Get Started
What We Do
How We Do It
Resources
Company
Partners
Get Started
What we do
How we do it
Resources
Company
Partners
Request a Quote
What We Do
ESENTIRE SERVICES
Exposure Management Services

Cyber risk and advisory programs that identify security gaps and build strategies to address them.
Managed Detection and Response

MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Digital Forensics and Incident Response

Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
A coloured Microsoft logo which highlights eSentire MDR for Microsoft service in the top navigation menu. Learn more about how eSentire MDR for Microsoft detects, investigates, responds, and remediates threats 24/7 across your Microsoft ecosystem.
eSentire MDR for Microsoft

Visibility and response across your entire Microsoft security ecosystem.

Learn More
ESENTIRE PLATFORM AND PEOPLE
Extended Detection and Response (XDR)

XDR with Machine Learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Cyber Resilience Team

Be protected by the best from Day 1.
Security Operations Center (SOC)

24/7 Threat Investigation and Response.
Threat Response Unit (TRU)

Expert threat hunting, original research, and proactive threat intelligence.

TRU is foundational to our MDR service. No add-ons or additional costs required.

Learn More
How We Do
MDR Pricing

Flexible MDR packages that enhance your cyber resilience and security operations.

ESSENTIALS EXPERT ELITE
Request A Quote
USE CASES
Ransomware

Stop ransomware attacks before they disrupt your business.
Zero Day Attacks

Detect and respond to zero-day exploits.
Third-Party Risk

Protect against third-party and supply chain risk.
Cyber Risk

Adopt a risk-based approach to cybersecurity.
Sensitive Data Security

Protect your most sensitive data.
Cybersecurity Compliance

Meet cybersecurity regulatory compliance mandates.
Cloud Misconfiguration

Eliminate misconfigurations and policy violations.
Do More With Less

Prevent business disruption by outsourcing MDR.
INDUSTRIES
Insurance
Construction
Finance
Legal
Manufacturing
Private Equity
Healthcare
Retail
Food Supply
SLED
24/7 MDR SIGNALS
Network

Defend brute force attacks, active intrusions and unauthorized scans.
Endpoint

Safeguard endpoints 24/7 by isolating and mediating threats to prevent lateral spread.
Log

Enhance investigation and threat detection across multi-cloud or hybrid environments.
Cloud

Remediate critical misconfigurations, security vulnerabilities and policy violations across cloud and containerized environments.
Insider Threat

Detect malicious insider and identity-based behavior leveraging machine learning models.
Resources
VIEW BLOG
EXPLORE LIBRARY
View Advisories
TRU Intelligence Center

Our Threat Response Unit (TRU) publishes security advisories, blogs, reports, industry publications and webinars based on its original research and the insights driven through proactive threat hunts.

EXPLORE RESOURCES
Company
ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company's mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us
Leadership
Careers
EVENT CALENDAR
Sep
21
PXG Golf Club Fitting
Sep
24
2023 MISAC Annual Conference
Sep
25
InfoSec World
View Calendar
LATEST PRESS RELEASE
Sep 06, 2023
Cybersecurity Leader eSentire Announces Partnership with Kterio, the Leader in Building Data Control Solutions, to Reduce Cyber Risk and Prevent Business Disruption Across Critical Infrastructure Organizations

Waterloo, ON–September 6, 2023 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), and Kterio, the leading provider of smart building operating systems, today announced that they… READ NOW
View Newsroom
Partners
PARTNER PROGRAM
LEARN MORE
Apply to become an e3 ecosystem partner with eSentire, the Authority in Managed Detection and Response.
APPLY NOW
Login to the Partner Portal for resources and content for current partners.
LOGIN NOW
Search

Search our site

Quick Links

Multi-Signal Managed Detection and Response

We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
24/7 Global Security Operations Centers

See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
eSentire MDR Pricing

Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Cybersecurity Tools

Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
TRU Intelligence Center

Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
Case Studies and Customer Testimonials

See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
Get Started
Get Started
Build A Quote
Partner With Us

THREAT RESPONSE UNIT

Prevent the Most Advanced Cyberattacks from Ever Breaking Through

Stay ahead of sophisticated known and unknown cyber threats with proactive threat intelligence, original threat research, and a world-class team of seasoned industry veterans.

GET STARTED
×
 

Reclaim the Advantage Over Sophisticated Cybercriminals with Expert Threat Response

Modern threat response requires the ability to collect unstructured data from disparate sources associated with attacker tactics, techniques, and procedures (TTPs) and operationalize global protections – all in a timely manner.

Unfortunately, many in-house security teams don’t have the bandwidth or expertise to perform proactive threat hunting, conduct original threat research, and develop or deploy new threat detection rules.

