Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
We balance automated blocks with rapid human-led investigations to manage threats.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Defend brute force attacks, active intrusions and unauthorized scans.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT On November 18th, 2024, Palo Alto disclosed a critical actively exploited authentication bypass zero-day vulnerability impacting Palo Alto Networks PAN-OS. The…
Nov 13, 2024THE THREAT Update: eSentire has observed multiple exploitation attempts targeting CVE-2024-8069. In real-world attacks, threat actors successfully achieved RCE and attempted to…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
With many organizations forced to rapidly implement work-from-home operating models—and with widespread uncertainty about how long such models will persist—endpoint security has never been more important. It’s against this backdrop that eSentire and VMware Carbon Black continue to build the success of our nearly five-year strategic partnership.
Why does this close relationship matter? The short answer is that the powerful combination of VMware Carbon Black’s products and eSentire’s Managed Detection and Response (MDR) delivers world-class managed endpoint security to our customers—especially now with the cloud-delivered availability of VMware Carbon Black Cloud Enterprise EDR for threat hunting and incident response.
For the longer, more detailed explanation, read on.
When the recent health pandemic struck, it accelerated two trends which had already been underway for quite some time.
First, with more powerful mobile devices and more reliable Internet connections, “work-from-anywhere” models have grown in popularity, with work-from-home a sub-category of this broader shift. One important outcome is that traditional security perimeters are all but disappearing—or, at the very least, evolving. In the not too distant past, most of an organization’s devices and systems—including its many endpoints—were located on a trusted network behind a perimeter consisting of firewalls, IDS/IPS and other security solutions. Those days are over.
Second, widespread adoption of cloud-based services was well underway before the pandemic. But the associated benefits of increased flexibility and reduced management overhead become even more valuable as employees around the world work from home. However, with that shift, your organization’s important applications and services are no longer housed in your secure datacenter, behind layers of security that you built and control.
Each of these trends has serious consequences for an organization’s cybersecurity posture and strategy; combined, they’re disruptive. Plus, threat actors have adjusted tactics to target unsuspecting home office workers in an attempt to gain access to corporate networks and valuable data. There’s no question that, for the foreseeable future, protecting distributed home offices should be a company’s number one priority.
And that’s a major reason why endpoint security is so important, now more than ever.
But “security” can be an ambiguous term, so we should be more specific. For an endpoint security strategy to be successful, it requires as a minimum two functional components:
The most effective way to deliver these functions is to run an agent directly on each endpoint, because doing so provides unmatched visibility into and—vitally—control over the device’s activity. This approach fills in gaps and re-strengthens the security posture by equipping security personnel with the tools needed to quickly investigate threats and take decisive, difference-making action to isolate devices and stop malicious processes.
Importantly, no one knows with any certainty when social distancing measures will be relaxed; moreover, many organizations are exploring (or have already announced) a permanent shift to a work-from-home-oriented operating model. So not only is it truly endpoint’s time to shine, but the investment has tremendous long-term value.
The telemetry that comes from agents running on countless endpoints—not to mention the range of other sources leveraged in MDR, including logs, cloud services and network traffic—can easily overwhelm private security operations centers (SOCs) and security teams. Even just a mid-sized organization can generate 10,000 events per day. How do you sift through those events, filtering out the noise to spot real threats, while avoiding false positives and false negatives—all without burning out your analysts?
And that’s where eSentire’s expertise comes into play. eSentire invented the MDR category and has spent almost two decades investing in proprietary data processing systems and management workflows which empower security analysts to keep pace with the enormous volume of events coming into our SOCs.
Plus, in the nearly five years during which our two companies have worked together, we have developed a tight technical integration and operational coordination, yielding tremendous benefits for our customers:
One of the major enablers of our operational effectiveness—and a reason why our joint customers get maximum protection—is that our organizations pioneered cloud-native solutions.
On first glance, “endpoint” and “cloud” might seem like an unlikely or unimportant combination, so let’s briefly take a closer look to see why being cloud-native is so crucial to both eSentire and VMware Carbon Black.
First, using an Infrastructure as a Service (IaaS) cloud offering can be an economically attractive alternative to building and operating your own data center. However, it’s vital to recognize that just because you run your servers on cloud infrastructure doesn’t mean you don’t need to have defenses in place.
When you operate physical servers, you protect them as you would any other endpoint through an agent providing prevention and control capabilities. You should do the same with the servers running in the cloud, which calls for a cloud-native endpoint security solution.
Second, the cloud provides capabilities that deliver important functional and operational advantages for VMware Carbon Black and eSentire, from which our joint clients benefit.
For example, the cloud provides a scalable location to house (storage) and process (compute) all the telemetry that is the foundation of threat detection; effectively and efficiently processing events allows eSentire’s SOC analysts to quickly investigate issues, reducing the mean time to resolution.
Moreover, relying on the cloud to manage deployments and distribute updates greatly simplifies the upgrade process, meaning more customers gain easier access to more capabilities—whether updates to existing products or upgrades to introduce entirely new functionality. In the reactive and dynamic world of cybersecurity, extensibility and flexibility helps to maximize a security posture,
And just to expand slightly on that final point: because VMware Carbon Black’s EDR products are managed in and delivered from the cloud, it’s straightforward for eSentire’s SOC analysts, threat hunters and sales engineers to configure and utilize the solutions—letting eSentire’s team deliver world-class MDR that maximizes protection.
These sudden changes in where an organization’s workforce resides has caused businesses of all sizes to grapple with a porous, nebulous “perimeter” and to scramble to stay ahead of emerging threats which attempt to compromise endpoints.
VMware Carbon Black’s single lightweight agent provides the NGAV and endpoint detection and response (EDR) features needed to conduct threat hunting in a secure environment.
esENDPOINT leverages this functionality, putting it in the hands of skilled SOC analysts and threat hunters within a pioneering MDR offering, creating a synergistic 1 + 1 = 3 scenario that leads to better protection.
As threat hunters and analysts identify new tactics, techniques and procedures (TTPs), informing the creation of new EDR capabilities, the partnership between our two companies will deepen and our joint customer base will continue to enjoy unparalleled protection against modern threats.
About eSentire
eSentire, Inc., the global leader in Managed Detection and Response (MDR), keeps organizations safe from constantly evolving cyberattacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $6 trillion AUM, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.
About VMware
VMware software powers the world’s complex digital infrastructure. The company’s cloud, app modernization, networking, security, and digital workspace offerings help customers deliver any application on any cloud across any device. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough technology innovations to its global impact. For more information, please visit >www.vmware.com/company.
VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions.
Charles "C.J." Spallitta is eSentire’s Chief Product Officer responsible for product vision, strategy, and execution. C.J.’s extensive experience in the enterprise security services space includes leadership and management roles with Hewlett Packard Enterprise (Executive Director of Worldwide Portfolio Management) and Verizon Enterprise Solutions (Executive Director, Global Security Product Management). In these roles, C.J. gained experience in the areas of product lifecycles, service developments, go-to-market strategies and pricing. C.J. holds a bachelor's degree in business administration in information systems and a master's degree of business administration from Loyola University.
Scott Lundgren is VMware Carbon Black’s Chief Technology Officer (CTO) and Chief Architect (CA), as well as a member of the Carbon Black founding team. As CTO and CA, Lundgren provides technical vision and strategic direction. He has experience across the security space, including hold technical leadership positions in offensive security research, development, and operations and defensive security operations and development, including at Microsoft. Lundgren earned a bachelor’s degree in electrical engineering and applied physics from Case Western Reserve University.