Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Safeguard endpoints 24/7 by isolating and remediating threats to prevent lateral spread.
Investigation and enhanced threat detection across multi-cloud or hybrid environments.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Customer testimonials and case studies.
Stories on cyberattacks, customers, employees, and more.
Cyber incident, analyst, and thought leadership reports.
Demonstrations, seminars and presentations on cybersecurity topics.
Information and solution briefs for our services.
MITRE ATT&CK Framework, Cybersecurity Assessment, SOC Calculator & more
eSentire will be hosting this event.
Join us for a live webinar with Keegan Keplinger, Research and Reporting…
eSentire will be hosting a virtual webinar.
Submit your information and an eSentire representative will be in touch.
Managed Detection and Response
Our industry-renowned Threat Response Unit (TRU) has been recognized for its threat hunting, original research and content development capabilities. With eSentire TRU you gain leading threat intelligence and incredible cybersecurity acumen. This is an elite team of threat hunters and researchers, that supports our 24/7 Security Operations Centers (SOCs), builds detection models across our Atlas XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service . Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats.
Correlates, enriches and applies intelligence that enables proactive discovery of existing and emerging threats.
Develops proprietary detectors and runbooks that identify threats and streamline investigations based on real-world attacks.
Solves challenges in identifying potential threats posed by disparate data sets leveraging data science and machine learning.
Our Threat Response Unit (TRU) has discovered some of the most dangerous threats and nation state attacks in our space. Once a threat is discovered, eSentire TRU proactively hardens your defenses and immediately notifies the greater industry through the publication of Security Advisories, Threat Reports and White Papers. From research to response, TRU leverages enriched threat data and innovative methodologies to protect you with rapid threat detection models, augmenting our Atlas XDR Security Network Effects. Over the last year TRU built over 250 new detectors to protect our customers from advanced threats and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.
Of malicious IPs identified by eSentire in 2020, 35% were identified in advance of third-party threat feeds (including commercial and open source).
Read this report to see how eSentire threat researchers discovered the identity of one of the threat actors behind the Golden Chicken malware and get lessons learned for defending your organization from this threat.
Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches.
In these 2018 and 2021 attacks, threat actors leveraged zero-day vulnerabilities to push Cryptomining malware and Ransomware to Kaseya VSA customers. Our BlueSteel Machine Learning Engine identified malicious Powershell commands being executed. eSentire’s actions to detect, respond and remediate these attacks demonstrate the importance of MDR services that go beyond alerting and host isolation to deliver complete & robust response.Learn More about the R in MDR →
The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.
In this report we look at the emergence of Ransomware-as-a-Service, how criminals use ransomware to perform both opportunistic and targeted attacks, and the most popular initial ransomware attack access techniques.
In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack that an eSentire customer faced in 2020 and how our team responded.
Adversaries don’t work 9-5 and neither do we. Our 24/7 SOCs are staffed with Cyber Analysts and Elite Threat Hunters who hunt, drive detections, contain and respond within minutes to contain and remediate advanced persistent threats.
Our SOC team, and entire Managed Detection and Response operation are supported by our Threat
Response Unit, the heartbeat of our security ecosystem. TRU delivers proactive hunting, original
research, threat intelligence analysis and also builds detection models to augment our Atlas XDR
platform capabilities, advancing our human-led investigation and containment efforts for modern threat response.
Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats. They include Threat Intelligence, Tactical Threat Response, and Advanced Threat Analytics. Learn how each adds value and enriches your security posture, improving your overall security outcomes.
Our Threat Intelligence practice manages, creates and applies Threat Intelligence learnings across our
customer base. Our Threat Intelligence platform correlates and enriches intelligence extracted from daily
Security Operations Center (SOC) investigations and multiple third-party sources. Dedicated analysts
leverage enriched threat data and new intelligence— ranging from malicious IP addresses, malware
hashes, domains and more—to drive hypothesis driven hunts across our global customer base. This
integrated threat intelligence and service support is part of our core eSentire Managed Detection and
|OUR DIFFERENCE||Threat Intel Enrichment And Correlation||24/7 Threat Hunting Enabling Complete Response||Threat Intel Participation And Contribution|
|YOUR RESULTS||We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment.||We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions.||Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community.|
Threat Intel Enrichment And Correlation
We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment.
