CAMBRIDGE, ONTARIO – July 12, 2017 – eSentire, Inc., the largest pure-play Managed Detection and Response (MDR) provider, today launched esLOGTM, the first logging and event management platform that supports real-time threat detection and response across the network, endpoint, and cloud services.
Unlike a traditional cloud-based Security Information and Event Management (SIEM) product or service, esLOGTM augments eSentire Managed Detection and ResponseTM (eSentire MDR), providing small, midsized, and large enterprises with complete security log aggregation and forensics capabilities without the complexity and costs associated with traditional SIEM solutions. esLOG enhances threat detection, improves forensic investigation and compliance reporting, and enriches eSentire MDR through comprehensive signal ingestion, enrichment, and threat investigation across on-premises sources and leading cloud-based applications.
“Integrating esLOG into our MDR service delivers end-to-end, enterprise-grade threat visibility and protection,” said Mark McArdle, CTO of eSentire. “In addition to supporting on-premises security technologies, the continued adoption of cloud-based services requires the ability to extend MDR visibility into the cloud. Securing the cloud is mission-critical and many organizations simply don’t know where to start. Traditional SIEM services are costly and complex for businesses who struggle with limited resources. And, traditional SIEM services cannot identify – much less respond – to new threats.”
In its Predicts 2017: Cloud Security report, Gartner states that: “The security posture of major cloud providers is as good as or better than most enterprise data centers, and that security should no longer be considered a primary inhibitor to the adoption of public cloud services. However, simply moving on-premises workloads to a public cloud doesn't automatically make these workloads more secure”1.
“Cloud service providers are in the business of protecting their business and operations from cyber-attacks, but cloud data that is accessed using phished or stolen user credentials, or exfiltrated by rogue insiders, is the liability of the individual or business, not the cloud service provider. This presents a new and risky challenge to businesses as they continue to migrate cloud workloads,” added McArdle.
esLOG core functionality includes:
- Security forensic enrichment – provides an additional rich context to unusual network, cloud, and endpoint activities, ensuring the full context of an attack is investigated.
- Log management – includes the collection, aggregation, and analysis of raw log data from network, cloud, endpoints, and applications, all in real-time.
- Log archiving – provides eSentire Security Operations Center (SOC) analysts the ability to conduct log forensic investigations, drill down into log details, and assist with root cause analysis on any security incident.
- Real-time alerting – signals eSentire SOC analysts of any suspicious activities and anomalies discovered from various log data in real-time.
- Log data visualizations – provides eSentire SOC analysts and clients with customizable dashboards, security visualizations, data drill-down capabilities, and root cause analysis.
- Co-management – facilitates a client’s access to run their own advanced search queries, generate alerts, manage profiles, run reports, and investigate events alongside eSentire SOC analysts.
eSentire’s award-winning MDR service has propelled the company’s success, cementing its leadership position within the MDR marketplace. As the largest pure-play MDR vendor, eSentire concluded a record year in 2016 and was included in Gartner’s 2017 Market Guide for Managed Detection and Response Services – a list of service providers that can support organizations seeking to improve their threat detection and incident response capabilities.
esLOG is available now. For more information about esLOG, visit: esLog datasheet, or call 1-866-651-2200.
About eSentire:
eSentire® is the largest pure-play Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber attacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $5.7 trillion AUM in the financial sector alone, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. In 2016, eSentire was named Best SME Cybersecurity Solution by SC Magazine and was included on Deloitte’s Technology Fast 500TM list. For more information, visit www.esentire.com and follow @eSentire.
1Gartner, Predicts 2017: Cloud Security, Jay Heiser, Steve Riley, Greg Young, Neil MacDonald, November 2016.
Gartner Disclaimer
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.
Products, service names, and company logos mentioned herein may be the registered trademarks of their respective owners. All rights reserved.
