†eSentire, Inc., the largest pure-play†Managed Detection and Response (MDR) provider, launched esLOG, the first logging and event management platform that supports real-time threat detection and response across network, endpoint, and cloud services.
Unlike a traditional cloud-based Security Information and Event Management (SIEM) product or service, esLOG augments eSentire Managed Detection and Response (eSentire MDR), providing small, midsized, and large enterprises with complete security log aggregation and forensics capabilities without the complexity and costs associated with traditional SIEM solutions. esLOG enhances threat detection, improves forensic investigation and compliance reporting, and enriches eSentire MDR through comprehensive signal ingestion, enrichment, and threat investigation across on-premises sources and leading cloud-based applications.
“Integrating esLOG into our MDR service delivers end-to-end, enterprise-grade threat visibility and protection,” said Mark McArdle, CTO of eSentire. “In addition to supporting on-premises security technologies, the continued adoption of cloud-based services requires the ability to extend MDR visibility into the cloud. Securing the cloud is mission-critical and many organizations simply don’t know where to start. Traditional SIEM services are costly and complex for businesses who struggle with limited resources. And, traditional SIEM services cannot identify — much less respond — to new threats.”
In its Predicts 2017: Cloud Security report, Gartner states that: “The security posture of major cloud providers is as good as or better than most enterprise data centers, and that security should no longer be considered a primary inhibitor to the adoption of public cloud services. However, simply moving on-premises workloads to a public cloud doesn’t automatically make these workloads more secure”.
“Cloud service providers are in the business of protecting their business and operations from cyber-attacks, but cloud data that is accessed using phished or stolen user credentials, or exfiltrated by rogue insiders, is the liability of the individual or business, not the cloud service provider. This presents a new and risky challenge to businesses as they continue to migrate cloud workloads,” added McArdle.
esLOG core functionality includes:
- Security forensic enrichment†- provides additional rich context to unusual network, cloud, and endpoint activities, ensuring the full context of an attack is investigated.
- Log management†- includes the collection, aggregation, and analysis of raw log data from network, cloud, endpoints, and applications, all in real-time.
- Log archiving†- provides eSentire Security Operations Center (SOC) analysts the ability to conduct log forensic investigations, drill down into log details, and assist with root cause analysis on any security incident.
- Real-time alerting†- signals eSentire SOC analysts of any suspicious activities and anomalies discovered from various log data in real-time.
- Log data visualizations†- provides eSentire SOC analysts and clients with customizable dashboards, security visualizations, data drill-down capabilities, and root cause analysis.
- Co-management†– facilitates a client’s access to run their own advanced search queries, generate alerts, manage profiles, run reports, and investigate events alongside eSentire SOC analysts.
eSentire’s award-winning MDR service has propelled the company’s success, cementing its leadership position within the MDR marketplace. As the largest pure-play MDR vendor, eSentire†concluded a record year in 2016, and was included in†Gartner’s 2017 Market Guide for Managed Detection and Response Services†– a list of service providers that can support organizations seeking to improve their threat detection and incident response capabilities.
esLOG is available now. For more information about esLOG, visit:†www.esentire.com/what-we-do/esLOG, or call 1-866-651-2200.
About eSentire:
eSentireƆis the largest pure-play†Managed Detection and Response (MDR) service provider, keeping organizations safe from constantly evolving cyber-attacks that technology alone cannot prevent. Its 24×7 Security Operations Center (SOC), staffed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $5.7 trillion in corporate assets, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. In 2016, eSentire was named Best SME Cybersecurity Solution by SC Magazine, and was included on Deloitte’s Technology Fast 500 list.†
1Gartner,†Predicts 2017: Cloud Security, Jay Heiser, Steve Riley, Greg Young, Neil MacDonald, November 2016.