www.esentire.com
Open in
urlscan Pro
104.20.163.46
Public Scan
Submitted URL: https://mdr.esentire.com/e/651833/aign-tru-intelligence-briefing/rvtvr/687074158?h=ewd1vm3hRzPc5jmf4PmPqG47SrdhvDmFE_bbfj...
Effective URL: https://www.esentire.com/what-we-do/threat-response-unit?utm_medium=email&utm_source=pardot&utm_content=prospect-june-202...
Submission: On June 07 via api from US — Scanned from DE
Effective URL: https://www.esentire.com/what-we-do/threat-response-unit?utm_medium=email&utm_source=pardot&utm_content=prospect-june-202...
Submission: On June 07 via api from US — Scanned from DE
Form analysis 1 forms found in the DOM
Name: resource-form — POST https://mdr.esentire.com/l/651833/2022-05-16/n78r9?success_location=https%3A%2F%2Fwww.esentire.com%2Fwhat-we-do%2Fthreat-response-unit%3FOptinForm%3DSuccess
<form id="pardot-form-footer" data-form-type="formSubmit" action="https://mdr.esentire.com/l/651833/2022-05-16/n78r9?success_location=https%3A%2F%2Fwww.esentire.com%2Fwhat-we-do%2Fthreat-response-unit%3FOptinForm%3DSuccess" method="post"
enctype="application/x-www-form-urlencoded" name="resource-form" data-zi-mapped-form="">
<div class="Footer__FormTop">
<h3 class="Footer__FormHeading">Join 100,000+ <br>Security Leaders</h3>
<p class="Footer__FormCopy">Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime.</p>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="email" class="Footer__InputGroup__Input" id="footer-form_field_email" placeholder="Business Email" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="first-name" class="Footer__InputGroup__Input" id="footer-form_field_firstname" placeholder="First Name" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="last-name" class="Footer__InputGroup__Input" id="footer-form_field_lastname" placeholder="Last Name" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="Footer__Field">
<div class="Footer__InputGroup">
<input type="text" name="company" class="Footer__InputGroup__Input" id="footer-form_field_company" placeholder="Company" required="">
<div class="Footer__InputGroup__RequiredMarker"></div>
</div>
</div>
<div class="ContactForm__ExtraFields">
<input type="hidden" name="fCampaign" id="footer-pardot-form_utm-campaign" required="required" aria-required="true" maxlength="50" placeholder="UTM Campaign">
<input type="hidden" name="fSource" id="footer-pardot-form_utm-source" required="required" aria-required="true" maxlength="50" placeholder="UTM Source">
<input type="hidden" name="fMedium" id="footer-pardot-form_utm-medium" required="required" aria-required="true" maxlength="50" placeholder="UTM Medium">
<input title="ZI Job Function" type="text" id="footer-pardot-form_zi-job-function" name="zi-job-function">
<input title="ZI Management Level" type="text" id="footer-pardot-form_zi-management-level" name="zi-management-level">
<input title="ZI Contact ID" type="text" id="footer-pardot-form_zi-contact-id" name="zi-contact-id">
<input title="ZI Website" type="text" id="footer-pardot-form_zi-company-website" name="zi-company-website">
<input title="ZI Annual Revenue" type="text" id="footer-pardot-form_zi-company-revenue" name="zi-company-revenue">
<input title="ZI Employees" type="text" id="footer-pardot-form_zi-company-employees" name="zi-company-employees">
<input title="ZI Address One" type="text" id="footer-pardot-form_zi-company-street" name="zi-company-street">
<input title="ZI City" type="text" id="footer-pardot-form_zi-company-city" name="zi-company-city">
<input title="ZI State" type="text" id="footer-pardot-form_zi-company-state" name="zi-company-state">
<input title="ZI Zip" type="text" id="footer-pardot-form_zi-company-zip-code" name="zi-company-zip-code">
<input title="ZI Industry" type="text" id="footer-pardot-form_zi-primary-industry" name="zi-primary-industry">
<input title="ZI isCalifornia" type="text" id="footer-pardot-form_zi-isCalifornia" name="zi-isCalifornia">
<input title="ZI isEU" type="text" id="footer-pardot-form_zi-isEU" name="zi-isEU">
<input title="ZI Looks Like EU" type="text" id="footer-pardot-form_zi-looks-like-EU" name="zi-looks-like-EU">
<input title="ZI Looks like Canada" type="text" id="footer-pardot-form_zi-looks-like-Canada" name="zi-looks-like-Canada">
<input title="ZI Free Email" type="text" id="footer-pardot-form_zi-free-email" name="zi-free-email">
<input title="ZI Generic Email" type="text" id="footer-pardot-form_zi-generic-email" name="zi-generic-email">
<input title="ZI Malformed Email" type="text" id="footer-pardot-form_zi-malformed-email" name="zi-zi-malformed-email">
<input title="ZI ZoomInfo Company ID" type="text" id="footer-pardot-form_zi-company-id" name="zi-company-id">
