eSentire

Today, we're so proud to announce eSentire's Next Level cybersecurity offering, redefining what organizations should expect from their MDR provider. By uniquely integrating Continuous Threat Exposure Management (CTEM) with Managed Detection and Response (MDR), we're delivering measurable, differentiated outcomes that other security providers simply cannot match: 🛡️ Prevention-first strategy with 200+ new protections deployed daily 🕒 15-minute mean time to contain threats - action, not just alerts 🔎 Threat intelligence 35% faster than commercial feeds 👾 99.3% of threats isolated at first host, minimizing business disruption 💸 11x ROI through integrated CTEM & MDR investment Our expanded CTEM portfolio aligns security with business goals, including insurance and compliance requirements, while our Cyber Risk Advisors provide tailored guidance to reduce your attack surface and build resilience. In fact, in The Forrester Wave: MDR Services, Q1 2025 report, eSentire MDR has been highlighted as "a superior choice for resource-constrained medium and small enterprise organizations that want to stay more hands off, from the day to day of service delivery." In today's threat landscape, alerts alone aren't enough. You need a trusted partner who can act on your behalf from Day 1. Ready to take your cybersecurity to the Next Level? Let's connect. Learn more about eSentire Next Level MDR: https://buff.ly/mt6D39c #CTEM #ThreatManagement #Cybersecurity #MDR

Have you read our latest TRU Weekly Threat Briefing? The newest edition is now out! 🦉 📰 Here are the top 3 stories that we're discussing: ➡️ Windows Remote Desktop Protocol - Remote to Rogue Details on a new phishing campaign conducted by suspected Russian threat actors have emerged, targeting European government and military organizations. The attacks involve emails that contain attached RDP configuration files which when executed, can initiate an RDP connection from the victim’s machine. ➡️ Microsoft Patch Tuesday April 8th marked Microsoft's monthly Patch Tuesday release, which addressed a total of 134 vulnerabilities. Security patches address 11 critical vulnerabilities and one vulnerability that was confirmed to have been exploited in the wild by a threat actor in order to deploy ransomware. ➡️ Lazarus Expands Malicious npm Campaign The North Korean APT Lazarus Group have been observed publishing malicious npm packages as part of the ongoing Contagious Interview campaign. These malicious packages are being used to deliver information stealer malware and Remote Access Trojans (RATs). Read the full threat briefing below! #threatbriefing #threatintelligence #threathunting #cyberthreats #patchtuesday

🚨 True operational resilience means proactively understanding, and continuously testing, your critical business systems. 🚨 Many businesses underestimate their resilience gaps until disaster strikes. As our Chief Cyber Resilience Officer & Field CTO, Tia (Yatia) Hopkins, emphasizes, real resilience requires visibility into your full attack surface, continuous identification of critical assets, and ongoing stress-testing to build muscle memory for response and recovery. Enter Continuous Threat Exposure Management (CTEM): A strategic approach to resilience that doesn’t just react to incidents, but actively anticipates threats by constantly reassessing your security posture and exposure risks. In the article, Tia shares key insights, such as: 🔑 Maintain maximum visibility into your environment’s vulnerabilities and critical processes. 🔑 Regularly reassess incident response plans to keep them aligned with evolving business priorities. 🔑 Understand your threshold for incident escalation—know what really matters to your organization. Learn how to build meaningful operational resilience here → https://lnkd.in/e7q2HiFh #CyberResilience #CTEM #OperationalResilience #DisasterRecovery #Cybersecurity #ThreatExposureManagement

From Ransomware-as-a-Service (RaaS) to AI-driven phishing attacks, today’s threats are more sophisticated, persistent, and impactful. In this carousel, we break down: 🔍 The top emerging threats of 2024 identified by eSentire’s Threat Response Unit (TRU) 💼 How to prioritize your budget to effectively mitigate these risks 📊 Practical recommendations to align security investments with your organization’s goals. Don’t let emerging threats catch you off guard. Swipe through for insights and strategies that can help you stay ahead. 👇🏼 #Cybersecurity #ThreatIntelligence #Ransomware #CISO #CyberResilience

The latest TRU Weekly Threat Briefing is now out! 🦉 📰 Here are the 3 stories we are working on this week: ➡️ CrushFTP Authentication Bypass Vulnerability On March 28th, 2025, Proof-of-Concept (PoC) exploit code was released for CVE-2025-2825, a critical vulnerability within CrushFTP. As of April 1st, eSentire has identified real-world exploitation. It is crucial that organizations using CrushFTP upgrade to a secure version immediately. ➡️ Critical Ivanti Connect Secure Vulnerability Exploited by China-Nexus Threat Actor A Critical vulnerability in Ivanti Connect Secure, CVE-2025-22457 was observed to be exploited by Chinese state sponsored APT group UNC5221, to gain initial access to victim's network and deploy malware to further compromise it. ➡️ Recent DPRK Activity Recent reports on threat actors from the Democratic People's Republic of Korea (DPRK) provide new details on previously reported campaigns, specifically updates to the Contagious Interview campaign and the expansion of remote IT worker campaigns. Read the full threat briefing below! #threatintelligence #threathunting #cyberthreats #ransomware #malware #ivanti #crushftp

🤠 Wrangle the Risks, then Raise a Glass! After a long day at RSA Conference 2025, kick off your boots and join eSentire for a Next Level Happy Hour — cowboy style. We’re serving up whiskey, barbecue, and good vibes with fellow cybersecurity pros. 📍 The Peace Lounge at Hotel Zeppelin 🗓 Tuesday, April 29 | 5:00–7:00 PM PDT 🚶 Just a short walk from Moscone Centre With 24/7 threat protection, advanced intel, and complete response capabilities, we help you ride with confidence—and now we’re bringing that same energy to RSAC after-hours. 🎟️ Space is limited, so lasso your spot now! 🪪 RSAC badge required for entry. Let’s giddy up and level up your cybersecurity program — see you there! Register here: https://buff.ly/9hJAqdl #RSAC2025 #NextLevelMDR #CybersecurityEvents #eSentire #HappyHour #MDR #RSACParty #CyberRodeo

