Cyber risk and advisory programs that identify security gaps and build strategies to address them.
MDR that provides improved detection, 24/7 threat hunting, end-to-end coverage and most of all, complete Response.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Be protected by the best from Day 1.
24/7 Threat Investigation and Response.
Expert hunting, research and content.
Defend brute force attacks, active intrusions and unauthorized scans.
Protect assets from ransomware, trojans, rootkits and more.
Intelligence and visibility across AWS, O365, DevOps and more.
Configuration escalations, policy and posture management.
Detects malicious insider behavior leveraging Machine Learning models.
Detecting and Responding to Zero-Day AttacksVIEW NOW →
Our industry-renowned Threat Response Unit (TRU) has been recognized for its threat hunting, original research and content development capabilities. With eSentire TRU you gain leading threat intelligence and incredible cybersecurity acumen. This is an elite team of threat hunters and researchers, that supports our 24/7 Security Operations Centers (SOCs), builds detection models across our Atlas XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service . Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats.
Correlates, enriches and applies intelligence that enables proactive discovery of existing and emerging threats.
Develops proprietary detectors and runbooks that identify threats and streamline investigations based on real-world attacks.
Solves challenges in identifying potential threats posed by disparate data sets leveraging data science and machine learning.
Our Threat Response Unit (TRU) has discovered some of the most dangerous threats and nation state attacks in our space. Once a threat is discovered, eSentire TRU proactively hardens your defenses and immediately notifies the greater industry through the publication of Security Advisories, Threat Reports and White Papers. From research to response, TRU leverages enriched threat data and innovative methodologies to protect you with rapid detection models, augmenting our Atlas XDR Security Network Effects. Over the last year TRU built over 250 new detectors to protect our customers from advanced threats and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.
Of malicious IPs identified by eSentire in 2020, 35% were identified in advance of third-party threat feeds (including commercial and open source).
The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.
In this report we look at the emergence of Ransomware-as-a-Service, how criminals use ransomware to perform both opportunistic and targeted attacks, and the most popular initial ransomware attack access techniques.
In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack than an eSentire customer faced in 2020 and how our team responded.
Adversaries don’t work 9-5 and neither do we. Our 24/7 SOCs are staffed with Cyber Analysts and Elite Threat Hunters who hunt, drive detections, contain and respond within minutes to contain and remediate advanced persistent threats.
Our SOC team, and entire Managed Detection and Response operation are supported by our Threat
Response Unit, the heartbeat of our security ecosystem. TRU delivers proactive hunting, original
research, threat intelligence analysis and also builds detection models to augment our Atlas XDR
platform capabilities, advancing our human-led investigation and containment efforts.
Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats. They include Threat Intelligence, Tactical Threat Response, and Advanced Threat Analytics. Learn how each adds value and enriches your security posture, improving your overall security outcomes.
Our Threat Intelligence practice manages, creates and applies Threat Intelligence learnings across our
customer base. Our Threat Intelligence platform correlates and enriches intelligence extracted from daily
Security Operations Center (SOC) investigations and multiple third-party sources. Dedicated analysts
leverage enriched threat data and new intelligence— ranging from malicious IP addresses, malware
hashes, domains and more—to drive hypothesis driven hunts across our global customer base. This
integrated threat intelligence and service support is part of our core eSentire Managed Detection and
|OUR DIFFERENCE||Threat Intel Enrichment And Correlation||24/7 Threat Hunting And Complete Response||Threat Intel Participation And Contribution|
|YOUR RESULTS||We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment.||We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions.||Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community.|
Our Tactical Threat Response practice creates proprietary security content, detectors to alert on threats and runbooks to streamline investigations - all of which support our Managed Detection and Response (MDR) service. Our dedicated security experts manage the entire content creation process, which is informed by observations from our Security Operations Center (SOC), outputs from the other teams within the Threat Response Unit (TRU) and the MITRE ATT&CK framework. This modern threat response team manages the security content development roadmap to ensure your service is continuously hardened to keep up with the threat landscape. As is the case with all TRU team outputs, security content development by the Tactical Threat Response team is included as part of eSentire Managed Detection and Response (MDR) at no extra cost.
|OUR DIFFERENCE||Deep Research And MITRE Mapped Detections||eSentire Security Network Effects||Measurement And Continuous Improvement Of Detections|
|YOUR RESULTS||We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework.||We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business.||We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency.|
The Advanced Threat Analytics practice is our innovative threat research and development group. Our expert threat researchers concentrate on solving challenges posed by disparate data sets and expanding attack surfaces. Leveraging data science and machine learning expertise, the Advanced Threat Analytics team creates proprietary and proven models designed to identify threat actor tactics, techniques and procedures that traditional security tools miss. Our innovations, in combination with unique human expertise, accelerate investigations and threat hunts in our Security Operations Center (SOC). As is the case with all modern Threat Response Unit services, eSentire customers benefit from Advanced Threat Analytics expertise and outputs included in our core Managed Detection and Response (MDR) service.
|OUR DIFFERENCE||Research That Informs Machine Learning||5 Machine Learning Patents For Threat Detection And Data Transfer||Threat Hunting Is At The Core Of Our Service|
|YOUR RESULTS||Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science.||We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats.||We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting.|
LATEST POST - Sep 23, 2021
THE THREAT eSentire has observed a recent and significant increase in SolarMarker infections delivered through drive-by download attacks. These attacks rely on social engineering techniques to persuade users to execute malware disguised as document templates. SolarMarker is a modular information-stealing malware; infections may result in the theft of sensitive data including user…READ NOW →
Sep 22, 2021
Sep 21, 2021
Sep 14, 2021
In TRU Positives, eSentire’s Threat Response Unit (TRU) provides a summary of a recent threat investigation. We outline how we responded to the confirmed threat and what recommendations we have going forward.
Exceptional on-boarding experience, quick and simple. An incredibly great Security Operations Centre at the heart of their product suite. Always developing their product to meet their customers needs. Some of the best customer relationship management I have ever experienced."
The eSentire suite of services for monitoring, detecting and responding to security events, coupled with an extremely high level of customer service, equates to top-notch proactive and reactive security services."
I've been an eSentire costumer from their early days and have implemented their products at a number of firms I've run technology for. Their capabilities have grown over that time dramatically and I consider them to be a trusted partner and extension of my team when it comes to our cybersecurity program."
It has been a few years now since we migrated from one of the big MSSP players to eSentire and their MDR services. It may be the best decision I have ever made in my security career. I was incredibly impressed with their well defined process and talented staff at every level. I continue to praise their customer service, capability and responsiveness. I recommend them without hesitation."
We’re here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire Multi-Signal MDR stops threats before they impact your business.