</div>
<div class="Footer__Recaptcha">
<div id="google-recaptcha-alert"></div>
<div class="g-recaptcha" data-sitekey="6LcwreMUAAAAAGA3U5UvksDxCm2nTKLh2SwF81oU">
<div style="width: 304px; height: 78px;">
<div><iframe title="reCAPTCHA"
src="https://www.google.com/recaptcha/api2/anchor?ar=1&k=6LcwreMUAAAAAGA3U5UvksDxCm2nTKLh2SwF81oU&co=aHR0cHM6Ly93d3cuZXNlbnRpcmUuY29tOjQ0Mw..&hl=de&v=M-QqaF9xk6BpjLH22uHZRhXt&size=normal&cb=t97fztlk96ro"
width="304" height="78" role="presentation" name="a-q9r63qno3djr" frameborder="0" scrolling="no"
sandbox="allow-forms allow-popups allow-same-origin allow-scripts allow-top-navigation allow-modals allow-popups-to-escape-sandbox"></iframe></div><textarea id="g-recaptcha-response" name="g-recaptcha-response"
class="g-recaptcha-response" style="width: 250px; height: 40px; border: 1px solid rgb(193, 193, 193); margin: 10px 25px; padding: 0px; resize: none; display: none;"></textarea>
</div><iframe style="display: none;"></iframe>
</div>
</div>
<p class="Footer__Discalimer">By clicking the button below I confirm that I have read and agree to the eSentire <a href="/legal/privacy-policy">privacy policy</a>.</p>
<input type="submit" class="Footer__FormButton" value="Submit">
</div>
</form>Text Content
WHAT WE DO Managed Risk eSentire MDR eSentire MDR for Microsoft Incident Response Atlas XDR Team eSentire 24/7 SOC Threat Hunting Threat Hunting Managed Risk eSentire MDR eSentire MDR for Microsoft Incident Response Atlas XDR Team eSentire 24/7 SOC Threat Hunting CYBERSECURITY ASSESSMENT Receive a free executive report. Get Your Report THREAT RESPONSE UNIT PREVENT THE MOST ADVANCED ATTACKS FROM EVER BREAKING THROUGH. ADD WORLD CLASS THREAT RESEARCHERS TO YOUR TEAM TO PROACTIVELY HUNT THE MOST ADVANCED UNDETECTED THREATS. ESENTIRE’S THREAT RESPONSE UNIT (TRU) DELIVERS ORIGINAL RESEARCH, CURATES THREAT INTELLIGENCE AND BUILDS NEW DETECTION MODELS TO ENSURE YOU STAY AHEAD OF ATTACKERS. Get Started 24/7 Threat Hunting Elite Security Researchers Sophisticated Threat Hunting Tools Rapid Threat Detection Machine Learning Applications THREAT INTELLIGENCE TACTICAL THREAT RESPONSE ADVANCED THREAT ANALYTICS RECLAIM THE ADVANTAGE OVER SOPHISTICATED CYBERCRIMINALS MODERN THREAT RESPONSE AND STAYING AHEAD OF SOPHISTICATED CYBER THREATS REQUIRES THE CAPACITY TO COLLECT UNSTRUCTURED DATA FROM DISPARATE SOURCES ASSOCIATED TO ATTACKER TACTICS, TECHNIQUES AND PROCEDURES (TTPS) AND OPERATIONALIZE GLOBAL PROTECTIONS – ALL IN A TIMELY MANNER. Our industry-renowned Threat Response Unit (TRU) has been recognized for its threat hunting, original research and content development capabilities. With eSentire TRU you gain leading threat intelligence and incredible cybersecurity acumen. This is an elite team of threat hunters and researchers, that supports our 24/7 Security Operations Centers (SOCs), builds detection models across our Atlas XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service . Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats. -------------------------------------------------------------------------------- ESENTIRE’S THREAT RESPONSE UNIT -------------------------------------------------------------------------------- Threat Intelligence Correlates, enriches and applies intelligence that enables proactive discovery of existing and emerging threats. Tactical Threat Response Develops proprietary detectors and runbooks that identify threats and streamline investigations based on real-world attacks. Advanced Threat Analytics Solves challenges in identifying potential threats posed by disparate data sets leveraging data science and machine learning. NOTABLE THREAT DETECTIONS WE STOP THREAT ACTORS IN THEIR TRACKS. OTHERS CLAIM IT, WE PROVE IT. Our Threat Response Unit (TRU) has discovered some of the most dangerous threats and nation state attacks in our space. Once a threat is discovered, eSentire TRU proactively hardens your defenses and immediately notifies the greater industry through the publication of Security Advisories, Threat Reports and White Papers. From research to response, TRU leverages enriched threat data and innovative methodologies to protect you with rapid threat detection models, augmenting our Atlas XDR Security Network Effects. Over the last year TRU built over 250 new detectors to protect our customers from advanced threats and circulated 44 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more. ORIGINAL NATION STATE ATTACKS AND THREATS THAT OUR TEAM HAS DISCOVERED INCLUDE: * The Kaseya crypto-mining attack → * Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with