Enterprise IT Context for the CTO

Bob Gourley

Subscribe to Bob Gourley: eMailAlertsEmail Alerts
Get Bob Gourley via: homepageHomepage mobileMobile rssRSS facebookFacebook twitterTwitter linkedinLinkedIn

Blog Feed Post

eSentire: Active cyberthreat protection solutions mitigate inbound and internal cyberattacks and prevent data exfiltration

esentireWith this post we are beginning coverage of eSentire. eSentire protects enterprises with advanced cybersecurity capabilities.

eSentire leverages their own threat intelligence and third-party feeds as well as customer data via a high performance analytics platform. This is done in a very cost-effective way which allows most all organizations to benefit from their continuous detection and mitigation of threats.

eSentire has been included in Gartner's list of "Cool Vendors" in Cloud Security Services and was highlighted for offering highly innovative technologies that address organizational needs for agile, responsive and cost-effective solutions.

From the eSentire website:

The traditional security technologies that form your perimeter defenses are mandatory cybersecurity hygiene. But in the world of complex cybercrime, you need more than technology to defend against
today’s sophisticated, targeted threats.

That’s where we come in.

eSentire provides mid-sized enterprises with advanced cybersecurity capabilities. We effectively detect and mitigate threats that your existing security technology can miss, 24 hours a day, 7 days a week. We pioneered Continuous Active Threat Protection, which leading analyst firm Gartner Inc. has coined as a best practices framework for defending against the types of advanced threats that repeatedly drive today’s headlines.

eSentire delivers capability via four key service models:

web shield NI



Full Forensic Traffic Capture and Behavior Detection

At the core of Active Threat Protection is supported by Network Interceptor from eSentire. Network Interceptor is a proprietary network appliance delivered as a continuous managed service. Core capabilities include real-time deep-packet inspection, human assisted machine learning, behavior-based anomaly detection, signature-based intrusion detection and prevention, and analyst communications completely tailored to your specific business context and policies. Once an active threat incident is detected, Network Interceptor provides eSentire’s core containment capability for ingressing/egressing traffic. Highly skilled threat analysts perform active forensics, identifying and escalating unique threats in real-time, always.


  web shield Hostinterceptor



Quarantine of Compromised Devices

Host Interceptor from eSentire works in conjunction with Network Interceptor to provide core network containment capabilities. Host Interceptor leverages technology and human-driven analysis, to assist with the containment of laterally spreading threats within the core of the network. This provides real-time detection and isolation of any network connected devices deemed compromised.


 web shield LS



Informed Intervention and Compliance Reporting

Log Sentry from eSentire collects, centralizes and correlates critical event log data from any network-attached asset. Threat analysts rely on Log Sentry to provide informed decision-making and intervention specific to active threats detected by Network Interceptor and Host Interceptor. In certain scenarios, Log Sentry provides primary detection. Log Sentry also provides configuration mechanisms and standard rules, allowing organizations to apply policy-based and compliance monitoring.


 web shield CS



Automated Vulnerability Scanning

Continuous Vulnerability Scanning (CVS) is delivered as a continuous managed service, ensuring our threat analysts are fully informed of security posture during active threat investigation. CVS also affords the customer the opportunity to drastically reduce the exploit window by having a current list of systems requiring patching and password updates.

For more on eSentire visit: eSentire.com


The post eSentire: Active cyberthreat protection solutions mitigate inbound and internal cyberattacks and prevent data exfiltration appeared first on CTOvision.com.

Read the original blog entry...

More Stories By Bob Gourley

Bob Gourley writes on enterprise IT. He is a founder of Crucial Point and publisher of CTOvision.com