Get Started
What We Do
How We Do It
Resources
Company
Partners
Login
Get Started
What we do
How we do it
Resources
Company
Partners
Get Started
What We Do
CONTROLLED AUTONOMY SECOPS
Atlas Platform

Connects to any signal across any vendor stack and powers adaptive AI Operatives that expose, detect, and neutralize cyberattacks.

 Atlas Operations Center

See what our SOC sees, review investigations, and see how we are protecting your business.

 Technology Integrations

Atlas connects to any signal across 300+ vendor integrations. No rip and replace required.
EXPERT-VALIDATED DEFENSE
24/7 Security Operations Center

Extend your team with immediate expertise, hands-on remediation, and the human accountability layer that boards, regulators, and cyber insurers require.

 Threat Response Unit

Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.

 Response and Remediation

Pairs machine-speed containment with human judgment, delivering full threat response that's policy-bounded, reversible, and explainable.
ESENTIRE SERVICES
Managed Detection and Response

MDR that moves first, multi-signal attack surface coverage, and 24/7 Elite threat hunters working as one continuous security program across any vendor stack.
All-in-One eSentire MDR MDR for Microsoft
Digital Forensics and Incident Response

Get unlimited Incident Response with threat suppression guarantee- anytime, anywhere.
Autonomous Pen Testing & Continuous Threat Exposure Management (CTEM)

Full alignment to the five-stages of CTEM operations; scope, discover, prioritize, validate, and mobilize against exposures attackers would use against you.
How We Do It
MDR Packages and 24/7 Protection
MDR Pricing and Packages

Flexible MDR pricing and packages that fit your unique security requirements.
Atlas Essentials

Entry level foundational MDR coverage
Atlas Advanced

Comprehensive Next Level eSentire MDR
Atlas Complete

Next Level eSentire MDR with Cyber Risk Advisors to continuously advance your security program
Explore MDR Packages Build Your MDR Package
24/7 Coverage
Endpoint
Network
Log
Cloud
Identity
INDUSTRIES
Insurance Construction Finance Legal Manufacturing Private Equity Healthcare Retail Food Supply Government and Education Automotive Dealerships
USE CASES
Ransomware

Stop ransomware before it spreads.

 Identity Response

Stop identity-based cyberattacks.

 Zero Day Attacks

Detect and respond to zero-day exploits.

 Cybersecurity Compliance

Meet regulatory compliance mandates.

 Third-Party Risk

Defend third-party and supply chain risk.

 Cloud Misconfiguration

End misconfigurations and policy violations.

 Cyber Risk

Adopt a risk-based security approach.

 Mid-Market Security

Mid-market security essentials to prioritize.

 Sensitive Data Security

Protect your most sensitive data.

 Cyber Insurance

Meet insurability requirements with MDR.

 Cyber Threat Intelligence

Operationalize cyber threat intelligence.

 Security Leadership

Build a proven security program.
Resources
Resources
Resource Library Video Library Case Studies Compare MDR Vendors TRU Intelligence Center Monthly Threat Intelligence Briefings Cybersecurity Tools Cybersecurity Glossary Real vs. Fake MDR Blogs Security Advisories
SECURITY ADVISORIES
May 06, 2026 Palo Alto PAN-OS Zero-Day Vulnerability (CVE-2026-0300)

On May 5th, 2026, Palo Alto Networks disclosed CVE-2026-0300 (CVSS: 9.3), a critical zero-day buffer overflow vulnerability that impacts the User-ID Authentication Portal (aka Captive…

Read More
Apr 30, 2026 CVE-2026-41940 – cPanel & WHM Authentication Bypass Vulnerability

On April 29th, 2026, cPanel disclosed a critical Authentication Bypass vulnerability, tracked as CVE-2026-41940 (CVSS 9.8), that impacts the control panel solutions cPanel and Web Host…

Read More
View Advisories
From The Blog
May 06, 2026 Atlas User Reported Phishing Is Now Live
Read More
Apr 20, 2026 Six Days Ahead: How eSentire Detected NetScaler Exploitation Before the…
Read More
Apr 16, 2026 Multi-Stage SEO Poisoning Campaign Targets Chinese-Speaking Developers…
Read More
VIEW ARTICLES
Company
ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us Leadership Careers Event Calendar Newsroom Aston Villa Football Club
EVENT CALENDAR
May
07
Seattle FutureCon
May
12
May TRU Intelligence Briefing
May
21
Pittsburgh FutureCon
Jun
09
June TRU Intelligence Briefing
Jun
11
Kansas City FutureCon
View Calendar
LATEST PRESS RELEASE
Mar 19, 2026 eSentire Appoints Cybersecurity Industry Veteran James C. Foster as Chief Executive Officer Read More
View Newsroom
OUR PARTNERSHIPS
Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More
Partners
PARTNER PROGRAM

