Get Started
What We Do
How We Do It
Resources
Company
Partners
Get Started
What we do
How we do it
Resources
Company
Partners
Get Started
What We Do
ESENTIRE SERVICES
MDR Icon
Managed Detection and Response

Combine cutting-edge XDR technology, multi-signal threat intelligence and 24/7 Elite Threat Hunters to help you build a world-class security operation.
All-In-One MDR Solution →
MDR for Microsoft →
MDR for GenAI →
DFIR Icon
Digital Forensics and Incident Response

Our team delivers the fastest response time in the industry. Threat suppression within just 4 hours of being engaged.

 Exposure Vulnerability and Risk Management Icon
Exposure Management Services

Cyber risk and advisory programs that identify security gaps and build security strategies to address them.
PLATFORM, PEOPLE AND RESPONSE
Security Operations Center (SOC)

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Extended Detection and
Response (XDR)

XDR with machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Technology Integrations

Seamless integration and threat investigation across your existing tech stack.
Threat Response Unit (TRU)

Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Cyber Resilience Team

Extend your team capabilities and prevent business disruption with expertise from eSentire.
Response and Remediation

We balance automated blocks with rapid human-led investigations to manage threats.
How We Do
24/7 MDR SIGNALS
Endpoint

Guard endpoints by isolating and remediating threats to prevent lateral spread.
Network

Defend brute force attacks, active intrusions and unauthorized scans.
Log

Investigation and threat detection across multi-cloud or hybrid environments.
Cloud

Remediate misconfigurations, vulnerabilities and policy violations.
Identity

Investigate and respond to compromised identities and insider threats.
INDUSTRIES
Insurance
Construction
Finance
Legal
Manufacturing
Private Equity
Healthcare
Retail
Food Supply
Government and Education
Automotive Dealerships
USE CASES
Ransomware

Stop ransomware before it spreads.
Cybersecurity Compliance

Meet regulatory compliance mandates.
Zero Day Attacks

Detect and respond to zero-day exploits.
Cloud Misconfiguration

End misconfigurations and policy violations.
Third-Party Risk

Defend third-party and supply chain risk.
Do More With Less

Prevent disruption by outsourcing MDR.
Cyber Risk

Adopt a risk-based security approach.
Cyber Insurance

Meet insurability requirements with MDR.
Sensitive Data Security

Protect your most sensitive data.
Security Leadership

Build a proven security program.
Cyber Threat Intelligence

Operationalize timely, accurate, and actionable cyber threat intelligence.
MDR Pricing

Three MDR package tiers are available based on per-user pricing and level of risk tolerance to enhance your existing defenses and resources.
EXPLORE MDR PACKAGES
Resources
VIEW ARTICLES
Resources
Case Studies
TRU Intelligence Center
Cybersecurity Tools
Videos
Reports
Webinars
Data Sheets
Real vs. Fake MDR
Compare MDR Vendors
Blogs
Security Advisories
EXPLORE LIBRARY
SECURITY ADVISORIES
Jan 09, 2025
Ivanti Connect Secure Zero-Day Vulnerability

THE THREAT On January 8th, Ivanti disclosed a zero-day critical vulnerability affecting Connect Secure, Policy Secure, and Neurons for ZTA gateways. CVE-2025-0282 (CVSS: 9.0)…

 Jan 08, 2025
Update: Malicious Chrome Extension Campaign

THE THREAT On December 27th, Cyberhaven confirmed that a malicious version of Cyberhaven’s Chrome extension was published and briefly available on the Google Chrome Web…
View Advisories
Company
ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us
Leadership
Careers
Event Calendar
Newsroom
EVENT CALENDAR
Jan
14
January TRU Intelligence Briefing
Jan
15
Security Leaders Dinner, Denver
Jan
16
FutureCon Los Angeles
Feb
11
February TRU Intelligence Briefing
Mar
11
March TRU Intelligence Briefing
View Calendar
LATEST PRESS RELEASE
Aug 09, 2024
eSentire Expands Partnership with TD SYNNEX to Bring eSentire’s Award-Winning, 24/7 MDR and SOC Services to Organizations Across North America