more_eggs Malware → * Malicious Google Ads to Lure Computer Users to Spoofed “Signal” and “Telegram” Websites → * Hacker-controlled websites, hosted on Google Sites, installing a known, emerging Remote Access Trojan (RAT) → * Gootloader Hackers Poison Websites Globally in Order to Infect Business Professionals with Ransomware → Of malicious IPs identified by eSentire in 2020, 35% were identified in advance of third-party threat feeds (including commercial and open source). WE OWN THE R IN MDR THE KASEYA ZERO-DAY ATTACKS Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches. In these 2018 and 2021 attacks, threat actors leveraged zero-day vulnerabilities to push Cryptomining malware and Ransomware to Kaseya VSA customers. Our BlueSteel Machine Learning Engine identified malicious Powershell commands being executed. eSentire’s actions to detect, respond and remediate these attacks demonstrate the importance of MDR services that go beyond alerting and host isolation to deliver complete & robust response. Learn More about the R in MDR → × ORIGINAL RESEARCH AND PUBLICATIONS The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts. RANSOMWARE REPORT DISSECTING TODAY’S RANSOMWARE ECOSYSTEM In this report we look at the emergence of Ransomware-as-a-Service, how criminals use ransomware to perform both opportunistic and targeted attacks, and the most popular initial ransomware attack access techniques. Get Your Copy → THREAT DISSECTION REPORT DEFENDING AGAINST MODERN RANSOMWARE: LESSONS FROM THE SUNWALKER INCIDENT In this report, our team looks at recent changes in ransomware attacks and what that means for organizations when they are targeted. We walk through a real ransomware attack that an eSentire customer faced in 2020 and how our team responded. Download the Report → REVIEW MORE OF OUR DETAILED THREAT DISSECTIONS FROM THE THREAT RESPONSE UNIT: THREAT DISSECTION: EMOTET THREAT DISSECTION: SUSPICIOUS REMOTE ACCESS CASE STUDY: THREAT DISSECTION TRICKBOT ENDPOINT THREAT DISSECTION: ANATOMY OF A POWERSHELL ATTACK THREAT HUNTING DONE RIGHT Adversaries don’t work 9-5 and neither do we. Our 24/7 SOCs are staffed with Cyber Analysts and Elite Threat Hunters who hunt, drive detections, contain and respond within minutes to contain and remediate advanced persistent threats. * Real-Time Threat Intelligence * Patented Machine Learning Applications * Rapid Threat Detection * Elite Security Researchers * Artificial Intelligence Pattern Recognition * SOC as a Service Model * Multi-Signal Correlation * Complete Response Our SOC team, and entire Managed Detection and Response operation are supported by our Threat Response Unit, the heartbeat of our security ecosystem. TRU delivers proactive hunting, original research, threat intelligence analysis and also builds detection models to augment our Atlas XDR platform capabilities, advancing our human-led investigation and containment efforts for modern threat response. HOW IT WORKS Our Threat Response Unit (TRU) is strategically organized into cross-functional groups to protect you against advanced and emerging threats. They include Threat Intelligence, Tactical Threat Response, and Advanced Threat Analytics. Learn how each adds value and enriches your security posture, improving your overall security outcomes. OUR DIFFERENCE. YOUR RESULTS. UNIQUE INTELLIGENCE THAT PUTS YOU AHEAD OF THE CYBER THREAT CURVE THREAT INTELLIGENCE Our Threat Intelligence practice manages, creates and applies Threat Intelligence learnings across our customer base. Our Threat Intelligence platform correlates and enriches intelligence extracted from daily Security Operations Center (SOC) investigations and multiple third-party sources. Dedicated analysts leverage enriched threat data and new intelligence— ranging from malicious IP addresses, malware hashes, domains and more—to drive hypothesis driven hunts across our global customer base. This integrated threat intelligence and service support is part of our core eSentire Managed Detection and Response offering. OUR DIFFERENCE Threat Intel Enrichment And Correlation 24/7 Threat Hunting Enabling Complete Response Threat Intel Participation And Contribution YOUR RESULTS We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment. We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions. Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community. OUR DIFFERENCE YOUR RESULTS -------------------------------------------------------------------------------- Threat Intel Enrichment And Correlation We improve the efficacy of threat intelligence data and efficiently apply it to hypothesis-driven threat hunting to protect your environment. -------------------------------------------------------------------------------- 24/7 Threat Hunting Enabling Complete Response We proactively hunt and build new detection models through the power of artificial intelligence pattern recognition to drive new intelligence, containment and response actions. -------------------------------------------------------------------------------- Threat Intel Participation And Contribution Our team supports the ongoing fight against cybercrime through participation and sharing in the international counter threat community. TACTICAL THREAT RESPONSE Our Tactical Threat Response practice creates proprietary security content, detectors to alert on threats and runbooks to streamline investigations - all of which support our Managed Detection and Response (MDR) service. Our dedicated security experts manage the entire content creation process, which is informed by observations from our Security Operations Center (SOC), outputs from the other teams within the Threat Response Unit (TRU) and the MITRE ATT&CK framework. This modern threat response solutions team manages the security content development roadmap to ensure your service is continuously hardened to keep up with the threat landscape. As is the case with all TRU team outputs, security content development by the Tactical Threat Response team is included as part of eSentire Managed Detection and Response (MDR) at no extra cost. OUR DIFFERENCE Deep Research And MITRE Mapped Detections eSentire Security Network Effects Measurement And Continuous Improvement Of Detections YOUR RESULTS We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework. We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business. We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency. OUR DIFFERENCE YOUR RESULTS -------------------------------------------------------------------------------- Deep Research And MITRE Mapped Detections We account for the latest threat actor tactics, techniques and procedures on an ongoing basis by leveraging enriched threat intelligence and mappings against the MITRE ATT&CK framework. -------------------------------------------------------------------------------- eSentire Security Network Effects We provide visibility into emerging attacks and harden your defenses, amplifying hundreds of proprietary detectors across our Atlas XDR Cloud Platform daily, to protect your business. -------------------------------------------------------------------------------- Measurement And Continuous Improvement Of Detections We track all security content for accuracy and efficacy after deployment, implementing adjustments and decommissioning as necessary for optimized operational efficiency. ADVANCED THREAT ANALYTICS The Advanced Threat Analytics practice is our innovative threat research and development group. Our expert threat researchers concentrate on solving challenges posed by disparate data sets and expanding attack surfaces. Leveraging data science and machine learning expertise, the Advanced Threat Analytics team creates proprietary and proven models designed to identify threat actor tactics, techniques and procedures that traditional security tools miss. Our innovations, in combination with unique human expertise, accelerate investigations and threat hunts in our Security Operations Center (SOC). As is the case with all modern Threat Response Unit services, eSentire customers benefit from Advanced Threat Analytics expertise and outputs included in our core Managed Detection and Response (MDR) service. OUR DIFFERENCE Research That Informs Machine Learning 5 Machine Learning Patents For Threat Detection And Data Transfer Threat Hunting Is At The Core Of Our Service YOUR RESULTS Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science. We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats. We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting. OUR DIFFERENCE YOUR RESULTS -------------------------------------------------------------------------------- Research That Informs Machine Learning Our research informs development efforts and identifies potential counter-threat use cases that could be accelerated by machine learning and data science. -------------------------------------------------------------------------------- 5 Machine Learning Patents For Threat Detection And Data Transfer We develop security force multipliers and proprietary machine learning applications that hunt and respond to elusive