DDoS attack emergency?

eSentire

Company

eSentire, the global leader in Managed Detection and Response (MDR), keeps organizations safe from constantly evolving cyber attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $5.7 trillion AUM in the financial sector alone, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements.

Solutions

As an outsourced SOC service, eSentire offers a wide spectrum of threat protection capabilities:

Rapid intrusion detection and response auto-detects and responds to known and unknown threats with:

  • Real-time blocking of IOCs, signatures, and previously unseen attacks, including phishing, malware, ransomware, and botnets
  • An extensive, proprietary rules library covering 40+ threat categories
  • Highly-customizable rules and policies, including executable whitelists, geo-IP, and blocking access to specific sites

Log aggregation for threat hunting enables log correlation and playbook development to support and guide analysts, regardless of the network size, by:

  • Aggregating and correlating log data to assist with reporting, compliance, and attack forensics
  • Finding, tracking, and mapping threats to affected resources by querying, exploring, and pivoting across logs

Insider and persistent threat detection, regardless of the tools, tactics, or procedures (TTPs) used, by focusing on the few fundamental adversary behaviors:

  • Automatically learns and constantly updates “normal” definitions for each host within a customer’s unique, growing, and changing environment
  • Understands and ties together internal reconnaissance, collection, and exfiltration behaviors across time and the network
  • Speeds investigations and provides comprehensive customer understanding with ThreatCases, contextual maps of unfolding threats

Vendor Certifications

activereach is a certified reseller of eSentire MDR solutions.

Request a Trial

eSentire’s Malicious Activity Assessment augments our risk assessment providing 45 days of continuous visibility looking deep into network activity to detect known, unknown and evasive threats that may already be present or bypassing your preventative measures. Utilizing full packet capture, network data is fed to 24×7 SOC analysts who leverage proprietary hunting methods to detect and confirm an attacker’s presence.

Isolation of threats discovered are performed on your behalf to ensure attackers are shut down before they can accomplish their objectives. Critical insight is fed to your security team illuminating where your preventative measures failed with daily alerts and weekly reports, including an executive report, that summarizes SOC investigations pinpointing areas in need of defensive refinements that aids your security staff in mitigating areas of greatest risk.

To request a 45-day Malicious Activity Assessment please complete our Demo Request form.

Further Information

Please visit our solutions page on managed detection and response for further information.


What our customers say

I have worked with activereach as our primary LAN and wireless networking supplier for a number of years.

We recently had a site power outage that impacted the core network in our head office and the link to our main warehouse. activereach were able to supply us with replacement equipment the same day and arranged for one of their own engineers to come onsite at 4am to make sure that we did not lose a trading day in the busy run-up to our peak trading season.

Kieron Ash
Network Manager, Snow & Rock Group

Did you know?

Misconfiguration is the greatest threat to data hosted in the public cloud, followed by loss and abuse of credentials, and insecure interfaces.

Source: IBM X-Force Threat Intelligence Index 2019

Solution: Security teams can benefit from using activereach's cloud firewall management services to have visibility of cloud assets on AWS, Azure, of Google's cloud services without the need for agent software. Servers can be forced to adopt default secure configurations, and be subject to audit against common regulatory frameworks like PCI DSS.

back to top