Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Defend brute force attacks, active intrusions and unauthorized scans.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT Beginning in early September 2024, eSentire observed an increase in the number of incidents involving Lumma Stealer malware; this activity has remained common leading into…
Oct 02, 2024THE THREATA recently disclosed vulnerability impacting Zimbra mail servers is being actively exploited by attacker(s). On September 27th, Zimbra publicly disclosed CVE-2024-45519, a…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
High Growth UK Software Company Uses Managed Detection and Response Services to Get New Levels of Visibility and Protection During its Digital Transformation to the Cloud
IRIS Software Group (IRIS) is a high-growth software company that has expanded beyond its core accounting focus into new markets including education, payroll and HR. It faces a unique challenge as it absorbs and manages disparate software systems and network infrastructures inherited from different acquisitions. Network visibility to monitor for cybersecurity threats is critical as it consolidates everything into a single standard technology stack.
The Business:
The eSentire Solution:
eSentire provides industry-defining, cloud-native Managed Detection and Response (MDR) that removes blind spots and enables 24/7 threat hunters to contain attacks and stop breaches within minutes.
UK-based IRIS has grown aggressively through acquisition and organic growth across a range of vertical sectors. As it took on more technology stacks from acquired companies, network visibility and management information--especially being able to identify nefarious activity--became increasingly important for IRIS. The business had reporting from its anti-malware software, but it wasn’t enough, explains David Adams, IT Technical Authority for the Group. “It gave us good visibility on viruses, malware, and malicious sites, but it didn’t give us the ability to see what was happening on the network,” he says.
To accelerate the adoption of new technologies and services that IRIS needed to move at the speed of business and the organisation’s growth, the company developed and began executing on a strategy to move software and workloads to the cloud. Given the additional layer of security complexity and risk cloud brings, IRIS knew they needed a service provider that would keep their hybrid environment secure.
IRIS is moving from almost 10 different CRM packages and multiple ERPs running on various companies’ premises to a single cloud-based model with single applications for ERP, CRM, and marketing. This will leave just a few internal applications handling licensing fulfillment and development engineering environments running on its premises.
This digital transformation required an expansion strategy that included a 100-point strategic security program to overhaul basic cybersecurity hygiene measures like patch management, and bring new security tools such as two-factor authentication to the cloud.
The company realised early on that it couldn’t tackle the challenges ahead and manage growing volumes of network traffic with a small security team. According to Adams, ”it was rapidly becoming apparent that we were going to go international.” IRIS had traditionally been a UK-centric business, however recognised that adversaries work around the clock and internationally.
Extending its cybersecurity coverage across its evolving environment and the need to provide around the clock detection and response, was beyond in-house capabilities, Adams recalls. “The ROI of bringing the expertise and commitment to running a 24/7 SOC is not there for an organization of our size” he said.
IRIS ran a thorough tender process and eSentire lined up against nine other candidates during its selection process. It was eSentire’s multi-signal approach to provide visibility across IRIS’ entire IT environment and its 24/7 monitoring that stood out, as well as its flexible approach to pricing and licensing.
The Group began by installing eSentire MDR for Endpoint, eSentire MDR for Network service and eSentire MDR for Log, leveraging the existing Sumo Logic investment at IRIS’ new flagship head office and datacentre. It also used a co-managed version of eSentire Managed Risk - Managed Vulnerability Service, that gave it full visibility into what was happening on its network.
Adams added an option to scan the Group’s external websites as part of that service, enabling it to scan the applications that run on those sites for vulnerabilities. IRIS provides access to several of its products through online portals, and it can feed that vulnerability information directly back to the engineering teams responsible. “We’ve used that to clear up some vulnerabilities that we had on those sites,” Adams says.
IRIS realised immediate benefits of eSentire services soon after deployment. eSentire Managed Risk - Managed Vulnerability Service revealed several vulnerabilities that could be addressed immediately.
“Even during the deployment period, the data that we looked at exposed a lot of information about our environment that we previously did not know” Adams recalls. “We were aware of vulnerabilities and issues that we had, but eSentire Managed Risk - Managed Vulnerability Service was able to highlight things that had not been caught with others.”
One unknown vulnerability that eSentire Managed Risk - Managed Vulnerability Service caught concerned a VoIP-enabled phone handset that had not been updated with a security patch. This left an open exploit on the phone, which was accessible from outside the network with no authentication. “This could have created a compliance issue, but was resolved,” he pointed out.
eSentire’s Threat Response Unit researches and identifies emerging threats on behalf of its customers and translates the threat into action the customer can take to harden their security stance. One such example involved a phishing attack involving links to Google Drive and Microsoft’s OneDrive. The attack payload would often ask victims to enter their corporate login credentials, IRIS was able to take this new information to spot and block URLs with telltale patterns.
eSentire also identified attack patterns in which threat actors would try to execute malicious code on IRIS’ network, through a website, and notified them of several scans looking for open ports on its firewall. The IRIS security team used this information to block the offending source IP, which originated in the Seychelles.
eSentire MDR for Log has provided unprecedented visibility across IRIS’ environment by gathering information from across its broad array of network products and endpoints. Before eSentire, it would have to manually log into network equipment and download log information manually for analysis, which is a daunting task for a small security team.
“It’s great to have a service that correlates all of that information together automatically, along with people experienced at spotting things outside the norm, investigating, and only alerting us if it’s something that we need to do something about,” Adams says, adding that it could continue to focus on core IT functions without the need to hire or build a Security Operations Centre (SOC) team.
With more large acquisitions planned this year, IRIS will need network visibility more than ever in the future. Partnering with eSentire gives it the platform it needs to deliver a strong cybersecurity strategy that will protect a company with aggressive growth ambitions.
We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.