🚨 Big news! Our e3 Partner Program has been named a CRN 2025 5-Star Partner Program in the Security category! 🏆 In a market flooded with cybersecurity vendors, it’s an honor to stand out — not just for our MDR leadership, but for how we enable and empower our partners. Over the past year, we’ve made bold moves: 🔹 Launched Atlas Agent for advanced endpoint protection 🔹 Introduced co-deployment for endpoint bypass, simplifying partner engagements 🔹 Expanded into the SMB and distribution markets, unlocking new revenue opportunities Our mission: simplify cybersecurity, eliminate vendor lock-in, and deliver world-class MDR at scale. Thanks to our partners for your continued trust — and to CRN for the recognition! Read more: https://buff.ly/bBONnqX #Cybersecurity #MDR #ChannelPartners #CRN5Star #eSentire #PartnerProgram #EndpointSecurity #ChannelGrowth

🤠 Saddle up, security pros! The Wild West of cyber threats is no place for reactive MDR. Join eSentire at RSA Conference 2025 (Booth S-848) and experience what it means to take your security program to the Next Level. Our Next Level MDR puts prevention first with proactive threat intelligence and the industry’s most complete response capability so you can: 🔹 Continuously harden your security posture 🔹 Reduce risk exposure before vulnerabilities are exploited 🔹 Deliver more value to your organization 🗓️ April 28 – May 1 📍 Booth S-848 | Moscone Center, San Francisco, CA 🎁 Expect in-booth activations, live demos, and giveaways that'll knock your boots off. Haven’t registered yet? Use our codes: 🎟️ FREE Expo Pass: 52EESENTRE XP 🎟️ Discounted Full Conference Pass: 552FCDESENTRE Ready to ride with Next Level MDR? 🤠 Register for RSA now: https://buff.ly/FEWEwqn #RSAC #RSAC2025 #NextLevelMDR #Cybersecurity #eSentire #ManagedDetectionAndResponse #ThreatIntelligence #MDR RSA Conference

RSA 2025 Conference is nearly here and we're working on some great in-booth sessions for all of you! Here’s what’s on deck 👇 🔹 Building Cyber Resilience Through CTEM Tia (Yatia) Hopkins, Chief Cyber Resilience Officer & Field CTO Discover how CTEM aligns to the five pillars of resilience and why it’s critical for anticipating, withstanding, and adapting to cyber threats. 🔹 Preventing Identity-Based Threats in 2025 Kurtis Armour, VP, Product Management Learn how to strengthen identity protection strategies across hybrid, cloud, and on-prem to stay ahead of evolving identity-focused attacks. 🔹 Keeping Your Microsoft Investment Secure: From Endpoint to Cloud Security Kurtis Armour, VP, Product Management Explore how MDR enhances your Microsoft E5 deployment and helps address security gaps across your full Microsoft ecosystem. 🔹 Transform Your Security Posture with Next Level MDR Midhun Chandran, Sr. Product Marketing Manager See how modern MDR proactively advances your security program to reduce risk and increase visibility across the attack surface. 🔹 Beyond Buzzwords: Understanding the MDR Market Midhun Chandran, Sr. Product Marketing Manager Cut through the noise in a saturated MDR space with insights into how to evaluate vendors and identify real outcomes—not empty promises. 🔹 The Underground Connection: How Cybercrime-as-a-Service is Fueling Attacks Spence Hutchinson, Staff Threat Intelligence Researcher Get a look inside cybercrime-as-a-service operations and how campaigns like Black Basta are fueling advanced BEC and ransomware attacks. 🔹 Analyst Augment: Building a Next Level SOC with the help of GenAI Mark Gillett, VP, Product See how GenAI is transforming SOC workflows—from alert enrichment to hypothesis generation—so analysts can work faster and smarter. 🔹 Using Atlas XDR to Continuously Evolve Detection and Response Mark Gillett, VP, Product Learn how Atlas empowers your team to continuously refine detections, automate response actions, and codify MDR outcomes using low-code tooling. 📍Come by booth S-848, catch the sessions, and connect with our experts. #RSAC #CyberResilience #MDR #XDR #CTEM #GenerativeAI #CyberSecurity #Infosec RSA Conference

The latest edition of the TRU Weekly Threat Briefing is now out! 🦉 📰 In this edition, we review: 1️⃣ IngressNightmare: On March 24th, Wiz Research released a detailed report on a series of vulnerabilities found within Ingress NGINX Controller for Kubernetes called IngressNightmare. Organizations are urged to apply relevant security patches as soon as possible, as Proof of Concept (PoC) exploit code has been released. 2️⃣ Critical Next.js Vulnerability: Next.js released a security advisory addressing a critical authorization bypass vulnerability in the Next.js framework. Given the widespread adoption of Next.js and the release of PoC exploit code, it is crucial to address CVE-2025-29927 as quickly as possible. 3️⃣ Oracle Cloud Breach: A threat actor claims to have compromised Oracle Cloud's login servers and is offering to sell stolen data. Oracle is denying the claims but information provided by the threat actor offers some credibility to their claim. Read the full threat briefing below to learn more! ⬇️ #threatintelligence #threathunting #oracle #ingressnightmare #malware #ransomware #CVE #cloudbreach