What we do
How we do it
Resources
Company
Partners
Get Started
What we do
How we do it
Resources
Company
Partners
Request a Quote
What We Do
ESENTIRE SERVICES
Managed Risk Programs

Cyber risk and advisory programs that identify security gaps and build strategies to address them.
Managed Detection & Response

MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Digital Forensics & Incident Response

Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
ESENTIRE PLATFORM
Atlas Extended Detection & Response (XDR)

XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
ESENTIRE PEOPLE
Team eSentire

Be protected by the best from Day 1.
Security Operations Center (SOC)

24/7 Threat Investigation and Response.
Threat Response Unit

Expert hunting, research and content.
ESENTIRE MDR FOR MICROSOFT

Visibility and Response Across Your Entire Microsoft Security Ecosystem

Learn More
How we do it
MDR PACKAGES AND PRICING
eSentire MDR Essentials
Multi-signal MDR services for small to medium businesses with 24/7 SOC support, threat hunting, and response expertise.
eSentire MDR Expert
Multi-signal MDR services with co-managed log service, Cyber Risk Advisor support, and added signal visibility and containment.
eSentire MDR Elite
Multi-signal MDR services with a dedicated Cyber Risk Advisor, risk reduction roadmap and executive meeting support.
 Request a Quote
INDUSTRIES
Insurance Construction Finance Legal Manufacturing Private Equity
USE CASES
Ransomware
Stop ransomware attacks before they disrupt your business.
Third-party Risk
Guard against third-party and supply chain risk.
Sensitive Data
Protect your most sensitive data.
Skills Gap
Let us act as an extension of your team.
24/7 MDR SIGNALS
Network

Defend brute force attacks, active intrusions and unauthorized scans.
Endpoint

Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Log

Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Cloud

Configuration escalations, policy and posture management.
Insider Threat

Detects malicious insider behavior leveraging Machine Learning models.
Resources
FROM THE BLOG
SolarMarker Delivered Via Google Groups Pages
Read more
MDR for Endpoint Identifies Exploitation of Sitecore Experience Platform…
Read more
Make Security Your Star Striker, Not Your Goalie
Read more
Visit the eSentire Blog →
RESOURCES
Case Studies

Customer testimonials and case studies.
White Papers

Analyst reports and thought leadership.
Reports

Incident Reports and threat dissections.
Webinars

Demonstrations and thought leadership.
Data Sheets

Information and solution briefs for our services.
Visit Resource Library →
SECURITY ADVISORIES
Nov 22, 2021
Microsoft Exchange Vulnerability - CVE-2021-42321
THE THREAT eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers. Prior to the patch release, Microsoft…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
EVENT CALENDAR
Dec
01
Automating Threat Detection and Response with Microsoft Azure Sentinel

Join Kurtis Armour, Director, Product Management for a briefing with Cloud…
Dec
02
Axe Throwing with eSentire

Join eSentire for an evening of axe throwing at Bury the Hatchet in New…
Dec
02
Digital Best Practice Exchange Series: Banking & Finance - Modernizing IAM

Join eSentire in the November Banking and Finance Digital Best Practice…
View Event Calendar →
LATEST PRESS RELEASE
Oct 28, 2021
Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks
London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More
View Newsroom →
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
PARTNER SERVICES
Malicious Activity Assessment
A 45 day of continuous network visibility assessment and cybersecurity scorecard.
Multi-Tenant Sensor (MTS)
MTS protects your customers’ networks 24/7 from today’s evolving threat landscape.
PARTNER RESOURCES
Apply today to partner with the Authority in Managed Detection and Response.
Become a Partner →
Login to the Partner Portal for resources and content for current partners.
Partner Login →
Search
Resources
Threat dissection

Anatomy of an Attack: Gaining Remote Access Using Valid Credentials

Download Now

With the increasing proliferation of the remote workforce, most organizations provide the ability for remote access into their networks, either via VPN, Citrix, or other access mechanisms. External remote services allow users to connect to internal network resources from external locations. Remote service gateways often manage connections and credential authentication for these services.

Adversaries who have obtained valid account credentials may leverage external remote services as a point of initial access into your network and a mechanism for establishing persistence. Attacks from external remote services are difficult to detect given the use of valid credentials to obtain initial access.

This gives the appearance of legitimate authentication to the services, therefore discovering the malicious activity before damage is done involves threat hunting expertise and advanced machine learning capabilities. Suspicious Remote Access can be leveraged in every stage of the “Cyber Kill Chain”, AKA attack path so vigilance in detecting adversary presence is key.

Read this threat dissection for more information on the challenges of suspicious remote access incidents and see how eSentire’s proprietary machine learning tools & MDR for Log work together to detect them.

Other Recommended Resources
Data Sheet
Managed Detection and Response
READ NOW →
Data Sheet
MDR for Network
READ NOW →
Blog
Depth and Breadth: Logs help empower Managed Detection and Response delivery
READ NOW →
Are you experiencing a security incident or have you been breached? Call us now.
1-866-579-2200
Sales and Customer Support
North America
1-866-579-2200 EMEA
(0)8000 443242 Africa/APAC
+1 519 651 2200 Partner Login
What we do
How we do it
Resources
Company

The Authority in Managed Detection and Response.

2021 eSentire, Inc. All Rights Reserved.