Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.
Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Seamless integration and threat investigation across your existing tech stack.
Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Extend your team capabilities and prevent business disruption with expertise from eSentire.
We balance automated blocks with rapid human-led investigations to manage threats.
Guard endpoints by isolating and remediating threats to prevent lateral spread.
Defend brute force attacks, active intrusions and unauthorized scans.
Investigation and threat detection across multi-cloud or hybrid environments.
Remediate misconfigurations, vulnerabilities and policy violations.
Investigate and respond to compromised identities and insider threats.
Stop ransomware before it spreads.
Meet regulatory compliance mandates.
Detect and respond to zero-day exploits.
End misconfigurations and policy violations.
Defend third-party and supply chain risk.
Prevent disruption by outsourcing MDR.
Adopt a risk-based security approach.
Meet insurability requirements with MDR.
Protect your most sensitive data.
Build a proven security program.
Operationalize timely, accurate, and actionable cyber threat intelligence.
THE THREAT In recent weeks, eSentire’s Threat Response Unit (TRU) has traced numerous email account compromise cases to infrastructure hosted on several related hosting…
Dec 10, 2024THE THREATUpdate: Security patches to address this vulnerability were released by Cleo on December 12th. Organizations need to update to Cleo Harmony, VLTrader, and LexiCom versions…
eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.
We provide sophisticated cybersecurity solutions for Managed Security Service Providers (MSSPs), Managed Service Providers (MSPs), and Value-Added Resellers (VARs). Find out why you should partner with eSentire, the Authority in Managed Detection and Response, today.
Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
Cyber insurance is commonly used by businesses to mitigate potential losses in the event of a breach. Although cyber insurance premiums have historically increased given an increasing amount of claims, in the past year, cyber insurance premium rates have actually decreased by 17%. This is despite a growing number of ransomware attacks and other cybersecurity-related incidents.
While cyber insurance may mitigate the financial impact of a breach event, it doesn’t reduce the likelihood of a major loss event occurring. This is largely because the cyber insurance claim process can be slow, frustrating, and often result in lower payouts than expected. Additionally, it doesn't expedite the initial incident response, forensic investigation, or return to business operations.
This is where breach protection warranties in an Managed Detection and Response (MDR) contract play a crucial role, offering additional layers of protection and support during a breach. However, these warranties come with specific conditions and limitations that can severely limit their effectiveness.
This process can be eye-opening for many who believed cyber insurance, or warranties would minimize the impact of a breach. Remember, data breach protection warranties and cyber insurance are not free; you are paying for them, and they should give you the exact coverage you need.
Therefore, it’s critical to understand exactly what’s covered and what’s not, before factoring cyber insurance or product warranties as part of the risk mitigation strategy for your organization.
Before you finalize your MDR provider, make sure you get clarity on your cyber insurance and breach warranty coverage. Here are some questions you should ask:
Before finalizing an MDR contract, make sure you’re having thorough discussions about warranty qualifications. Ask for a clear, written document outlining covered incidents, expense limitations, and any exclusions. For example, some MDR providers require every endpoint to be updated with the latest software to qualify for a warranty.
Other requirements may include:
Warranty qualifications clearly define the types of incidents covered under the MDR service's warranty program. This transparency prevents misunderstandings and ensures you know what expenses the provider will cover in case of a successful breach.
Knowing if existing customers have successfully activated the incident breach warranty provides insight into the provider's track record. A high activation rate suggests the qualifications are achievable in real-world scenarios.
If other customers have qualified, you have a benchmark for what constitutes a qualifying incident. This can help in contract negotiations to ensure the qualifications are fair and achievable. If the MDR provider is hesitant or avoids disclosing past warranty activations, it raises red flags indicating that they might be downplaying the difficulty of qualifying for the warranty.
Unclear communication about regional limitations can create mistrust and suggest that the MDR provider might be hiding unfavorable terms. If the warranty has regional limitations that don't align with your needs, you have leverage to negotiate for broader coverage during the contract phase. Understanding these restrictions upfront ensures that the warranty coverage aligns with your geographical risk profile.
According to Microsoft, 80-90% of ransomware attacks over the past year originated from unmanaged devices. The reality is that most organizations will have a mix of managed and unmanaged devices. Therefore, knowing if the warranty covers unmanaged devices helps you assess your overall risk profile.
You might be able to convince the MDR provider to extend the warranty to some or all unmanaged devices, potentially for an additional fee.
It's very difficult to find cyber insurance once a claim has been made. Plus, most warranties and insurance policies do not automatically cover secondary and tertiary incidents.
Make sure you understand whether your MDR warranty will continue to provide coverage for subsequent incidents after an initial claim. Ensure that you know the terms and conditions surrounding multiple incidents to avoid unexpected gaps in your protection.
Typically, MDR warranties won’t protect your organization in this scenario. So, if your organization plays any role in a third-party vendor supply chain, it’s essential for you to confirm this with your MDR provider. If your MDR provider says you’ll be covered, make sure the breach warranty specifically has it in writing.
On the other hand, cyber insurance coverage policies may offer either first-party or third-party coverage as part of the errors and omissions (E&O) insurance:
Choosing the right MDR provider involves more than just assessing technological capabilities. One critical, yet often overlooked, aspect is the warranty coverage that comes with an MDR contract. As a security leader, you must thoroughly understand these warranties to make informed decisions and ensure robust protection for your organization.
By gaining clarity on the warranty terms and asking the right questions, you can better evaluate the value and coverage offered by the MDR provider, ensuring that it aligns with your organization's risk management strategy and provides comprehensive protection.
To learn how we can help you choose the right coverage for your business and protect you from sophisticated cyber threats, connect with an eSentire cybersecurity specialist today.
As Senior Vice President, Security Services & Incident Response, Larry is responsible for shaping the eSentire Global Incident Response Program. He is a veteran of the digital forensics and incident response world, having accumulated over 21 years of experience leading the investigation of technology-based crimes.
Larry has completed many forensics training programs with the RCMP, OPP e-Crimes, FBI, National White-Collar Crime Committee and the International Association of Computer Investigative Specialists as well as with several technology vendors. Larry is a Certified Forensic Computer Examiner (IACIS 2001), and GIAC Certified Incident Handler. He has extensive experience testifying as a qualified expert in both criminal and civil matters.