Apply to become an e3 ecosystem partner with eSentire today.
APPLY NOW

Sign in to the Partner Portal to access exclusive resources, campaigns, training, sales tools, and support.
LOGIN NOW
Search

Search our site

Quick Links
ALL-IN-ONE ESENTIRE MDR

Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC SUPPORT

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
MDR PRICING AND PACKAGES

We offer three flexible MDR pricing packages that can be customized to your unique needs.
TRU INTELLIGENCE CENTER

The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
MDR VENDOR COMPARISONS

Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
MDR CASE STUDIES

See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
Get Started
Get Started
Build A Quote
Become A Partner
Breached?
Call Us Now
Home What We Do TRU

THREAT RESPONSE UNIT

Prevent the Most Advanced Cyberattacks from Ever Breaking Through

Stay ahead of sophisticated known and unknown cyber threats with proactive threat intelligence, original threat research, and a world-class team of seasoned industry veterans.

GET STARTED
GET STARTED
×
 

Jump To

eSentire TRU

TRU in Action

Notable Threat Detections

Research and Publications

Security Advisories

Customer Reviews

Reclaim the Advantage Over Sophisticated Cybercriminals with Expert Threat Response

Modern threat response requires the ability to collect unstructured data from disparate sources associated with attacker tactics, techniques, and procedures (TTPs) and operationalize global protections – all in a timely manner.

Unfortunately, many in-house security teams don’t have the bandwidth or expertise to perform proactive threat hunting, conduct original threat research, and develop or deploy new threat detection rules.

The eSentire Threat Response Unit (TRU) is an industry-leading threat research team committed to helping your organization become more resilient. This is an elite team of threat hunters and researchers that supports our 24/7 Security Operations Centers (SOCs), builds threat detection models across the Atlas Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service.

By providing complete visibility across your attack surface and performing global threat sweeps and proactive hypothesis-driven threat hunts augmented by original threat research, we are laser-focused on defending your organization against known and unknown threats.

We prioritize creating and updating our detection rules and machine learning (ML) models regularly, so your security posture is hardened against the evolving threat landscape. Our content development is built upon the MITRE ATT&CK Framework® and is constantly fine-tuned for efficacy to reduce false positives.

Why Choose eSentire's Threat Response Unit (TRU)

TRU acts as an extension of your security team to build your cyber resilience and prevent business disruption. With TRU by your side, you can rest easy knowing that you’re protected by an MDR provider that law enforcement agencies rely on to identify threat actors and collaborate on threat intelligence.

Prepare and react to emerging, unknown cyber threats to prevent business disruption

TRU continuously monitors the threat landscape, publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption. Threat advisories and daily briefings are available in the Atlas Operations Center, so you always have access to the latest threat intelligence.

Harden your toolkit with novel threat detection rules and advanced ML models

As a foundational component of the eSentire MDR service, TRU constantly builds and updates new threat detection rules and ML models across the Atlas Platform. These detections are further strengthened by robust investigative runbooks to support our SOC Cyber Analysts in their investigation and containment actions – on your behalf.

Go into battle with a team of industry veterans with real-world experience

TRU has discovered dangerous cyber threats and nation-state attacks (e.g., the Kaseya MSP breach and identities of hackers behind the more_eggs malware). With a 95% employee retention rate, TRU consists of highly certified, seasoned industry veterans who regularly hold threat briefings, share their expertise with industry publications, and have proven to be trusted sources for global law enforcement agencies.

Advanced Threat Intelligence That Outpaces Cyberattacks

ALL-IN-ONE ESENTIRE MDR

Multi-Signal MDR with 300+ technology integrations to support your existing investments.

SEE HOW MDR WORKS

ESENTIRE THREAT INTELLIGENCE

Extend eSentire protection with our threat intel feed curated from IOCs of positive SOC investigations to enhance your automated blocking.

LEARN ABOUT THREAT INTELLIGENCE

TRU INTELLIGENCE CENTER

Threat intelligence resources including the latest security advisories, blogs, reports, industry publications, webinars and more.

VIEW TRU RESOURCES

MONTHLY THREAT INTELLIGENCE BRIEFINGS

Sign up for upcoming Threat Intelligence Briefings and watch the latest on-demand sessions.

