What We Do
How we do it
Resources
SECURITY ADVISORIES
Nov 22, 2021
Microsoft Exchange Vulnerability - CVE-2021-42321
THE THREAT eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers. Prior to the patch release, Microsoft…
Read More
View all Advisories →
Company
ABOUT ESENTIRE
About Us
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 1000+ organizations in 70+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Read about how we got here
Leadership Work at eSentire
LATEST PRESS RELEASE
Oct 28, 2021
Telarus and eSentire Expand Partnership to Safeguard Enterprises Globally Against Business Disrupting Ransomware and Zero-Day Attacks
London, UK and Sydney, Australia– Oct. 28, 2021 - eSentire, recognized globally as the Authority in Managed Detection and Response (MDR), today announces the expansion of its partnership with Telarus, the largest privately-held distributor of business cloud infrastructure and contact centre services. Building on their mutual success across North America, Telarus will bring eSentire’s Managed…
Read More
Partners
PARTNER PROGRAM
Partners
Our award-winning partner program offers financial rewards, sales and marketing tools and personalized training. Accelerate your business and grow your revenue by offering our world-class Managed Detection and Response (MDR) services.
Learn about our Partner Program
PARTNER RESOURCES
Apply today to partner with the Authority in Managed Detection and Response.
Login to the Partner Portal for resources and content for current partners.
Search
What we do

CYBERSECURITY ASSESSMENT

Receive a free executive report.

Get Your Report
THREAT RESPONSE UNIT

An Elite Team of Threat Hunters and Researchers, That Works for You

eSentire’s Threat Response Unit (TRU) is a world-class team of threat researchers that works as an extension of your team, developing sophisticated hunting tools, new detections enriched by original threat intelligence, and new machine learning models that correlate multi-signal data and automate rapid response to advanced threats.

Start Hunting Threats Now
24/7 Threat Hunting
Elite Security Researchers
Sophisticated Threat Hunting Tools
Rapid Threat Detection
Machine Learning Applications

Threat Intelligence

Tactical Threat Response

Advanced Threat Analytics

TRU emblem transparent

Solving for new and emerging threats

Staying ahead of sophisticated threats requires the capacity to collect unstructured data from disparate sources associated to attacker tactics, techniques and procedures (TTPs) and operationalize global protections – all in a timely manner.

Our industry-renowned Threat Response Unit (TRU) has been recognized for its threat hunting, original research and content development capabilities. With eSentire TRU you gain leading threat intelligence and incredible cybersecurity acumen. This is an elite team of threat hunters and researchers, that supports our 24/7 Security Operations Centers (SOCs), builds detection models across our Atlas XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service . Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats.


eSentire’s Threat Response Unit


Threat Intelligence

Correlates, enriches and applies intelligence that enables proactive discovery of existing and emerging threats.

Tactical Threat Response

Develops proprietary detectors and runbooks that identify threats and streamline investigations based on real-world attacks.

Advanced Threat Analytics

Solves challenges in identifying potential threats posed by disparate data sets leveraging data science and machine learning.

Notable Threat Detections

WE STOP THREAT ACTORS IN THEIR TRACKS. OTHERS CLAIM IT, WE PROVE IT.

Our Threat Response Unit (TRU) has discovered some of the most dangerous threats and nation state attacks in our space. Once a threat is discovered, eSentire TRU proactively hardens your defenses and immediately notifies the greater industry through the publication of Security Advisories, Threat Reports and White Papers. From research to response, TRU leverages enriched threat data and innovative methodologies to protect you with rapid detection models, augmenting our Atlas XDR Security Network Effects. Over the last year TRU built over 250 new detectors to protect our customers from advanced threats and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.

Original Research and Publications

The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.

RANSOMWARE REPORT

Dissecting Today’s Ransomware Ecosystem

In this report we look at the emergence of Ransomware-as-a-Service, how criminals use ransomware to perform both opportunistic and targeted attacks, and the most popular initial ransomware attack access techniques.

Get Your Copy →

THREAT DISSECTION REPORT

Defending Against Modern Ransomware: Lessons from the SunWalker Incident

In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack than an eSentire customer faced in 2020 and how our team responded.

Download the Report →

Threat Hunting Done Right

Adversaries don’t work 9-5 and neither do we. Our 24/7 SOCs are staffed with Cyber Analysts and Elite Threat Hunters who hunt, drive detections, contain and respond within minutes to contain and remediate advanced persistent threats.

  • Real-Time Threat Intelligence
  • Patented Machine Learning Applications
  • Rapid Threat Detection
  • Elite Security Researchers
  • Artificial Intelligence Pattern Recognition
  • SOC as a Service Model
  • Multi-Signal Correlation
  • Complete Response

Our SOC team, and entire Managed Detection and Response operation are supported by our Threat Response Unit, the heartbeat of our security ecosystem. TRU delivers proactive hunting, original research, threat intelligence analysis and also builds detection models to augment our Atlas XDR platform capabilities, advancing our human-led investigation and containment efforts.

How It Works

Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats. They include Threat Intelligence, Tactical Threat Response, and Advanced Threat Analytics. Learn how each adds value and enriches your security posture, improving your overall security outcomes.