The eSentire Threat Response Unit (TRU) is an industry-leading threat research team committed to helping your organization become more resilient. This is an elite team of threat hunters and researchers that supports our 24/7 Security Operations Centers (SOCs), builds threat detection models across the eSentire XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service.

By providing complete visibility across your attack surface and performing global threat sweeps and proactive hypothesis-driven threat hunts augmented by original threat research, we are laser-focused on defending your organization against known and unknown threats.

We prioritize creating and updating our detection rules and machine learning (ML) models regularly, so your security posture is hardened against the evolving threat landscape. Our content development is built upon the MITRE ATT&CK Framework® and is constantly fine-tuned for efficacy to reduce false positives.

Why Choose eSentire's Threat Response Unit (TRU)

TRU acts as an extension of your security team to build your cyber resilience and prevent business disruption. With TRU by your side, you can rest easy knowing that you’re protected by an MDR provider that law enforcement agencies rely on to identify threat actors and collaborate on threat intelligence.

Prepare and react to emerging, unknown cyber threats to prevent business disruption

TRU continuously monitors the threat landscape, publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.

Harden your toolkit with novel threat detection rules and advanced ML models

As a foundational component of the eSentire MDR service, TRU constantly builds and updates new threat detection rules and ML models across our eSentire XDR platform. These detections are further strengthened by robust investigative runbooks to support our SOC Cyber Analysts in their investigation and containment actions – on your behalf.

Go into battle with a team of industry veterans with real-world experience

TRU has discovered dangerous cyber threats and nation-state attacks (e.g., the Kaseya MSP breach and identities of hackers behind the more_eggs malware). With a 95% employee retention rate, TRU consists of highly certified, seasoned industry veterans who regularly hold threat briefings, share their expertise with industry publications, and have proven to be trusted sources for global law enforcement agencies.

WE OWN THE R IN MDR

See eSentire in Action

An effective defensive posture requires process, technology and most importantly human expertise for combat-level containment and response. You can’t battle these types of cyberattacks alone. Learn how eSentire MDR responded to emerging threats, including zero-day and ransomware attacks, with a balance of automated platform disruptions and hands-on expertise for investigation & manual cyber threat containment.

ZERO-DAY ATTACK

ZERO-DAY ATTACK

A Review of the Zero-Day Attacks Impacting the Kaseya VSA Platform

Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches.

WATCH NOW →
RANSOMWARE ATTACK

RANSOMWARE ATTACK

Malicious BestCrypt Detection Uncovers Full Blown Ransomware Attack at 3am

Watch this video to see how a Fortinet vulnerability led to a ransomware attack impacting 250 endpoints in a customer’s environment. Original detection engineering developed by TRU identified the malicious use of BestCrypt and our 24/7 SOC Cyber Analysts immediately contained the attack and reversed the encryption.

WATCH NOW →
×
 
×
 

Notable Threat Detections

WE STOP THREAT ACTORS IN THEIR TRACKS.
OTHERS CLAIM IT, WE PROVE IT.

Our Threat Response Unit (TRU) collects and processes threat intelligence from 54 commercial threat feeds and 10+ proprietary intel sources, the Dark Web, social media, security reports, positive SOC-driven threat investigations, and various third-party tools to conduct further investigations and identify potential Indicators of Compromise (IOCs).

Once a threat is discovered, eSentire TRU publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.

eSentire TRU has discovered some of the most dangerous cyber threats and nation-state attacks in our space. Last year, TRU built 520+ new detectors to protect our customers and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.

35%

Of threats are identified by TRU before they appear on commercial threat feeds.

12%

Of threats identified by TRU that are never seen in the commercial feeds we manage.

Original nation-state attacks and threats discovered by eSentire TRU:

1. The Kaseya Crypto-mining Attack

2. Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with more_eggs Malware

3. Malicious Google Ads to Lure Computer Users to Spoofed "Signal" and "Telegram" Websites

4. Hackers Flood the Web with 100,000+ Malicious Pages to Deliver Malware

5. Gootloader Hackers Poison Websites Globally to Infect Business Professionals with Ransomware

REPORT

The Hunt for VENOM SPIDER Part 2

Tracking the Real Mastermind Behind the Cyber Weapon of Choice for Two of Russia‘s Most Notorious Internet Crime Gangs

Download Now

Original Research and Publications

The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.

RANSOMWARE REPORT

The Impact of Geopolitical Tensions on the Evolution of Cybercrime

In this report, eSentire’s TRU and CrowdStrike partnered to highlight notable trends observed for ransomware attacks, how geopolitical tensions impact the evolution of cybercrime, and how you can better protect your organization against state-sponsored attacks.

