Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Defend brute force attacks, active intrusions and unauthorized scans.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Defend brute force attacks, active intrusions and unauthorized scans.
THE THREAT On February 20th, ConnectWise confirmed that two recently disclosed ScreenConnect vulnerabilities are now under active exploitation. The vulnerabilities are currently tracked as…Feb 09, 2024
THE THREAT On February 7th, CISA, NSA, FBI, along with Five Eyes intelligence partners, published a joint advisory related to state-sponsored threat actors from the People’s Republic of…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
Waterloo, ON–February 7, 2024 – eSentire, Inc., the Authority in Managed Detection and Response (MDR), today announced that three of Australia’s top Value-Added Resellers (VARs): Advance Vision Technology, Exigo Tech, and Rubicon 8 have joined eSentire’s CRN 5-Star e3 partner…
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
We believe a multi-signal approach is paramount to protecting your complete attack surface. See why eSentire MDR means multi-signal telemetry and complete response.
See how our 24/7 SOC Cyber Analysts and Elite Threat Hunters stop even the most advanced cyberattacks before they disrupt your business.
Choose the right mix of Managed Detection and Response, Exposure Management, and Incident Response services to strengthen your cyber resilience.
Try our interactive tools including the MITRE ATT&CK Tool, the SOC Pricing Calculator, the Cybersecurity Maturity Assessment, and our MDR ROI Calculator.
Read the latest security advisories, blogs, reports, industry publications and webinars published by eSentire's Threat Response Unit (TRU).
See why 2000+ organizations count on eSentire to build resilience and prevent business disruption.
Unfortunately, many in-house security teams don’t have the bandwidth or expertise to perform proactive threat hunting, conduct original threat research, and develop or deploy new threat detection rules.
The eSentire Threat Response Unit (TRU) is an industry-leading threat research team committed to helping your organization become more resilient. This is an elite team of threat hunters and researchers that supports our 24/7 Security Operations Centers (SOCs), builds threat detection models across the eSentire XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service.
By providing complete visibility across your attack surface and performing global threat sweeps and proactive hypothesis-driven threat hunts augmented by original threat research, we are laser-focused on defending your organization against known and unknown threats.
We prioritize creating and updating our detection rules and machine learning (ML) models regularly, so your security posture is hardened against the evolving threat landscape. Our content development is built upon the MITRE ATT&CK Framework® and is constantly fine-tuned for efficacy to reduce false positives.
TRU acts as an extension of your security team to build your cyber resilience and prevent business disruption. With TRU by your side, you can rest easy knowing that you’re protected by an MDR provider that law enforcement agencies rely on to identify threat actors and collaborate on threat intelligence.
TRU continuously monitors the threat landscape, publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.
As a foundational component of the eSentire MDR service, TRU constantly builds and updates new threat detection rules and ML models across our eSentire XDR platform. These detections are further strengthened by robust investigative runbooks to support our SOC Cyber Analysts in their investigation and containment actions – on your behalf.
TRU has discovered dangerous cyber threats and nation-state attacks (e.g., the Kaseya MSP breach and identities of hackers behind the more_eggs malware). With a 95% employee retention rate, TRU consists of highly certified, seasoned industry veterans who regularly hold threat briefings, share their expertise with industry publications, and have proven to be trusted sources for global law enforcement agencies.
An effective defensive posture requires process, technology and most importantly human expertise for combat-level containment and response. You can’t battle these types of cyberattacks alone. Learn how eSentire MDR responded to emerging threats, including zero-day and ransomware attacks, with a balance of automated platform disruptions and hands-on expertise for investigation & manual cyber threat containment.
Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches.
Watch this video to see how a Fortinet vulnerability led to a ransomware attack impacting 250 endpoints in a customer’s environment. Original detection engineering developed by TRU identified the malicious use of BestCrypt and our 24/7 SOC Cyber Analysts immediately contained the attack and reversed the encryption.
Our Threat Response Unit (TRU) collects and processes threat intelligence from 54 commercial threat feeds and 10+ proprietary intel sources, the Dark Web, social media, security reports, positive SOC-driven threat investigations, and various third-party tools to conduct further investigations and identify potential Indicators of Compromise (IOCs).
Once a threat is discovered, eSentire TRU publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.
eSentire TRU has discovered some of the most dangerous cyber threats and nation-state attacks in our space. Last year, TRU built 520+ new detectors to protect our customers and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.
Of threats are identified by TRU before they appear on commercial threat feeds.
Of threats identified by TRU that are never seen in the commercial feeds we manage.
2. Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with more_eggs Malware
Read this threat report to see how the BatLoader and FakeBat Malware-as-a-Service (MaaS) crime groups are targeting Manufacturing, Software, Legal, Retail, and Healthcare companies.Download Now
The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.
Download our ransomware report to inform your cybersecurity strategies, reduce cyber risk, and see how to prepare for a ransomware attack.
In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack that an eSentire customer faced in 2020 and how our team responded.
eSentire TRU regularly publishes Security Advisories, TRU Positives, and Malware Analyses on emerging cyber threats to arm you with the latest intel so you can make informed decisions that evolve with the threat landscape. TRU’s research routinely supports law enforcement agencies in their mission to unmask threat actors and stop cybercrime.
THE THREAT On February 20th, ConnectWise confirmed that two recently disclosed ScreenConnect vulnerabilities are now under active exploitation. The vulnerabilities are currently tracked as CVE-2024-1709 (CVSS: 10) Authentication bypass, and CVE-2024-1708 (CVSS: 8.4) Path Traversal; both vulnerabilities impact ConnectWise ScreenConnect versions 23.9.7 and prior. Exploitation of these vulnerabilities would allow a remote and unauthenticated threat actor to execute code and…
Read the summaries of recent threat investigations, how our TRU team responded to confirmed threats, and recommendations on defending your organization from emerging threats.
Adversaries don’t work 9-5 and neither do we.
By leveraging contextualized human-driven threat intelligence, original content on emerging cyber threats, 24/7 availability of Elite Threat Hunters, and advanced analytics based on the latest TTPs, TRU is committed to delivering the strongest MDR offering from eSentire.
It’s a pleasure working with a group of people that know what they’re doing. They are an extension of the Wetherby technical security team.
With eSentire MDR we have gained visibility into attacks against our infrastructure and I have peace of mind knowing that we are defended by the best in the business with 24/7 SOC Cyber Analysts and Elite Threat Hunters who are bolstered by eSentire’s unique Threat Response Unit for original research, threat analysis and content development."
A big part of why eSentire has shown value to us, in addition to the people, is how far ahead they are from a technology standpoint. eSentire gets ahead of the direction that we’re moving in before we know we’re heading in that direction."
I have enjoyed having the additional security knowledge on my team. I sleep better at night."
We're here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire Multi-Signal MDR service stops cyber threats before they impact your business.