Waterloo, Ontario, August 12, 2024 — eSentire, a leading global Managed Detection and Response (MDR) provider, today announced it has expanded its partnership with TD SYNNEX, a leading global distributor and solutions aggregator for the IT ecosystem. eSentire’s all-in-one, 24/7…
View Newsroom
Partners
PARTNER PROGRAM

Apply to become an e3 ecosystem partner with eSentire today.
APPLY NOW

Login to the Partner Portal for resources and content for current partners.
LOGIN NOW
Search

Search our site

Quick Links

ALL-IN-ONE MDR SERVICE

Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC SUPPORT

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
ESENTIRE MDR PRICING

Three MDR package tiers are available based on per-user pricing and level of risk tolerance.
TRU INTELLIGENCE CENTER

The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
MDR VENDOR COMPARISONS

Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
MDR CASE STUDIES

See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
Get Started
Get Started
Build A Quote
Become A Partner
Home What We Do DFIR IR RETAINER

INCIDENT RESPONSE RETAINER

Industry-Leading Unlimited Incident Response Delivered Remotely Anywhere in the World

Through a combination of best-in-class digital forensics technology and the expertise of our elite incident responders, eSentire's Incident Response Retainer provides unlimited incident response with threat suppression guarantee delivered remotely, anywhere in the world.

GET STARTED

Be Ready with 24/7 Unlimited Incident Response

The reality is that no matter how strong your safeguards, how powerful or cutting-edge your technology, and how robust your processes are, cyber defenses can and will fail. How fast your organization contains and recovers from a security incident is critical to limiting business disruption, reducing costs, and recovering from reputational damage.

It is important to have an incident response provider engaged so that when an incident happens, you can react quickly. Having immediate access to an expert on-demand incident response service can be the difference between a catastrophic day and just another day at the office.

For most incident response providers, threat response means receiving a call back from their IR experts within 1 hour.

At eSentire our Incident Response Retainer goes further, providing unlimited incident response with threat suppression guarantee delivered remotely, anywhere in the world. Our eSentire Atlas XDR Investigator agents are deployed once our partnership begins, resulting in time to value that is unmatched industry wide.

This is a timeline image of eSentire's industry leading threat suppression guarantee. This is a timeline image of eSentire's industry leading threat suppression guarantee Mobile

What You Can Expect From
eSentire’s Incident Response Retainer

Unlimited Incident Response

Industry-Leading Threat Suppression Guarantee

Elite Global Expertise, On-Demand

Breakthrough Digital Forensics Technology

Full Support from Response to Recovery

OUR DIFFERENCE

Unlimited Incident Response

YOUR RESULTS

You never have to worry about unused IR hours or unexpected gaps in your Managed Detection and Response (MDR) service. We provide incident response support for unlimited incidents with a threat suppression guarantee with no limits on the size or frequency of response.

OUR DIFFERENCE

Industry-Leading Threat Suppression Guarantee

YOUR RESULTS

Get back to normal business operations in a matter of hours. We will respond and engage within one hour, guaranteeing threat suppression. Our strategically deployed eSentire Agent provides our team with immediate access to suppress any threat.

OUR DIFFERENCE

Elite Global Expertise, On-Demand

YOUR RESULTS

Priority access on-demand to our team of elite incident responders. No matter where you are, sleep easy knowing that a team of battle-tested cybersecurity experts with decades of technical leadership experience is standing by your side 24/7.

OUR DIFFERENCE

Breakthrough Digital Forensics Technology

YOUR RESULTS

Experience immediate time-to-value and get back to normal business operations within hours (vs. days or weeks) with industry-leading digital forensics and investigative tools, powered by the eSentire Agent, no matter the size or location of your organization.

OUR DIFFERENCE

Full Support from Response to Recovery

YOUR RESULTS

Get smooth recovery with full support through the investigative lifecycle, including the filing of cyber insurance claims, compliance & litigation evidence preservation, transitioning findings to law enforcement, supporting legal proceedings, expert witness testimony, and strengthening security gaps through the implementation of lessons learned.