View Briefings

WE OWN THE R IN MDR

See eSentire in Action

An effective defensive posture requires process, technology and most importantly human expertise for combat-level containment and response. You can’t battle these types of cyberattacks alone. Learn how eSentire MDR responded to emerging threats, including zero-day and ransomware attacks, with a balance of automated platform disruptions and hands-on expertise for investigation & manual cyber threat containment.

ZERO-DAY ATTACK

ZERO-DAY ATTACK

A Review of the Zero-Day Attacks Impacting the Kaseya VSA Platform

Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches.

WATCH NOW →
RANSOMWARE ATTACK

RANSOMWARE ATTACK

Malicious BestCrypt Detection Uncovers Full Blown Ransomware Attack at 3am

Watch this video to see how a Fortinet vulnerability led to a ransomware attack impacting 250 endpoints in a customer’s environment. Original detection engineering developed by TRU identified the malicious use of BestCrypt and our 24/7 SOC Cyber Analysts immediately contained the attack and reversed the encryption.

WATCH NOW →
×
 
×
 

Notable Threat Detections

WE STOP THREAT ACTORS IN THEIR TRACKS.
OTHERS CLAIM IT, WE PROVE IT.

Our Threat Response Unit (TRU) collects and processes threat intelligence from 54 commercial threat feeds and 10+ proprietary intel sources, the Dark Web, social media, security reports, positive SOC-driven threat investigations, and various third-party tools to conduct further investigations and identify potential Indicators of Compromise (IOCs).

Once a threat is discovered, eSentire TRU publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption. Security Advisories and Daily Threat Briefings are available in the Atlas Operations Center in real-time.

eSentire TRU has discovered some of the most dangerous cyber threats and nation-state attacks in our space. Last year, TRU built 500+ new detectors to protect our customers and circulated 35 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.

35%

Of threats are identified by TRU before they appear on commercial threat feeds.

12%

Of threats identified by TRU are never seen in the commercial feeds we manage.

Original nation-state attacks and threats discovered by eSentire TRU:

1. The Kaseya Crypto-mining Attack

2. Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with more_eggs Malware

3. Malicious Google Ads to Lure Computer Users to Spoofed "Signal" and "Telegram" Websites

4. Hackers Flood the Web with 100,000+ Malicious Pages to Deliver Malware

5. Gootloader Hackers Poison Websites Globally to Infect Business Professionals with Ransomware

WEBINAR

From Defense to Offense: Leveraging Threat Intelligence & Dark Web Monitoring for Enhanced Security

Watch this webinar with Spence Hutchinson as he discusses why leveraging proactive threat intelligence is critical to stay ahead of sophisticated threats, inform your cybersecurity strategies, and reduce cyber risk.

WATCH ON-DEMAND

Original Research and Publications

The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.

The Industrialization of Cybercrime: Identities are Under Attack Thumbnail

2025 Year in Review, 2026 Threat Landscape Outlook Report

The Industrialization of Cybercrime: Identities are Under Attack

Learn why user identities are under attack, with account compromise representing 50% of cases investigated in 2025 (a 389% increase over 2024), and discover how to protect your organization.

DOWNLOAD THE REPORT

Review more of our detailed Threat Dissections from the Threat Response Unit:

Threat Dissection: Emotet

Threat Dissection: Trickbot

Threat Dissection: Suspicious Remote Access

Endpoint Threat Dissection: Anatomy of a PowerShell Attack
EXPLORE RESOURCES IN OUR TRU INTELLIGENCE CENTER →

Read the Latest Security Advisories and TRU Positives

eSentire TRU regularly publishes Security Advisories, TRU Positives, and Malware Analyses on emerging cyber threats to arm you with the latest intel so you can make informed decisions that evolve with the threat landscape. TRU’s research routinely supports law enforcement agencies in their mission to unmask threat actors and stop cybercrime.

Static TRU logo Image

LATEST POST – May 06, 2026

Palo Alto PAN-OS Zero-Day Vulnerability (CVE-2026-0300)

THE THREATOn May 5th, 2026, Palo Alto Networks disclosed CVE-2026-0300 (CVSS: 9.3), a critical zero-day buffer overflow vulnerability that impacts the User-ID Authentication Portal (aka Captive Portal) service of PAN-OS software. Exploitation of the vulnerability can enable an unauthenticated attacker to perform Remote Code Execution (RCE) with root privileges on impacted PA-series and VM-series firewalls, leading to full device takeover.Patches to address CVE-2026-0300 are…

READ NOW →

Apr 30, 2026

CVE-2026-41940 – cPanel & WHM Authentication Bypass Vulnerability

READ NOW →

Apr 29, 2026

Increase in Email Bombing and IT Impersonation Campaigns

READ NOW →

Apr 16, 2026

Nginx-ui Authentication Bypass Vulnerability CVE-2026-33032 Exploited

READ NOW →

TRU Positives

Read the summaries of recent threat investigations, how our TRU team responded to confirmed threats, and recommendations on defending your organization from emerging threats.

