Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
We balance automated blocks with rapid human-led investigations to manage threats.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Defend brute force attacks, active intrusions and unauthorized scans.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT On October 23rd, Fortinet disclosed an actively exploited critical zero-day vulnerability impacting multiple versions for FortiManager. The vulnerability, tracked…
Oct 09, 2024THE THREAT Beginning in early September 2024, eSentire observed an increase in the number of incidents involving Lumma Stealer malware; this activity has remained common leading into…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
A top investment management firm seeks to continuously improve its security posture after being the target of a lengthy brute force attack on New Year’s Eve.
Wetherby Asset Management is a boutique portfolio management and wealth planning company with offices in San Francisco, New York and Los Angeles. Founded in 1990, it pioneered independent investment advice, separating fees from investment recommendations to focus on its clients’ best interests and carrying no internal products of its own.
Today, the 100 percent privately owned company has over 80 employees that focus on impact investing to align clients’ portfolios with their values. This has earned Wetherby a sought-after B Corp certification, proving that it meets the highest standards of verified social and environmental performance, public transparency, and legal accountability.
Wetherby has over $7.4B in assets under management up from $2.3B in 2011 and a 97 percent client retention rate.
When Wetherby‘s Principal and CTO Trevor Hicks joined the company in 2013, he found a company with little structure applied to its information security program.
The problem was twofold. First, Wetherby had struggled to keep up with the fast pace changes within the information security space. “The technology was the scaffolding, and it only got attention when it fell apart,” said Hicks.
The lack of technical staff led Wetherby to outsource most of its technology services, but without the internal resources to highlight issues that needed attention, the service providers were mostly reactive. The technology worked, but it was out of date and support was hard to find. Hicks knew hackers were targeting Wetherby, but the outdated infrastructure offered no network visibility, limiting threat intelligence.
The second problem was the lack of formalized security policies, procedures, and best practices for employees. Wetherby’s focus on business growth meant the team was stretched and it hadn’t invested in employee security policies and procedures.
Wetherby needed to overhaul its approach to security, otherwise a successful cyberattack was inevitable. Implementing a solution to reduce risk for this mid-sized organization with limited resources was going to take a clear understanding of the existing security threat landscape, and buy-in from senior management.
eSentire MDR for Network provides:
eSentire MDR provides threat protection capabilities that go beyond alerting to disrupt threats to protect Wetherby’s systems. With MDR for Network, we combine always-on full packet capture (PCAP) with proprietary attack pattern analysis and behavioral analytics to rapidly identify and block known threats and suspicious activity, and notify Wetherby’s security team of policy violations. MDR for Network automatically identifies and blocks thousands of cybersecurity events while giving Wetherby the network visibility it needed. “I call it the cornerstone of Wetherby security controls,” said Hicks.
Alerts are now configured for events such as remote desktop connections and SSH sessions, which provides Wetherby with the data needed to understand what is happening in our environment, as well as to support new security policies. “Sometimes, I just want to know who’s using FTP so I have better visibility into the tools that are being used in our environment. This information is incredibly valuable when thinking about our tehcnology and security roadmap,” he said.
eSentire MDR provides Wetherby with a much-needed layer of technical defense as a backstopfor the company’s cybersecurity awareness initiative.If an employee forgets their training and clicks on a malicious link in an email or tries to open an infected file, MDR can find out what page the malicious code contacted and what payload it tried to download.
Wetherby also replaced an entire cybersecurity program with eSentire Managed Risk - Managed Vulnerability Service which provides comprehensive risk identification and prioritization with unmatched accuracy across traditional enterprise IT assets. Hicks had previously commissioned annual penetration tests from a consultancy.
The pen tester had accessed its environment twice, but the remediation and testing cycle was too long. “You make fixes and then wait a year for the next testing cycle to find out if you scored any better,” Hicks said. “With Managed Vulnerability Service, we’re able to act on a constant cycle of improvement,” he added. Now, Wetherby can run a scan after every significant technical change it makes, leading to a cycle of continuous improvement.
The peace of mind that eSentire brings to Wetherby through automatic blocking and immediate alerting is of huge value. Besides the technology tools, eSentire’s SOC Cyber Analysts and Elite Threat Hunters provide expert help with emerging security issues the organization needs to be aware of.
“The SOC Cyber Analysts are incredibly knowledgeable, and if I need more information, they will find it for me,” he noted.
Hicks has proof that eSentire’s protection has stopped significant cyberattacks on the organization. On December 31, 2018, attackers began a sustained 12-hour brute force attack on the company.
“I think they chose New Year’s Eve because they thought we wouldn’t be watching,” he explained. But eSentire was watching. The SOC alerted Hicks via email that a sustained attack was coming from several European countries including Poland and the Netherlands.
“We blocked traffic from those countries for the duration of the attack so we could revisit it later,” he said. This enabled employees to enjoy their evening knowing that their systems were not in danger.
That incident showed up as a spike in brute force attack data in Wetherby’s next quarterly phone review with eSentire. These 15-minute sessions are valuable because they bring the team up to speed, explaining any issues that have arisen in the last three months.
eSentire’s regular reports also surface useful statistics that Hicks can use to prove the need for focused security investments to management. “Now I have reports and metrics that I can show to the rest of the firm and say, ‘it is an issue. People are targeting us, and we need to continue on our path to improve our security posture.’”
For a company dealing with so many high-value clients’ sensitive data, the online attacks are unlikely to stop. At least now, with an expert security team monitoring every network packet, Hicks and Wetherby know that someone has their back.
We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.