Kerry Bailey, CEO
Managing cybersecurity vulnerabilities is a continuous race against time. Data from the renowned vulnerability database, Exploit Database, reveals that the number of reported vulnerabilities has increased by more than 140 per cent between 2015 and 2019. During the same period, the time taken to exploit a known vulnerability has been reduced from being several months to almost immediately. This drastic decrease in patching time has resulted in a situation where IT departments are faced with not having enough resources to identify and remediate critical vulnerabilities while managing day-to-day business operations.
eSentire, the global leader in managed detection and response (MDR), keeps organizations safe from such constantly evolving cyber attacks that technology alone cannot prevent. The company’s ‘Risk Advisory and Managed Prevention’ offering continuously identifies blind spots, puts the capabilities in use to build a strategy around cyber risk for predicting and preventing threats. Alongside, eSentire’s esNETWORK captures and analyzes all network traffic to support real-time detection and response to both known and unknown cyber threats. esNETWORK’s threat intelligence, black-listing, and IPS/IDS functionality detect and block known threats. Its advanced behaviour based anomaly detection alerts and assists eSentire security operations centre (SOC) analysts in hunting down, investigating and containing attacks that have bypassed all other security controls. To eliminate blind spots, the company also brought forth Carbon Black powered esENDPOINT for providing continuous next-gen endpoint detection and response capabilities to assist eSentire SOC analysts in threat mitigation. The final piece of eSentire’s offering is esLOG+, a co-managed SIEM solution designed to extract meaningful and actionable intelligence from on-premises and cloud assets that accelerates targeted threat hunting and rapid response empowering our SOC analysts to stop attackers before they can become business disrupting.
A case in point for the company is its recent partnership with a top investment management firm.
eSentire’s ‘Risk Advisory and Managed Prevention’ offering continuously identifies blind spots, puts the capabilities in use to build a strategy around cyber risk for predicting and preventing threats
The client was seeking to improve its security posture after being the target of a lengthy brute force attack on New Year’s Eve. They had struggled to keep up with the fast-paced changes within the information security space. Many of the glaring gaps in the security infrastructure would slip through the crack of the dispersed security infrastructure and it would only get attention when it falls apart. The lack of technical staff led the firm to outsource most of its technology services, but without the internal resources to highlight issues that needed attention, the service providers were mostly reactive. The technology worked, but it was out of date and support was hard to find. eSentire used its MDR service to provide threat protection capabilities that go beyond alerting to disrupt threats to protect the client’s systems. The critical component of this service deployed was esNETWORK—a zero-latency IPS/IDS designed to provide full network visibility eliminating attack blind spots that traditional technologies miss. MDR and esNETWORK have identified and blocked thousands of cybersecurity events while giving the firm the required network visibility. Consequently, when cyber terrorists began a sustained 12-hour brute force attack on the client, the CTO of the firm was immediately alerted via email that a sustained attack was coming from several European countries including Poland and the Netherlands.
Climbing up the ladder of success in past years, in 2018 eSentire acquired AI-based cyber threat hunting company Versive to help correlate and analyze threat data coming in from the network, endpoint, and cloud. Versive’s AI engine is expected to seamlessly examine the data, identify patterns that humans might not have been able to see immediately, and escalate to an analyst when necessary. eSentire plans to go to market very quickly with a new product that links Versive to the company’s SOC. From there, eSentire has planned to spend three-to-five months working to have customer data and data from all of eSentire’s sensors pulled back into the framework of the AI platform. Simulatenously, the company plans to extend Versive’s capabilities to key partners and strengthen cybersecurity infrastructures across different organization.