What We Do
How we do it
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
View Threat Intelligence Resources →
Mar 15, 2023
CVE-2023-23397 - Microsoft Outlook Elevation of Privilege Zero-Day Vulnerability
THE THREAT On March 14th, as part of Microsoft’s monthly Patch Tuesday release, the company disclosed a critical, actively exploited vulnerability impacting Microsoft Office and Outlook. The…
Read More
View all Advisories →
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
Mar 20, 2023
Exertis and eSentire Partner to Deliver 24/7 Multi-Signal MDR, Digital Forensics & IR Services and Exposure Management to Organisations Across the UK, Ireland, and Europe
Basingstoke, UK– 20 March, 2023. Leading technology distributor, Exertis, announced today that it has bolstered its cybersecurity services, adding eSentire, the Authority in Managed Detection and Response (MDR), to its Enterprise portfolio of offerings. eSentire’s award-winning, 24/7 multi-signal MDR, Digital Forensics & Incident Response (IR), and Exposure Management services will be available…
Read More
e3 Ecosystem
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Learn more
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Use Cases

Manage Your
Cyber Risk

Your attack surface is ever-changing, so the goal of your cybersecurity program should be to continuously assess and reduce cyber risk. Unfortunately, many organizations don’t truly understand the cyber risks they face. eSentire helps you proactively identify gaps and opportunities to accelerate risk mitigation and gain peace of mind.

Get Started

Maturity-based cybersecurity programs are no longer adequate for today's cyber risks

Build a cybersecurity strategy that reduces risk for your business’ most critical areas with 24/7 threat detection & response


We're here to help!

Submit your information and an eSentire representative will be in touch.

Our Current G2 Ratings
mdr Leader winter enterprise leader winter mid market highest adoption winter

Managed Detection and Response

security leader winter

System Security



of mid sized businesses don’t have a CISO1


new CVEs assigned in 20212


average total cost of a data breach3


of organizations cited challenges with maintaining regulatory compliance with increased remote work4

1Trends in Midsize Enterprise Security and Risk Management, Gartner 2021
22021 Threat Landscape Retrospective, Tenable
32021 Cost of a Data Breach Report, IBM
4State of Remote Work Security, Cybersecurity Insiders 2021

Adopt a Risk-Based Approach to Cybersecurity

As cyber risks grow in number and complexity, business leaders are left wondering just how effective their cybersecurity programs are. Although there are many approaches to developing and managing effective cybersecurity operations, the debate within the industry appears to be: should organizations adopt a maturity-based approach or a risk-based approach?

Using a Maturity-Based Approach: This is the traditional approach to managing cyber risk, wherein organizations aim to achieve a desired level of maturity by implementing certain capabilities and controls. This approach allows an organization to demonstrate the controls and defenses it has built based on standard industry frameworks such as NIST or CMMC.

Using a Risk-Based Approach: This approach allows business leaders to direct investments against the most pressing threats with the goal of effectively reducing risk over time. Since many cybersecurity leaders are forced to operate with limited resources, this more cost-effective approach leads to superior security outcomes when compared to maturity-based or compliance-based approaches.

So, why adopt a risk-based approach to cybersecurity? 

The drawback for a maturity-based approach is that this model may require a hefty financial investment if the focus is placed on building a multi-layer of defense against everything. On the other hand, by leveraging an approach centered on managing cyber risk, business leaders have the option to invest heavily in defenses for the vulnerabilities that affect the business’ most critical areas.

How eSentire Helps Manage Cyber Risk

We move your cybersecurity program ahead, proactively identifying gaps in distributed systems, and building comprehensive cybersecurity strategies that mitigate risk. You gain peace of mind as you build a more responsive security operation that aligns your business objectives with your unique risk and exposure.

A risk-based approach to your cybersecurity program should provide deep visibility into your environment with 24/7 threat detection and response. We recommend adopting a risk-based approach to cybersecurity that includes:

A comprehensive Vulnerability Management program enabling continuous awareness of the threat landscape, vulnerability scanning to understand which systems are inadvertently exposed, and disciplined patch management.

Phishing and Security Awareness Training (PSAT) for all employees to build a culture of cyber resiliency by leveraging a context-relevant training program and driving organizational behavioral change.

24/7 Managed Detection and Response (MDR) with multi-signal attack surface coverage, powered by a strong XDR platform foundation and human expertise, to identify, contain, and respond to threats that bypass traditional security controls.

Digital Forensics and Incident Response (DFIR) expertise through the engagement of an incident response provider on retainer who can support with Security Incident Response Planning, and Emergency Preparedness as well as incident response, remediation, digital forensics investigation, root cause analysis and crime scene reconstruction in the event of a breach.

At eSentire, we work with you to develop a risk-based approach to cybersecurity that aligns your investments to security outcomes that:

Alleviate resource constraints in your organization

Build an enterprise-level information security program, policies and procedures

Meet and exceed compliance requirements

Provide comprehensive threat landscape visibility

Align business objectives with your unique risk and exposure

Using the MITRE ATT&CK® Framework to Reduce Cyber Risk

What is the MITRE ATT&CK® Framework?

The ATT&CK framework is a curated knowledge base and model for cyber adversary behavior that reflects the phases of an adversary's attack lifecycle and the platforms they are known to target. The tactics, techniques, and procedures (TTPs) are derived from real-world observations of cyberattackers.

Cybercrime is continuously growing and evolving making it more difficult for organizations to defend themselves against cyberattacks. We recommend leveraging the MITRE ATT&CK® framework, which provides security leaders with an operational and tactical roadmap you can use to make decisions about where to apply your cybersecurity capabilities.