Our Difference. Your Results.

THREAT INTELLIGENCE

Our Threat Intelligence practice manages, creates and applies Threat Intelligence learnings across our customer base. Our Threat Intelligence platform correlates and enriches intelligence extracted from daily Security Operations Center (SOC) investigations and multiple third-party sources. Dedicated analysts leverage enriched threat data and new intelligence— ranging from malicious IP addresses, malware hashes, domains and more—to drive hypothesis driven hunts across our global customer base. This integrated threat intelligence and service support is part of our core eSentire Managed Detection and Response offering.

OUR DIFFERENCE Threat Intel Enrichment And Correlation 24/7 Threat Hunting And Complete Response Threat Intel Participation And Contribution
YOUR RESULTS We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment. We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions. Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community.

Our Difference Your Results


Threat Intel Enrichment And Correlation

We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment.


24/7 Threat Hunting And Complete Response

We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions.


Threat Intel Participation And Contribution

Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community.

TACTICAL THREAT RESPONSE

Our Tactical Threat Response practice creates proprietary security content, detectors to alert on threats and runbooks to streamline investigations - all of which support our Managed Detection and Response (MDR) service. Our dedicated security experts manage the entire content creation process, which is informed by observations from our Security Operations Center (SOC), outputs from the other teams within the Threat Response Unit (TRU) and the MITRE ATT&CK framework. This modern threat response team manages the security content development roadmap to ensure your service is continuously hardened to keep up with the threat landscape. As is the case with all TRU team outputs, security content development by the Tactical Threat Response team is included as part of eSentire Managed Detection and Response (MDR) at no extra cost.

OUR DIFFERENCE Deep Research And MITRE Mapped Detections eSentire Security Network Effects Measurement And Continuous Improvement Of Detections
YOUR RESULTS We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework. We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business. We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency.

Our Difference Your Results


Deep Research And MITRE Mapped Detections

We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework.


eSentire Security Network Effects

We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business.


Measurement And Continuous Improvement Of Detections

We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency.

ADVANCED THREAT ANALYTICS

The Advanced Threat Analytics practice is our innovative threat research and development group. Our expert threat researchers concentrate on solving challenges posed by disparate data sets and expanding attack surfaces. Leveraging data science and machine learning expertise, the Advanced Threat Analytics team creates proprietary and proven models designed to identify threat actor tactics, techniques and procedures that traditional security tools miss. Our innovations, in combination with unique human expertise, accelerate investigations and threat hunts in our Security Operations Center (SOC). As is the case with all modern Threat Response Unit services, eSentire customers benefit from Advanced Threat Analytics expertise and outputs included in our core Managed Detection and Response (MDR) service.

OUR DIFFERENCE Research That Informs Machine Learning 5 Machine Learning Patents For Threat Detection And Data Transfer Threat Hunting Is At The Core Of Our Service
YOUR RESULTS Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science. We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats. We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting.

Our Difference Your Results


Research That Informs Machine Learning

Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science.


5 Machine Learning Patents For Threat Detection And Data Transfer

We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats.


Threat Hunting Is At The Core Of Our Service

We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting.

Read the TRU Team’s latest Security Advisories outlining new detections and original research.

Security Advisory logo

LATEST POST - Nov 22, 2021

Microsoft Exchange Vulnerability - CVE-2021-42321

THE THREAT eSentire has identified publicly available Proof-of-Concept (PoC) exploit code, for the critical Microsoft Exchange vulnerability CVE-2021-42321. CVE-2021-42321 was announced as part of Microsoft’s November Patch Tuesday release. Exploitation would allow a remote threat actor, with previous authentication, to execute code on vulnerable servers. Prior to the patch release,…

READ NOW →

TRU Positives

In TRU Positives, eSentire’s Threat Response Unit (TRU) provides a summary of a recent threat investigation. We outline how we responded to the confirmed threat and what recommendations we have going forward.

Read the latest from our TRU Team.

Read Now
Venerable greyscale logo
A big part of why eSentire has shown value to us, in addition to the people, is how far ahead they are from a technology standpoint. eSentire gets ahead of the direction that we’re moving in before we know we’re heading in that direction."
Simon Scully
Assistant Vice President, IT Security - Security Operations | Venerable
CWS Apartment Homes grey
I have enjoyed having the additional security knowledge on my team. I sleep better at night."
David Greene
IT Vice President | CWS Apartment Homes, Inc.
Wetherby greyscale logo
It’s a pleasure working with a group of people that know what they’re doing. They are an extension of the Wetherby technical security team."
Trevor Hicks
Principal and CTO, Wetherby Asset Management
Mcsaatchi greyscale logo
With eSentire MDR we have gained visibility into attacks against our infrastructure and I have peace of mind knowing that we are defended by the best in the business with 24/7 SOC Cyber Analysts and Elite Threat Hunters who are bolstered by eSentire’s unique Threat Response Unit for original research, threat analysis and content development."
Neil Waugh
Chief Information Officer | M&C Saatchi

Ready to get started?

We’re here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire Multi-Signal MDR stops threats before they impact your business.