Read the latest from our
TRU Team.

READ NOW

Cyber Threat Hunting Done Right

Adversaries don’t work 9-5 and neither do we.

By leveraging contextualized human-driven threat intelligence, original content on emerging cyber threats, 24/7 availability of Elite Threat Hunters, and advanced analytics based on the latest TTPs, TRU is committed to delivering the strongest MDR offering from eSentire.

eSentire TRU is foundational to our MDR service – no add-ons or additional costs required. You benefit from:

  • Curated Threat Intelligence
  • Threat Hunting
  • Mitigation Support for Zero-Day Threats
  • Original Threat Research
  • Proactive and Reactive Threat Sweeps
  • Live Defense Against Attackers
  • Updated Detection Rules
  • Monthly TRU Intelligence Briefings
  • Security Advisories and Daily Threat Briefings available in the Atlas Operations Center

Security Leaders Count on eSentire to Prevent Business Disruption

A 4.7/5 G2 rating which indicates that customers rate eSentire as one of the best SOC-as-a-Service companies.
G2 Leader Desktop Badges in the MDR category showing that eSentire is recognized as one of the best SOC-as-a-Service providers. G2 Leader Mobile Badges in the MDR category showing that eSentire is recognized as one of the best SOC-as-a-Service providers.
READ MORE REVIEWS AND CASE STUDIES

eSentire has helped us in many situations. They have alerted us of the most simple of threats, and also of bad actors on our network. Before we even have to triage the situation they block the device(s) and keep our environment safe from lateral movement from the bad actors being on the device(s) that were infected.

Charles C.

Security Architect

Mid-Market Company
READ THE FULL REVIEW

There are so many things I like but the best is the complete ecosystem we've built with them for 24x7x365 coverage. We are utilizing Network, Endpoint, Log, Vulnerability Management, Incident Response and Forensics. Oh, also love the quarterly cadence calls to sync up with them about issues, questions or improvements.

Phil M.

Information Security Architect

Mid-market Legal Services Company
READ THE FULL REVIEW

eSentire has an incredibly broad range of platforms that can be used individually or in tandem to protect your infrastructure and your users the way you want them protected. Their network interceptor product and MDR products are top products in the industry. Once installed, the product is absolutely transparent to your users.

David M.

Director of Information Technology

Mid-Market Company
READ THE FULL REVIEW

They have a high skilled technical team and great communication to keep you in the loop. They are very detailed oriented and follow up with any / all requests. They keep us updated with their future plans and prevent us from falling behind!

Thomas K.

IT Manager

Mid-Market Company
READ THE FULL REVIEW

We've been using eSentire for over 5 years. Our experience with them has been great from the very beginning. Implementation is very easy and they are with you every step of the way. They have excellent customer support. Our dedicated customer success manager is always available to help, quick to respond, and loops in other experts when needed to provide expert security guidance. They go above and beyond to make sure we are well-supported, no matter the complexity of the issue. Their threat intelligence briefings and papers are also very helpful. They proactively warn us of current and emerging cyber threats and perform proactive threat hunts which helps us stay a step ahead of potential risks. Overall, eSentire has proven to be a reliable security partner. The ability to send in multiple signals (endpoing, log, network, vulnerability, identity, etc.) truly set them apart.

Verified Customer

Industrial Automation Enterprise Company
READ THE FULL REVIEW

Learn How Our Threat Response Solutions Safeguard Your Business

DATA SHEET
eSentire Threat Response Unit
VIEW DATA SHEET →
Monthly Threat Intelligence Briefings
Stay Informed. Stay Protected.
LEARN MORE →
REPORT
The Industrialization of Cybercrime: Identities are Under Attack
DOWNLOAD NOW →

Ready to start building a more resilient security operation today?

We're here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire MDR stops cyber threats before they impact your business.

ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
Call 1-866-579-2200
The Proven Choice for
Managed Detection and Response
GET STARTED PARTNER LOGIN
Sales and
Customer Support
NORTH AMERICA 1-866-579-2200 EMEA (0)8000-443242 ANZ/APAC 1-519-651-2200
What we do
How we do it
Industries
Use Cases
Resources
Tools
Company

2026 eSentire, Inc. All Rights Reserved.