Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
The internet company Cloudflare has indicated that for the period between September 22, 2016 and February 18, 2017 approximately 3,500 websites were vulnerable to interception of private data due to a data processing flaw. The vulnerability, known as “Cloudbleed”, has resulted in the potential exposure of user’s passwords and personally identifiable information. Up to this time, there is no direct indication that any of the potentially exposed data was accessed by hackers. Customers are advised to be vigilant of potential scam activities, as attackers are known to use media events to their advantage. eSentire’s security teams are monitoring this situation, further updates will be provided if feasible.
Customers should be aware that the Cloudbleed vulnerability only affected certain Cloudflare services. The official list of exposed websites has not been published yet. As per the Cloudflare statement, the greatest period of impact was likely from February 13 and February 18, 2017. During that period, around 0.00003% of HTTP requests processed through Cloudflare potentially resulted in random data leakage.
Depending on the sites accessed, the leaked information could include private messages from major dating sites, full messages from chat services, content from adult video sites, hotel bookings, online password manager credentials, and other types of sensitive data. Customers should be vigilant about any suspicious email communication imitating Cloudflare, and refrain from providing any information to unofficial enqueries or for the alleged purpose of validating the Cloudbleed exposure.