threats. -------------------------------------------------------------------------------- Threat Hunting Is At The Core Of Our Service We are the Authority in Managed Detection and Response – we deliver Response, Remediation, and Results through proactive, hypothesis-driven threat hunting. READ THE TRU TEAM’S LATEST SECURITY ADVISORIES OUTLINING NEW DETECTIONS AND ORIGINAL RESEARCH. LATEST POST - Jun 04, 2022 UPDATE: CVE-2022-26134 – CONFLUENCE ZERO-DAY VULNERABILITY THE THREAT June 3rd Update: Atlassian has released security patches to address this vulnerability. On June 2nd, 2022, Atlassian disclosed a critical vulnerability impacting the Confluence collaboration tool, tracked as CVE-2022-26134; active exploitation of the vulnerability has been confirmed. CVE-2022-26134 is an unauthenticated Remote Code Execution (RCE) vulnerability that impacts… READ NOW → Jun 04, 2022 CVE-2022-26134 – Confluence Zero-Day Vulnerability READ NOW → May 30, 2022 Follina - Microsoft Zero-Day Vulnerability READ NOW → May 11, 2022 CVE-2022-26923 - Active Directory Domain Services Elevation of Privilege Vulnerability READ NOW → TRU POSITIVES In TRU Positives, eSentire’s Threat Response Unit (TRU) provides a summary of a recent threat investigation. We outline how we responded to the confirmed threat and what recommendations we have going forward. READ THE LATEST FROM OUR TRU TEAM. Read Now SECURITY LEADERS COUNT ON ESENTIRE Previous > A big part of why eSentire has shown value to us, in addition to the people, > is how far ahead they are from a technology standpoint. eSentire gets ahead of > the direction that we’re moving in before we know we’re heading in that > direction." SIMON SCULLY ASSISTANT VICE PRESIDENT, IT SECURITY - SECURITY OPERATIONS | VENERABLE > I have enjoyed having the additional security knowledge on my team. I sleep > better at night." DAVID GREENE IT VICE PRESIDENT | CWS APARTMENT HOMES, INC. > It’s a pleasure working with a group of people that know what they’re doing. > They are an extension of the Wetherby technical security team." TREVOR HICKS PRINCIPAL AND CTO, WETHERBY ASSET MANAGEMENT > With eSentire MDR we have gained visibility into attacks against our > infrastructure and I have peace of mind knowing that we are defended by the > best in the business with 24/7 SOC Cyber Analysts and Elite Threat Hunters who > are bolstered by eSentire’s unique Threat Response Unit for original research, > threat analysis and content development." NEIL WAUGH CHIEF INFORMATION OFFICER | M&C SAATCHI Next View Case Studies and Reviews Learn more about how our threat response solutions safeguard your business DATA SHEET eSentire Threat Response Unit Threat Intelligence VIEW DATA SHEET → DATA SHEET eSentire Threat Response Unit Tactical Threat Response VIEW DATA SHEET → DATA SHEET eSentire Threat Response Unit Advanced Threat Analytics VIEW DATA SHEET → READY TO START BUILDING A MORE RESPONSIVE SECURITY OPERATION TODAY? We’re here to help! Submit your information and an eSentire representative will be in touch to share more benefits the TRU team provides. Cookies allow us to deliver the best possible experience for you on our website - by continuing to use our website or by closing this box, you are consenting to our use of cookies. Visit our Privacy Policy to learn more. Accept Are you experiencing a security incident or have you been breached? Call us now. 1-866-579-2200 SALES AND CUSTOMER SUPPORT North America 1-866-579-2200 EMEA (0)8000 443242 Africa/APAC +1 519 651 2200 Partner Login → Get Started → WHAT WE DO Managed Risk Programs Managed Detection & Response Digital Forensics & Incident Response Extended Detection & Response Platform Team eSentire Security Operations Centers Threat Response Unit MDR for Microsoft MDR for AWS Cloud Response and Remediation HOW WE DO IT MDR Pricing Use Cases Industries Network Endpoint Log Cloud Insider Threat RESOURCES Security Advisories Blog Resource Library Video Library Case Studies Real vs Fake MDR Cybersecurity Glossary COMPANY About Us Leadership Newsroom Event Calendar Careers Partners TOOLS Cybersecurity Assessment SOC Calculator MITRE ATT&CK® Tool JOIN 100,000+ SECURITY LEADERS Get notified of the latest news, intel and helpful tools & assets. You can unsubscribe anytime. By clicking the button below I confirm that I have read and agree to the eSentire privacy policy. THE AUTHORITY IN MANAGED DETECTION AND RESPONSE. 2022 eSentire, Inc. All Rights Reserved. Sitemap Terms and Conditions Privacy Policy Accessibility What we do How we do it Resources Company Partners Get Started What we do How we do it Resources Company Partners Request a Quote