By using the framework to map the most commonly detected tactics, techniques, and procedures (TTPs), security leaders can start to enhance their cybersecurity programs in order to reduce your overall cyber risk.

What is the MITRE ATT&CK® Framework?

The ATT&CK framework is a curated knowledge base and model for cyber adversary behavior that reflects the phases of an adversary's attack lifecycle and the platforms they are known to target. The tactics, techniques, and procedures (TTPs) are derived from real-world observations of cyberattackers.

The advantage of rooting your decisions within the ATT&CK framework while using a risk-based approach to develop your cybersecurity program is that your team can identify the gaps and vulnerabilities specific to your business & industry, and allocate your security budgets to mitigate the most pressing vulnerabilities first.

However, many organizations are left wondering what happens once their coverage has been mapped. In other words, how can you translate the ones and zeros of the MITRE ATT&CK® language into the dollars and cents of costly business disruptions and irreparable reputational damage? How do you contextualize coverage in terms of quantifying risk reduction?

Leveraging a Risk-Based Approach to Cybersecurity with the MITRE ATT&CK® Framework

In this video Tia Hopkins, eSentire's Field CTO & Chief Cyber Risk Strategist, provides more insight into how you can leverage the MITRE ATT&CK Framework to improve your cybersecurity program by prioritizing security spend, modifying security operations processes, and making staffing and security team building decisions.


Contextualizing the MITRE ATT&CK® Framework for Risk Reduction

Read this report for insights from the eSentire Threat Response Unit (TRU) on how threat actors are taking advantage of weak cyber hygiene. TRU outlines why you should leverage the MITRE ATT&CK® framework to assess & quantify your cyber risk, and shares how you can reduce your overall business risk.

Cyberrisk mitre report image 2x
Download Now

Framework Tool

Try this tool to learn the top tactics and techniques used in cyberattacks that our Elite Threat Hunters and SOC Cyber Analysts have contained and remediated on our customers’ behalf. For each tactic, our threat researchers provide recommendations on how to improve your cybersecurity program and detail how eSentire can help protect your organization.

Cyberrisk mitre tool image 2x
Try The Tool

Quantifying Organizational Cyber Risk

While it’s not feasible to build business responses for each TTP found in the MITRE ATT&CK® framework, as a cybersecurity leader, you should familiarize yourself with the most common TTPs and understand the associated cyber risks you’re facing. Based on the severity of the observed technique, your team can build a proactive response designed to counter the cyber threat and reduce your business risk.

This is a crucial first-step in developing a risk-based approach to cybersecurity. The end goal is to look inward to identify the set of gaps and critical vulnerabilities that are most impactful for your specific business, and mitigate them first. To be successful in using a risk-based approach, here are some questions you can ask yourself:

Maturity-Based Approach vs. Risk-Based Approach: What’s the Right Answer?

Take Control of Cyber Risk

By utilizing a risk-based approach, instead of a maturity-based approach, your team will be able to maintain deep visibility into your environment for 24/7 threat detection and response. We recommend prioritizing your resources across three key services areas:

Managed Risk and Vulnerability

  • Button down initial access vectors
  • Develop robust security strategy, training initiatives, and testing cadence
  • Assessments and testing through Penetration Testing, Vulnerability Scanning, Red Team Operations, Security Awareness Training, and Phishing Programs
Learn More →

Managed Detection and Response

  • 24/7 threat detection, isolation, disruption, and containment of cyberattacks
  • Expertise to understand attacker presence, evaluate footholds, and battle persistent access attempts
  • Original threat research, compromise driven content development, and high velocity advisory insights
Learn More →

Digital Forensics and Incident Response

  • Emergency Incident Response support and Incident Response Retainer SLA with 4-hour threat suppression
  • Digital Forensics investigations and determination of breach extent with results that can bear scrutiny in court of law
  • Guidance through evidence handling, crisis communications, compliance notifications, and more
Learn More →

Managing Cyber Risk: Moving to a Risk-Based Security Approach

In this episode of Managing Cyber Risk, eSentire’s Tia Hopkins, Field CTO & Chief Cyber Risk Strategist, discusses the difference between cyber risk tolerance and risk appetite, why the risk-based cybersecurity approach is the best choice for your organization, and how you can get started.

Cybercrime Magazine · Managing Cyber Risk. Moving To A Risk-Based Security Approach. Tia Hopkins & Mark Sangster, eSentire

Security Leaders Count on eSentire

Mcsaatchi greyscale logo
We have been leveraging the Atlas platform for some time now and were pleased to see how easy it was to add endpoint protection to the suite of services we receive through the platform. It required very little work from our IT team and provides an additional layer of peace of mind in today’s uncertain environment."
Neil Waugh
Chief Information Officer | M&C Saatchi
Hks greyscale logo
Every time we call the eSentire SOC, we get a true security analyst on the first touch to walk us through our incidents clearly and efficiently. No other provider delivers such personalized service and expertise. Leveraging the eSentire Atlas platform, in conjunction with access to their sophisticated threat intelligence team, we have been able to cut our incident time to resolution in half."
Michael Smith
Vice President, Director of Information Technology | HKS
Privateequity quote Testimonial Thumbnail V2
eSentire’s Managed Vulnerability service is excellent! With eSentire’s guidance, we have been able to leverage the Tenable.io platform and uncover new features. They’ve provided expertise on a monthly basis to fully maximize the platform’s capabilities and help in prioritizing remediation actions to improve our overall security strategy."
Security Analyst
Private Equity Firm
View Case Studies and Reviews

Ready to get started?

We’re here to help! Submit your information and an eSentire Representative will be in touch to discuss how we can help you build a more responsive security operation today.