Incident Response Retainer FAQ

View Now

Incident Response Retainer FAQ

What are Incident Response Retainer services?

An incident response retainer consists of established terms and conditions for incident response services made between cybersecurity providers and their clients. These term agreements guarantee that security services are provided to clients when they face a security breach and that threats will be contained. In many cases, the services provided include digital forensics and incident response so you can reconstruct the root cause of the incident, the affected systems, and attacker pathways in addition to helping preserve evidence and support with litigation, if required.

Why are Incident Response Retainer services important?

The increasing complexity and frequency of cyberattacks have placed a spotlight on the importance of vigilant and effective incident response. An incident response retainer provides immediate access to expert on-demand digital forensics and incident response services if an incident occurs. It ensures your team knows who to call when an incident occurs, bringing rapid control and stability to your organization. It allows your business to contain and recover from a security incident quickly to limit business disruption, reduce costs, and recover from reputational damage.

What is Threat Suppression vs. Response?

When considering response claims from incident response providers, it is important to understand what “response” really means. For most incident response providers, threat response means receiving a call back from their IR experts. However, some IR providers may provide a service level agreement that guarantees cybersecurity threats will be resolved as a part of incident response.

Threat suppression, on the other hand, includes actions taken by the IR experts to stop attackers from moving laterally across your environment.

At eSentire, we will respond and engage within one hour, providing unlimited incident response with threat suppression guarantee delivered remotely, anywhere in the world. We strategically pre-deploy the eSentire Agent, so our team has immediate access to suppress any threat.

How does eSentire’s Incident Response Retainer service work?

eSentire’s Incident Response Retainer provides end-to-end incident response guaranteeing that you’re prepared for the most advanced attacks. Through a combination of best-in-class digital forensics technology and the expertise of our elite incident responders, we provide unlimited incident response with threat suppression guarantee delivered remotely, anywhere in the world.

Contact us to learn more about eSentire’s Incident Response Retainer.

Why Choose eSentire for Incident Response Retainer Services

We deliver cutting-edge digital forensics, industry-leading threat intelligence, and powerful 24/7 Incident Response services and expertise.

Deployment

Threat Suppression Guarantee

Be assured that downtime is minimized with threat suppression efforts underway within one hour.

On-Site Incident Responders

Within 24 hours, we can deploy boots on the ground for on-site incident response management.

Rapid Deployment

Quickly mobilizes investigative toolset and expert responders providing critical visibility and support across your affected networks and assets.

Elite Tool Sets

To illuminate where attackers are present. Supports root cause analysis.

End-to-End Incident Management

Cyber Security Investigations team and supporting technologies cover the full incident response lifecycle.

Containment and Analysis

Unlimited Incident Response

Have peace of mind knowing that you are protected 24/7 with unlimited incident response support.

Managed Containment

Locks down and isolates threat actors preventing further spread and business impact.

Eradication Support 

Identifies exploited vulnerabilities, supports remediation of affected assets. 

Digital Forensic Analysis

Reconstructs the incident determining root cause, affected systems and attacker pathways.

Malware Analysis

We will detect and analyze malicious files and URLs for suspicious activities to gather a deep analysis and generate comprehensive reports.

Asset Handling

Secure and robust processes for asset handling and chain of custody support.

Critical Visibility

Deployment of commercially available and open-source tools, as needed, to collect endpoint telemetry, full network packets, netflow and log data from on-premises and cloud environments to provide multiple vantage points for analysis.

Confirmation

Ensures the network is secure and monitors for attacker response and persistence measures.

Determine the Extent

Litigation Support

Expert and fact witness testimony, if needed, is available.

Robust Reporting

Detailed findings from the investigations with lessons learned at the executive and technical level.

Compliance Satisfaction

Meets regulatory requirements with centralized collection, retention and reporting.

Evidence Preservation

Gathers and stores incident details that meet legal, insurance and regulatory requirements.

