Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
We balance automated blocks with rapid human-led investigations to manage threats.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Defend brute force attacks, active intrusions and unauthorized scans.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT In recent weeks, eSentire’s Threat Response Unit (TRU) has traced numerous email account compromise cases to infrastructure hosted on several related hosting…
Dec 10, 2024THE THREATUpdate: Security patches to address this vulnerability were released by Cleo on December 12th. Organizations need to update to Cleo Harmony, VLTrader, and LexiCom versions…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
In the final installment of this three-part series on risk management, let’s look beyond the business crisis scenario of Covid-19. Consider this: are we simply experiencing a seasonal shift that returns to the norms of a pre-quarantine world or is this a climatic shift in the way we do business and view cybersecurity priorities going forward?
eSentire manages over $6 trillion in assets under management, a term we borrow from our hedge fund customers. In 2012, this industry segment was the core of our customer base. Together, we learned from Hurricane Sandy, the deadliest storm of the hurricane season. The storm killed 233 people in eight countries, affected 24 U.S. states, caused major flooding in Manhattan streets and subway tunnels and was responsible for $64 billion in damage.
That storm taught us two lessons. The first was that criminals take advantage of the havoc caused by natural disasters and other crises. Our security operations team studied traffic analytics for a three-month period around Hurricane Sandy. Data showed a 30 to 40 percent drop in network traffic across our client base located in New York City for the two weeks during and after the hurricane. However, the level of threats remained constant throughout. In fact, the week following the hurricane, attacks spiked by 30 percent!
Cybercriminals quickly moved to take advantage of chaos caused by the storm. Employees couldn’t get to work, blocked by flooded subway lines. And massive power outages ensured office buildings in Lower Manhattan were vacant. All that data just sitting there without the usual contingent of IT security supervisors … the world’s bank vault was open and the guards were stuck at home.
The second lesson was that disastrous events often reset the bar by which we define acceptable business operational policies. Disruption caused by Hurricane Sandy instantly became the new standard that business continuity (BCP) and disaster recovery (DR) plans were measured against. As the American Bar Association’s Cybersecurity Handbook puts it: “If a client’s disaster recovery plans cannot pass the ‘Hurricane Sandy test,’ such plans might also fail if cyber incidents caused prolonged disruptions.”
And most plans failed during Sandy. The majority of the client data for major financial institutions resided in data centers located in New Jersey, a quick ferry ride across the Hudson River. Turns out, category 2 hurricanes don’t follow state lines, operations were crippled and data was exposed during the cleanup. In hindsight, it’s an obvious flaw in any BCP/DR plan.
When the waters of Sandy, as well as Katrina receded, they left stains behind that marked the depth of the flooding. And Covid-19 will not only leave its mark as a worldwide human tragedy, but also will likely drive new models for business risk management. At this time, many of use are still working remotely, so we still don’t know if this is a seasonal migration or a climatic shift. When world economies open for business again, have we changed the way we do business more permanently?
For instance, are we moving into a world where banks are virtual? What constitutes a bank? Is it the physical structure, its assets or its customers’ data? Similarly, at a conference last year, the head of the Harvard Law School posited that the concept of the court was no longer an imposing building in the town square. Now, it’s the economic and quick disposition of legal decisions. It’s not about a building, it’s about its value to society. Likewise, the office tower may no eventually no longer serve as a vanity metric for successful companies.
I’ve often joked that we’ve shifted from the bring your own device (BYOD) model in which we use personal smartphones for business purposes to a broader spectrum of personal property for shared business operations. Now it’s BYOH: bring your office home.
How many firms will embrace the financial benefits of work from home? Assuming their business model survives to support remote workers (such as knowledge workers, customer service, call centers, etc.) and easily adapted to the quarantine. How soon will it be before the bean counters question the necessity of brick-and-mortar overhead?
From a risk management perspective, how would this shift affect security programs? For BYOD, mobile device management (MDM) tools were developed to better secure personal phones. You can bet venture capital firms already are looking to fund security startups that can better secure personal routers, provide the home office equivalent of easy-to-use commercial firewalls, etc. Endpoint suppliers also will ride this wave with brands such as CrowdStrike and VMware Carbon Black in the catbird’s seat.
If this shift is climatic, then the pandemic will have truly served as a forcing factor. Cybersecurity is no longer about perimeters. The analogy of a bank building with guards and a vault doesn’t work when the employees are not resident in the building, nor is the money (data) that has migrated to the cloud. It means cybersecurity professionals must shift their focus and thinking.
Embracing cybersecurity as a factor in corporate risk management means firms can adapt quickly. Risk management isn’t wedded to specific security paradigms or technologies; it is a fabric that expands to cover the full spectrum of a business. Companies that view security through the risk management lens can expand the aperture to focus on a wider field of view. Companies that view security through a static paradigm of rigid perimeters or physical structures will fail to adapt. And there are plenty of predators and criminals ready to pounce on those that fall behind the pack.
For more “how tos” on risk management and successful incident response planning, use this Pragmatic Security Event Management Playbook to identify possible gaps and ensure crucial steps are followed to contain and control damage and quickly return to normal operating conditions.
eSentire, Inc., the Authority in Managed Detection and Response (MDR), protects the critical data and applications of 2000+ organizations in 80+ countries, across 35 industries from known and unknown cyber threats by providing Exposure Management, Managed Detection and Response and Incident Response services designed to build an organization’s cyber resilience & prevent business disruption. Founded in 2001, eSentire protects the world’s most targeted organizations with 65% of its global base recognized as critical infrastructure, vital to economic health and stability. By combining open XDR platform technology, 24/7 threat hunting, and proven security operations leadership, eSentire's award-winning MDR services and team of experts help organizations anticipate, withstand and recover from cyberattacks. For more information, visit: www.esentire.com and follow @eSentire.