eSentire media contact
CAMBRIDGE, ONTARIO – June
Market demand continues to climb, fueled by midsized businesses seeking turnkey managed threat detection and response services. Gartner states that “approximately 25% of all inquiries in 2017 related to acquiring security event monitoring services were specifically about MDR,” and predicts that “by 2020, 15% of organizations will be using MDR services, up from less than 5% today.”
“Digital transformation is outpacing the abilities of traditional prevention and protection security methods,” said Kerry Bailey, eSentire CEO. “Distributed assets and an expanding threat surface continue to accelerate business risk. Traditional prevention must be paired with detection and response. When we think about MDR evolution, complete visibility into a customer’s environment is foundational. Without enriched signals and deep forensic information from across endpoints, the network, cloud, and other log sources, it’s impossible to detect and respond to an attack in near real-time. Ultimately, it’s about disrupting your adversary before they cause a business altering event.”
According to the guide, “Gartner clients state that they want more comprehensive threat detection and response services that are typically provided by many MSSPs” and see the value in MDR services that include advanced detection and containment tools like managed endpoint and response (EDR).
Covert techniques targeting the endpoint are on the rise. eSentire Threat Intelligence reports that 91% of critical Q1 2018 security events resulted from endpoint events which retrieved and executed malicious code from remote sources through known, legitimate binaries, like PowerShell or MSHTA. These processes are used by opportunistic and targeted threats alike, allowing them to circumvent basic controls to deliver and install malware.
In late January 2018, an eSentire advanced threat analytics operation (powered by machine learning and coined “Blue Steel”), detected an adversary leveraging an unknown exploit in Kaseya’s Virtual System Administrator (VSA) product to deploy crypto miners across the infrastructure of a small number of eSentire customers. The attack broadly targeted the trusted system of MSPs and cloud platforms through Kaseya VSA endpoint agents for initial access to deliver malicious scripts. eSentire discovered the threat and notified Kaseya of the intrusions, resulting in multiple security fixes.
eSentire MDR aggregates and combines all signals across the entire threat surface at scale, with expert analysis augmented by machine learning. The company touts a 99.97% false positive reduction by maximizing security analyst efficiency through automated event suppression.
For more information about eSentire MDR, visit: https://esentire.com/capabilities/managed-detection-and-response/
eSentire® is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber attacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $5.7 trillion AUM in the financial sector alone, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.
Products, service names, and company logos mentioned herein may be the registered trademarks of their respective owners. All rights reserved.
* Gartner, Managed Detection and Response Services Market Guide, Toby Bussa, Kelly M. Kavanagh, Sid Deshpande, Craig Lawson, and Pete Shoard, June 2018.
Gartner Disclaimer: Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.