<img src="https://secure.leadforensics.com/69529.png" style="display:none;">
Blog  |  FAQ
  • Apogee-IT-Services-Case-Studies

eSentire Managed Detection and Response

24x7x365 monitoring with full spectrum visibility across on-premises, cloud and hybrid IT environments Human threat hunting with machine learning-assisted detection uncovers known and never-before-seen attacks. Embedded incident response accelerates precision and speed, facilitating rapid tactical threat containment. Root cause investigation and remediation guidance defines corrective actions to harden security postures against evolving threats.

Security specific to you
Based on your business and risk management needs, you select from a spectrum of threat protection capabilities:

Rapid intrusion detection and response auto-detects and responds to known and unknown threats with:
• Real-time blocking of IOCs, signatures, and previously unseen attacks, including phishing, malware, ransomware, and botnets
• An extensive, proprietary rules library covering 40+ threat categories
• Highly-customizable rules and policies, including executable whitelists, geo-IP, and blocking access to specific sites

Log aggregation for threat hunting enables log correlation and playbook development to support and guide analysts, regardless of the network size, by:
• Aggregating and correlating log data to assist with reporting, compliance, and attack forensics
• Finding, tracking, and mapping threats to affected resources by querying, exploring, and pivoting across logs

Insider and persistent threat detection, regardless of the tools, tactics, or procedures (TTPs) used, by focusing on the few fundamental adversary behaviors:
• Automatically learns and constantly updates “normal” definitions for each host within a customer’s unique, growing, and changing environment
• Understands and ties together internal reconnaissance, collection, and exfiltration behaviors across time and the network
• Speeds investigations and provides comprehensive customer understanding with ThreatCases, contextual maps of unfolding threats


The eSentire Difference

Radical claims and marketing hype have created a confusing and crowded MDR marketplace. However, there is clear distinction between others vs. eSentire MDR that ultimately could mean the difference between a minor incident and a major disruption for your business. Take a closer look, then you be the judge.






  24x7 always-on monitoring



  Network utilizing full PCAP


  Endpoint (Full telemetry)


  Log (On-premises and Cloud)


  Detection using signatures and        IoCs

  Detection of unknown leveraging patterns, behavioral analytics, machine learning and artificial intelligence


  Human Threat Hunting


  Ability to correlate endpoint, network (PCAP) and log data into investigations


  False Positive Reduction



  Alerting of suspicious behavior


  Network Tactical Threat Containment Performed on Client's Behalf


  Endpoint Tactical Threat Containment Performed on Client's Behalf


  Response plan for particular            incident


  Remediation Guidance

  Remediation verification



Full Spectrum Visibility

These threat protection capabilities are enabled by the esENDPOINT, esNETWORK, esLOG+, and esINSIDER technologies, and include:

  • Comprehensive data sources: north/south, east/west, endpoint activity, network sensors, log aggregation, netflow, DNS, proxy
  • Complete asset coverage: cloud, on-premises, and hybrid environments
  • Extensive human support: 24/7/365 SOC and advanced threat hunting




Managed by 24x7x365 Operation Centers

Detects, isolates and responds to attacks in real-time with always-on service monitored by SOCs in North America and Europe.


Uncompromised Visibility


Log: Collects, aggregates and monitors data across on-premises, cloud, multi-cloud, and hybrid platforms like AWS, Microsoft Azure, and the Google Cloud Platform.


Network: Always-on full traffic capture including SSL decryption to support best-in-class forensic investigations.


Endpoint: Continuously monitors, records, centralizes and retains activity for every endpoint in your organization.


Known-threat Prevention

Real-time blocking of signature-based threats, including phishing, malware and botnets using thousands of rules in 40+ threat categories.


Unknown Threat Detection

Advanced anomaly detection and behavioral analytics alert and assist eSentire SOC analysts in investigating, detecting and responding to never-before-seen attacks.


Machine Learning Integration

Machine learning makes sense of expected and unexpected behavior across your environment with pattern, anomaly and outlier detection.


Big Data Analytics

Leverages the power of big data and advanced analytics to end-user behavior, to detect anomalies (deviations from the established baseline) and to flag exceptions to identify real and potential threats.


Embedded Threat Hunting and Forensic Investigation

Embedded threat hunting and forensic investigation accelerates precision and speed, facilitating rapid response and threat containment.


Tactical Threat Containment

Locks down and isolates compromised endpoints and disrupts malicious network traffic to prevent the spread of attacks.


Global Threat Intelligence Integration

Up-to-the-minute threat protection from multiple world renowned threat intelligence feeds.


Simplified Compliance Management and Reporting

Ensures compliance mandates are met with continuous monitoring, portal visualizations and automated retention policies with various out of the box, and custom security reports that meet regulatory requirements such as HIPAA, PCI, SEC, GDPR, and more.


Ready to start a conversation about managed detection and response?

Clients in the US & Canada

Learn More