24/7 Threat Hunting Enabling Complete Response
We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions.
Threat Intel Participation And Contribution
Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community.
Our Tactical Threat Response practice creates proprietary security content, detectors to alert on threats and runbooks to streamline investigations - all of which support our Managed Detection and Response (MDR) service. Our dedicated security experts manage the entire content creation process, which is informed by observations from our Security Operations Center (SOC), outputs from the other teams within the Threat Response Unit (TRU) and the MITRE ATT&CK framework. This modern threat response solutions team manages the security content development roadmap to ensure your service is continuously hardened to keep up with the threat landscape. As is the case with all TRU team outputs, security content development by the Tactical Threat Response team is included as part of eSentire Managed Detection and Response (MDR) at no extra cost.
|OUR DIFFERENCE||Deep Research And MITRE Mapped Detections||eSentire Security Network Effects||Measurement And Continuous Improvement Of Detections|
|YOUR RESULTS||We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework.||We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business.||We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency.|
Deep Research And MITRE Mapped Detections
We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework.
eSentire Security Network Effects
We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business.
Measurement And Continuous Improvement Of Detections
We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency.
The Advanced Threat Analytics practice is our innovative threat research and development group. Our expert threat researchers concentrate on solving challenges posed by disparate data sets and expanding attack surfaces. Leveraging data science and machine learning expertise, the Advanced Threat Analytics team creates proprietary and proven models designed to identify threat actor tactics, techniques and procedures that traditional security tools miss. Our innovations, in combination with unique human expertise, accelerate investigations and threat hunts in our Security Operations Center (SOC). As is the case with all modern Threat Response Unit services, eSentire customers benefit from Advanced Threat Analytics expertise and outputs included in our core Managed Detection and Response (MDR) service.
|OUR DIFFERENCE||Research That Informs Machine Learning||5 Machine Learning Patents For Threat Detection And Data Transfer||Threat Hunting Is At The Core Of Our Service|
|YOUR RESULTS||Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science.||We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats.||We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting.|
Research That Informs Machine Learning
Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science.
5 Machine Learning Patents For Threat Detection And Data Transfer
We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats.
Threat Hunting Is At The Core Of Our Service
We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting.
LATEST POST - Nov 21, 2022
THE THREAT eSentire is aware of public Proof-of-Concept (PoC) exploit code for the ProxyNotShell Exchange vulnerabilities (CVE-2022-41040 [CVSS:8.8], CVE-2022-41082 [CVSS:8.0]). The publication of this PoC code is expected to result in an increase in real-world attacks exploiting these vulnerabilities in the immediate future. The ProxyNotShell vulnerabilities impact Microsoft Exchange…READ NOW →
Nov 17, 2022
Nov 01, 2022
Oct 13, 2022
In TRU Positives, eSentire’s Threat Response Unit (TRU) provides a summary of a recent threat investigation. We outline how we responded to the confirmed threat and what recommendations we have going forward.
A big part of why eSentire has shown value to us, in addition to the people, is how far ahead they are from a technology standpoint. eSentire gets ahead of the direction that we’re moving in before we know we’re heading in that direction."
I have enjoyed having the additional security knowledge on my team. I sleep better at night."
It’s a pleasure working with a group of people that know what they’re doing. They are an extension of the Wetherby technical security team."
With eSentire MDR we have gained visibility into attacks against our infrastructure and I have peace of mind knowing that we are defended by the best in the business with 24/7 SOC Cyber Analysts and Elite Threat Hunters who are bolstered by eSentire’s unique Threat Response Unit for original research, threat analysis and content development."
We’re here to help! Submit your information and an eSentire representative will be in touch to share more benefits the TRU team provides.