eSentire MDR for Endpoint

Hunt and Isolate Endpoint Threats Fast, Before They Spread

Today’s endpoints are located across vast physical and digital environments, making traditional, point-solution endpoint approaches incomplete. eSentire’s comprehensive, multi-signal Managed Detection and Response (MDR) service provides advanced endpoint protection with 24/7 threat hunting, deep investigation and complete threat response. For the most elusive threats, our SOC Cyber Analysts and Elite Threat Hunters rapidly investigate and isolate compromised endpoints on your behalf, preventing lateral spread and business disruption. We work alongside you to determine root cause and corrective actions, ensuring you are protected and hardened against future business disruption.

eSentire MDR for Endpoint protects your assets 24/7 no matter where your users or data reside. We combine Elite Threat Hunting with endpoint threat prevention and endpoint detection and response (EDR) capabilities to eliminate blind spots, and detecting and stopping:

• Commodity Malware
• Ransomware
• Zero-day attacks
• Advanced Persistent Threats (APTs)
• Suspicious activity
• Abnormal behavior
• Fileless attacks
• Lateral movement

We go beyond standard MDR providers to provide complete endpoint response and remediation including:

• Preventing infected endpoints from spreading to other machines
• Isolating ransomware, data exfiltration and hands-on keyboard attackers
• Quarantining malicious files and terminating processes
• Stopping/removing service and registry keys
• System reboots

Cost-Effective Endpoint Protection and Flexible Bring Your Own License Options

Get Proactive, Prevention-First Endpoint Protection with the eSentire Agent

The eSentire MDR Agent offers a cost-effective prevention-first approach to stop ransomware and malware attacks using proprietary deep learning technology with incredible efficacy. It delivers incredible cybersecurity value with complete flexibility as part of our value-rich, full-service bundles for small and medium-sized businesses.

LEARN MORE ABOUT THE ESENTIRE MDR AGENT →

Our Best-of-Breed Ecosystem of Technology Partners

We also offer a flexible best-of-breed MDR approach that means we partner with leaders in endpoint, SIEM, cloud and vulnerability management including CrowdStrike, Microsoft, Sentinel One, VMWare Carbon Black, Sumo Logic, and Tenable. We can easily maximize your existing investment in security tools through our bring your own license or subscription (BYOL/ BYOS) services to support even more cost-efficient options.

Endpoint Threat Detection Engineering Driven by Industry Experts

We also go beyond other MDR providers by developing custom detection engineering based on our threat intelligence and proprietary Machine Learning (ML) applications that hunt and respond to endpoint threats.

eSentire’s Threat Response Unit (TRU) delivers counter-threat research and proprietary content to stay ahead of attackers targeting endpoints. TRU builds proprietary detectors for Indicators of Compromise (IOCs) and Tactics, Techniques, and Procedures (TTPs), all mapped to the MITRE ATT&CK framework. We publish original research and security advisories so you’re up to date on the latest cyber landscape and endpoint security risks.

Machine Learning Innovation: BlueSteel

eSentire feeds your endpoint telemetry through the BlueSteel engine. Advanced analytics and machine learning are then used to identify signs of malicious activity. We leverage BlueSteel to continuously enhance our endpoint detection capabilities and empower our Elite Threat Hunters to disrupt, contain and remediate endpoint threats.

BlueSteel in Action Against PowerShell

Following initial intrusion, many attackers pivot to PowerShell as a means to advance their objectives. PowerShell commands are easily obfuscated, meaning it’s easy for an attacker to hide malicious commands within script that otherwise appears normal. Using this technique, attackers can evade detection from endpoint protection technologies.

To solve this problem, eSentire’s TRU team created a proprietary application called BlueSteel, which analyzes all PowerShell commands from customer endpoints and classifies them as either malicious or benign. The BlueSteel technique is similar to SPAM classification, utilizing frequency analysis with terms and characters to differentiate between good and bad. The goal is to increase the accuracy of PowerShell threat detection beyond what endpoint protection provides using machine learning.

As PowerShell attacks continue to be leveraged by attackers, BlueSteel continues to learn and enhance its threat detection capabilities. Combining machine learning with elite threat hunting and applying it to eSentire’s MDR capabilities, our Security Operation Center(SOC) analysts are empowered to disrupt, contain and remediate threats like PowerShell everyday.

eSentire MDR for Endpoint vs. Other Managed Endpoint Providers

We Do More than Managed EDR - And Multi-Signal Matters

Our multi-signal approach ingests endpoint, network, log, cloud, identity, and vulnerability data that enables complete attack surface visibility. Automated blocking capabilities built into our eSentire XDR Cloud Platform prevent attackers from gaining an initial foothold while our expert Elite Threat Hunters can initiate manual containment at multiple levels of the attack surface. Through the use of host isolation, malicious network communication disruption, identity-based restriction and other measures, we can stop attackers at multiple vectors and help you build a more resilient security operation.