DOWNLOAD THE REPORT

THREAT DISSECTION REPORT

Defending Against Modern Ransomware: Lessons from the SunWalker Incident

In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack that an eSentire customer faced in 2020 and how our team responded.

DOWNLOAD THE REPORT

Review more of our detailed Threat Dissections from the Threat Response Unit:

Threat Dissection: Emotet

Threat Dissection: Trickbot

Threat Dissection: Suspicious Remote Access

Endpoint Threat Dissection: Anatomy of a PowerShell Attack

EXPLORE RESOURCES IN OUR TRU INTELLIGENCE CENTER →

Read the Latest Security Advisories and TRU Positives

eSentire TRU regularly publishes Security Advisories, TRU Positives, and Malware Analyses on emerging cyber threats to arm you with the latest intel so you can make informed decisions that evolve with the threat landscape. TRU’s research routinely supports law enforcement agencies in their mission to unmask threat actors and stop cybercrime.

Static TRU logo Image

LATEST POST – Aug 22, 2023

Ivanti Zero-Day Vulnerability – CVE-2023-38035

THE THREAT On August 21st, 2023, Ivanti disclosed a new vulnerability impacting Ivanti Sentry (formerly MobileIron Sentry). Ivanti has confirmed limited exploitation occurred prior to the disclosure and release of security updates. The vulnerability, tracked as CVE-2023-38035 (CVSS: 9.8), is an API Authentication Bypass on Sentry Administrator Interface vulnerability. A remote and unauthenticated threat actor may exploit CVE-2023-38035 to access sensitive APIs used to…

READ NOW →

Aug 17, 2023

Citrix ShareFile Vulnerability Exploited

READ NOW →

Aug 03, 2023

Update: NetScaler ADC and Gateway Zero-Day Vulnerability

READ NOW →

Jul 18, 2023

NetScaler ADC and Gateway Zero-Day Vulnerability

READ NOW →

TRU Positives

Read the summaries of recent threat investigations, how our TRU team responded to confirmed threats, and recommendations on defending your organization from emerging threats.

Read the latest from our
TRU Team.

READ NOW

Cyber Threat Hunting Done Right

Adversaries don’t work 9-5 and neither do we.

By leveraging contextualized human-driven threat intelligence, original content on emerging cyber threats, 24/7 availability of Elite Threat Hunters, and advanced analytics based on the latest TTPs, TRU is committed to delivering the strongest MDR offering from eSentire.

eSentire TRU is foundational to our MDR service – no add-ons or additional costs required. You benefit from:

  • Curated Threat Intelligence
  • Threat Hunting
  • Mitigation Support for Zero-Day Threats
  • Original Threat Research
  • Proactive and Reactive Threat Sweeps
  • Live Defense Against Attackers
  • Updated Detection Rules
  • Monthly TRU Intelligence Briefings

Learn How Our Threat Response Solutions Safeguard Your Business

DATA SHEET
eSentire Threat Response Unit
VIEW DATA SHEET →
WEBINAR
TRU Intelligence Briefings
WATCH NOW →
REPORT
Disrupting Initial Access
DOWNLOAD NOW →

Security Leaders Count on eSentire

Wetherby greyscale logo
It’s a pleasure working with a group of people that know what they’re doing. They are an extension of the Wetherby technical security team.
Trevor Hicks
Principal and CTO | Wetherby Asset Management
A logo of eSentire’s customer, M&C Saatchi, placed alongside with a testimonial from the company’s Chief Information Officer, who describes how eSentire stands out from other MDR service providers.
With eSentire MDR we have gained visibility into attacks against our infrastructure and I have peace of mind knowing that we are defended by the best in the business with 24/7 SOC Cyber Analysts and Elite Threat Hunters who are bolstered by eSentire’s unique Threat Response Unit for original research, threat analysis and content development."
Neil Waugh
Chief Information Officer | M&C Saatchi
Venerable greyscale logo
A big part of why eSentire has shown value to us, in addition to the people, is how far ahead they are from a technology standpoint. eSentire gets ahead of the direction that we’re moving in before we know we’re heading in that direction."
Simon Scully
Assistant Vice President, IT Security - Security Operations | Venerable
CWS Apartment Homes grey
I have enjoyed having the additional security knowledge on my team. I sleep better at night."
David Greene
IT Vice President | CWS Apartment Homes, Inc.
Read more case studies and reviews →

Ready to start building a more resilient security operation today?

We're here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire Multi-Signal MDR service stops cyber threats before they impact your business.

ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
1-866-579-2200
The Authority in Managed Detection and Response
Get Started Partner Login
Sales and Customer Support
North America
1-866-579-2200 EMEA
(0)8000 443242 Africa/APAC
+1 519 651 2200
What we do
How we do it
Resources
Company
Tools

2023 eSentire, Inc. All Rights Reserved.