Our Flexible IR Retainer Options

Review our retainer tiers by clicking one of the options below.

Unlimited IR and Threat Suppression Guarantee

Threat Suppression Guarantee

One Hour Response

Basic

Recommended

IR RETAINER

Unlimited IR and Threat Suppression Guarantee

Our unlimited IR provides unlimited access to all the benefits of our Threat Suppression Guarantee for urgent incidents related to malware and Business Email Compromise (BEC) attacks. All the costs associated to incident response services are covered. Plus, depending on your cyber insurer, you may be able to reduce your cyber insurance policy costs.

Unlimited IR and Threat Supression Guarantee includes:

  • IR retainer activities
  • Threat Suppression Guarantee
  • 1 hour response
  • Secure storage of 32 days of forensic telemetry
  • Threat brief
  • eSentire Atlas Agents
  • Cyber intelligence advisories
  • One advisory service option
  • IR readiness assessment
  • Unlimited IR with MDR services
  • Onsite support available (US and Canada)

With eSentire premium retainer offerings, you can choose one of the following services each year:

  • Incident Response Plan Development
  • Incident Response Plan Assessment
  • Tabletop Exercise (TTE)
  • Dark Web Monitoring (One-time Scan)

Add-On Options:

  • Technical Investigations
  • eDiscovery Collection
  • Business Email Compromise
  • Due Diligence Security Review

IR RETAINER

Threat Suppression Guarantee

This premium IR retainer includes rapid one-hour response, pre- event IR Readiness consultation, your choice of security advisory services, and pre-event deployment of our leading-edge forensic technology, which translates to incredibly fast time-to-value. You also benefit from our Threat Suppression Guarantee, regardless of the MDR service provider you choose to use.

Threat Supression Guarantee includes:

  • IR retainer activities
  • Threat Suppression Guarantee
  • 1 hour response
  • Secure storage of 32 days of forensic telemetry
  • Threat brief
  • eSentire Atlas Agents
  • Cyber intelligence advisories
  • One advisory service option
  • IR readiness assessment
  • Onsite support available (US and Canada)

With eSentire premium retainer offerings, you can choose one of the following services each year:

  • Incident Response Plan Development
  • Incident Response Plan Assessment
  • Tabletop Exercise (TTE)
  • Dark Web Monitoring (One Time Scan)

Add-On Options:

  • Technical Investigations
  • eDiscovery Collection
  • Business Email Compromise
  • Due Diligence Security Review

IR RETAINER

One Hour Response

Our high value, low-cost retainer that includes one-hour incident response, a pre-event IR Readiness consultation, and on-site support in US or Canada if needed.

One Hour Response includes:

  • IR retainer activities
  • Cyber intelligence advisories
  • 1 hour response
  • IR readiness assessment
  • Threat brief
  • Onsite support available (US and Canada)

IR RETAINER

Basic

Our basic retainer ensures you have direct access to our elite team of Incident Responders for support during an active breach event to contain the threat.

Basic includes:

  • IR retainer activities

DATA SHEET

eSentire Incident Response Retainer

Download the data sheet to learn more about our Incident Response Retainer options.

DOWNLOAD NOW

eSentire's Digital Forensics Technology Advantage

Our powerful eSentire agent makes our threat suppression guarantee possible. This proprietary eSentire digital forensics tool enables our team to perform end-to-end investigations remotely and at unmatched velocity. We strategically deploy eSentire agents across your network and IT systems the moment you onboard as a customer. This allows eSentire to establish deep visibility and forensic capabilities in your environment before an incident ever occurs.

When a security incident requiring deep investigation does occur, you have the advantage. The agents give our Cyber Security Investigations team immediate access and forensic capabilities to actively start working to suppress the threat in your environment.

