Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Visibility and response across your entire Microsoft security ecosystem.
XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert threat hunting, original research, and proactive threat intelligence.
TRU is foundational to our MDR service. No add-ons or additional costs required.
Stop ransomware attacks before they disrupt your business.
Detect and respond to zero-day exploits.
Protect against third-party and supply chain risk.
Adopt a risk-based approach to cybersecurity.
Protect your most sensitive data.
Meet cybersecurity regulatory compliance mandates.
Eliminate misconfigurations and policy violations.
Prevent business disruption by outsourcing MDR.
Meet insurability requirements with MDR.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and mediating threats to prevent lateral spread.
Enhance investigation and threat detection across multi-cloud or hybrid environments.
Remediate critical misconfigurations, security vulnerabilities and policy violations across cloud and containerized environments.
Detect malicious insider and identity-based behavior leveraging machine learning models.
Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
A top investment management firm seeks to continuously improve its security posture after being the target of a lengthy brute force attack on New Year’s Eve.
Wetherby Asset Management is a boutique portfolio management and wealth planning company with offices in San Francisco, New York and Los Angeles. Founded in 1990, it pioneered independent investment advice, separating fees from investment recommendations to focus on its clients’ best interests and carrying no internal products of its own.
Today, the 100 percent privately owned company has over 80 employees that focus on impact investing to align clients’ portfolios with their values. This has earned Wetherby a sought-after B Corp certification, proving that it meets the highest standards of verified social and environmental performance, public transparency, and legal accountability.
Wetherby has over $7.4B in assets under management up from $2.3B in 2011 and a 97 percent client retention rate.
When Wetherby‘s Principal and CTO Trevor Hicks joined the company in 2013, he found a company with little structure applied to its information security program.
The problem was twofold. First, Wetherby had struggled to keep up with the fast pace changes within the information security space. “The technology was the scaffolding, and it only got attention when it fell apart,” said Hicks.
The lack of technical staff led Wetherby to outsource most of its technology services, but without the internal resources to highlight issues that needed attention, the service providers were mostly reactive. The technology worked, but it was out of date and support was hard to find. Hicks knew hackers were targeting Wetherby, but the outdated infrastructure offered no network visibility, limiting threat intelligence.
The second problem was the lack of formalized security policies, procedures, and best practices for employees. Wetherby’s focus on business growth meant the team was stretched and it hadn’t invested in employee security policies and procedures.
Wetherby needed to overhaul its approach to security, otherwise a successful cyberattack was inevitable. Implementing a solution to reduce risk for this mid-sized organization with limited resources was going to take a clear understanding of the existing security threat landscape, and buy-in from senior management.
eSentire MDR for Network provides:
eSentire MDR provides threat protection capabilities that go beyond alerting to disrupt threats to protect Wetherby’s systems. With MDR for Network, we combine always-on full packet capture (PCAP) with proprietary attack pattern analysis and behavioral analytics to rapidly identify and block known threats and suspicious activity, and notify Wetherby’s security team of policy violations. MDR for Network automatically identifies and blocks thousands of cybersecurity events while giving Wetherby the network visibility it needed. “I call it the cornerstone of Wetherby security controls,” said Hicks.
Alerts are now configured for events such as remote desktop connections and SSH sessions, which provides Wetherby with the data needed to understand what is happening in our environment, as well as to support new security policies. “Sometimes, I just want to know who’s using FTP so I have better visibility into the tools that are being used in our environment. This information is incredibly valuable when thinking about our tehcnology and security roadmap,” he said.
eSentire MDR provides Wetherby with a much-needed layer of technical defense as a backstopfor the company’s cybersecurity awareness initiative.If an employee forgets their training and clicks on a malicious link in an email or tries to open an infected file, MDR can find out what page the malicious code contacted and what payload it tried to download.
Wetherby also replaced an entire cybersecurity program with eSentire Managed Risk - Managed Vulnerability Service which provides comprehensive risk identification and prioritization with unmatched accuracy across traditional enterprise IT assets. Hicks had previously commissioned annual penetration tests from a consultancy.
The pen tester had accessed its environment twice, but the remediation and testing cycle was too long. “You make fixes and then wait a year for the next testing cycle to find out if you scored any better,” Hicks said. “With Managed Vulnerability Service, we’re able to act on a constant cycle of improvement,” he added. Now, Wetherby can run a scan after every significant technical change it makes, leading to a cycle of continuous improvement.
The peace of mind that eSentire brings to Wetherby through automatic blocking and immediate alerting is of huge value. Besides the technology tools, eSentire’s SOC Cyber Analysts and Elite Threat Hunters provide expert help with emerging security issues the organization needs to be aware of.
“The SOC Cyber Analysts are incredibly knowledgeable, and if I need more information, they will find it for me,” he noted.
Hicks has proof that eSentire’s protection has stopped significant cyberattacks on the organization. On December 31, 2018, attackers began a sustained 12-hour brute force attack on the company.
“I think they chose New Year’s Eve because they thought we wouldn’t be watching,” he explained. But eSentire was watching. The SOC alerted Hicks via email that a sustained attack was coming from several European countries including Poland and the Netherlands.
“We blocked traffic from those countries for the duration of the attack so we could revisit it later,” he said. This enabled employees to enjoy their evening knowing that their systems were not in danger.
That incident showed up as a spike in brute force attack data in Wetherby’s next quarterly phone review with eSentire. These 15-minute sessions are valuable because they bring the team up to speed, explaining any issues that have arisen in the last three months.
eSentire’s regular reports also surface useful statistics that Hicks can use to prove the need for focused security investments to management. “Now I have reports and metrics that I can show to the rest of the firm and say, ‘it is an issue. People are targeting us, and we need to continue on our path to improve our security posture.’”
For a company dealing with so many high-value clients’ sensitive data, the online attacks are unlikely to stop. At least now, with an expert security team monitoring every network packet, Hicks and Wetherby know that someone has their back.
We’re here to help! Submit your information and an eSentire representative will be in touch to help you build a more resilient security operation today.