eSentire: Active cyberthreat protection solutions mitigate inbound and internal cyberattacks and prevent data exfiltration

esentireWith this post we are beginning coverage of eSentire. eSentire protects enterprises with advanced cybersecurity capabilities.

eSentire leverages their own threat intelligence and third-party feeds as well as customer data via a high performance analytics platform. This is done in a very cost-effective way which allows most all organizations to benefit from their continuous detection and mitigation of threats.

eSentire has been included in Gartner's list of "Cool Vendors" in Cloud Security Services and was highlighted for offering highly innovative technologies that address organizational needs for agile, responsive and cost-effective solutions.

From the eSentire website:

The traditional security technologies that form your perimeter defenses are mandatory cybersecurity hygiene. But in the world of complex cybercrime, you need more than technology to defend against
today’s sophisticated, targeted threats.

That’s where we come in.

eSentire provides mid-sized enterprises with advanced cybersecurity capabilities. We effectively detect and mitigate threats that your existing security technology can miss, 24 hours a day, 7 days a week. We pioneered Continuous Active Threat Protection, which leading analyst firm Gartner Inc. has coined as a best practices framework for defending against the types of advanced threats that repeatedly drive today’s headlines.

eSentire delivers capability via four key service models:

web shield NI

NETWORK INTERCEPTOR™

DETECT AND PREVENT ADVANCED TARGETED ATTACKS

Full Forensic Traffic Capture and Behavior Detection

At the core of Active Threat Protection is supported by Network Interceptor from eSentire. Network Interceptor is a proprietary network appliance delivered as a continuous managed service. Core capabilities include real-time deep-packet inspection, human assisted machine learning, behavior-based anomaly detection, signature-based intrusion detection and prevention, and analyst communications completely tailored to your specific business context and policies. Once an active threat incident is detected, Network Interceptor provides eSentire’s core containment capability for ingressing/egressing traffic. Highly skilled threat analysts perform active forensics, identifying and escalating unique threats in real-time, always.

 

  web shield Hostinterceptor

HOST INTERCEPTOR™

PREVENT LATERAL SPREAD OF THREATS

Quarantine of Compromised Devices

Host Interceptor from eSentire works in conjunction with Network Interceptor to provide core network containment capabilities. Host Interceptor leverages technology and human-driven analysis, to assist with the containment of laterally spreading threats within the core of the network. This provides real-time detection and isolation of any network connected devices deemed compromised.

 

 web shield LS

LOG SENTRY™

AGGREGATE EVENT LOGS

Informed Intervention and Compliance Reporting

Log Sentry from eSentire collects, centralizes and correlates critical event log data from any network-attached asset. Threat analysts rely on Log Sentry to provide informed decision-making and intervention specific to active threats detected by Network Interceptor and Host Interceptor. In certain scenarios, Log Sentry provides primary detection. Log Sentry also provides configuration mechanisms and standard rules, allowing organizations to apply policy-based and compliance monitoring.

 

 web shield CS

CONTINUOUS VULNERABILITY SCANNING

REDUCE EXPLOIT WINDOW

Automated Vulnerability Scanning

Continuous Vulnerability Scanning (CVS) is delivered as a continuous managed service, ensuring our threat analysts are fully informed of security posture during active threat investigation. CVS also affords the customer the opportunity to drastically reduce the exploit window by having a current list of systems requiring patching and password updates.

For more on eSentire visit: eSentire.com

 

Leave a Reply