Benefits of leveraging the eSentire agent:

  • Unmatched time-to-value
  • Unparalleled depth of visibility & investigation data
  • Real-time visibility across all deployed assets
  • Accelerated incident response with reduced mean time to identify (MTTI) and mean time to contain (MTTC)
  • Forensically assured data at a fraction of the cost
  • Support for remote work setting investigations with low-bandwidth connections
  • e-Discovery and data collection for HR investigations, M&A activity, corporate security, and Personally Identifiable Information (PII) scanning
  • Trusted by government intelligence, federal law enforcement & military personnel
 

VIDEO

The eSentire Agent

Watch this video to learn how the eSentire Agent provides unparalleled insight into incident response, cyber threat hunting, digital forensic investigation, insider threat analysis and malware detection.

WATCH NOW
×
 

eSentire Digital Forensics and Incident Response’s Portfolio of Services

We can support you regardless of the incident response strategy you choose through our Digital Forensics and Incident Response (DFIR) service, which is available as an IR Readiness, Incident Response Retainer, or Emergency Incident Response Service:

IR Readiness Service

Our IR Readiness service removes administrative barriers that typically slows down incident response. We collect, store, and leverage relevant and meaningful data about your environment, pre-deploy forensic tools necessary to accelerate the IR process, and provide clarity regarding your true level of readiness.

Incident Response Retainer

Our Incident Response Retainer provides end-to-end incident management guaranteeing that you’re prepared for the most advanced attacks. Through a combination of best-in-class digital forensics technology and the expertise of our elite incident responders, eSentire's Incident Response Retainer provides unlimited incident response with threat suppression guarantee delivered remotely, anywhere in the world.

Emergency Incident Response Service

We provide Emergency Incident Response to anyone calling into our phone line (1-866-579-2200), if you suspect any malicious activities across your environment. We prioritize rapid deployment to stop the attack, contain threats and determine the full extent of the breach. After the incident, our experts support your recovery by assisting you with stakeholder reporting and strengthening security gaps.

Learn more about eSentire Digital Forensics and Incident Response (DFIR) Services

Experiencing a Breach?

CALL 1-866-579-2200

Security Leaders Count on eSentire

I have enjoyed having the additional security knowledge on my team. I sleep better at night."
David Greene
IT Vice President | CWS Apartment Homes. Inc.

Real Estate Industry

A logo of eSentire’s customer, CWS Apartment Homes, Inc., next to a testimonial which discusses how eSentrie managed phishing training and security awareness training keeps the organization’s environment secure 24/7.
eSentire provides a better security posture for our organization."
Shahab Kazim
Chief Technology Officer (CTO) | EnCap Investments LP

Finance Industry

En Cap Investments LP black
eSentire is an extension of our security and IT team. From the Customer Success Managers, Advanced Services Specialists all the way up to the Executive Management Team, we've seen endless value, tremendous customer support, quality and expertise. eSentire does a wonderful job of making sure we are wholly satisfied with the value we are seeing from their offerings."
Caili Preston
Information Security | Texas United Management

Manufacturing Industry

A logo of eSentire’s customer, Texas United Management, next to the quote from TUM’s Chief Information Officer who describes why eSentire stands out among MDR service providers.
eSentire’s Managed Vulnerability service is excellent! With eSentire’s guidance, we have been able to leverage the Tenable.io platform and uncover new features. They’ve provided expertise on a monthly basis to fully maximize the platform’s capabilities and help in prioritizing remediation actions to improve our overall security strategy."
Security Analyst

Private Equity

Private equity firm quote logo
Read more case studies and reviews →

Ready to Get Started with eSentire’s Incident Response Retainer?

We’re here to help! Submit your information and an eSentire representative will be in touch to discuss how eSentire’s Incident Response Retainer can ensure you quickly bring control and stability to the situation, if a breach should occur.

GET STARTED BUILD A QUOTE
ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
Call 1-866-579-2200

The Proven Choice for
Managed Detection and Response

GET STARTED PARTNER LOGIN

Sales and
Customer Support

NORTH AMERICA 1-866-579-2200 EMEA (0)8000-443242 ANZ/APAC 1-519-651-2200
What we do
How we do it
Industries
Use Cases
Resources
Tools
Company

2025 eSentire, Inc. All Rights Reserved.