advisory and Managed Prevention capabilities.