Get Started
What We Do
How We Do It
Resources
Company
Partners
Get Started
What we do
How we do it
Resources
Company
Partners
Get Started
What We Do
ESENTIRE SERVICES
Managed Detection and Response

Combine AI-driven security operations, multi-signal attack surface coverage and 24/7 Elite Threat Hunters to help you take your security program to the next level.
All-In-One MDR Solution →
MDR for Microsoft →
MDR for GenAI →
Digital Forensics and Incident Response

Get unlimited Incident Response with threat suppression guarantee - anytime, anywhere.
Continuous Threat Exposure Management (CTEM)

CTEM and advisory programs that identify security gaps and build proactive strategies to address them.
AI Powered platform
Atlas Security Operations Platform

Multi-agent Generative AI system embedded across eSentire’s Security Operations platform to scale human expertise.
Extended Detection and
Response (XDR)

Open XDR with Agentic AI & machine learning that eliminates noise, enables real-time detection and response, and automatically blocks threats.
Customer Portal

See what our SOC sees, review investigations, and see how we are protecting your business. 
Platform Integrations 

Seamless integrations and threat investigation across your existing tech stack.  
human led response
Security Operations Center (SOC)

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
Threat Response Unit (TRU)

Proactive threat intelligence, original threat research and a world-class team of seasoned industry veterans.
Cyber Resilience Team

Extend your team capabilities and prevent business disruption with expertise from eSentire.
Response and Remediation

We balance automated blocks with rapid human-led investigations to manage threats.
How We Do
MDR Packages and 24/7 Protection
MDR Pricing and Packages

Flexible MDR pricing and packages that fit your unique security requirements.
Atlas Essentials

Entry level foundational MDR coverage
Atlas Advanced

Comprehensive Next Level MDR from eSentire
Atlas Complete

Next Level MDR with Cyber Risk Advisors to continuously advance your security program
Explore MDR Packages → Build Your MDR Package →
24/7 Coverage
Endpoint
Network
Log
Cloud
Identity
INDUSTRIES
Insurance
Construction
Finance
Legal
Manufacturing
Private Equity
Healthcare
Retail
Food Supply
Government and Education
Automotive Dealerships
USE CASES
Ransomware

Stop ransomware before it spreads.
Cybersecurity Compliance

Meet regulatory compliance mandates.
Zero Day Attacks

Detect and respond to zero-day exploits.
Cloud Misconfiguration

End misconfigurations and policy violations.
Third-Party Risk

Defend third-party and supply chain risk.
Do More With Less

Prevent disruption by outsourcing MDR.
Cyber Risk

Adopt a risk-based security approach.
Cyber Insurance

Meet insurability requirements with MDR.
Sensitive Data Security

Protect your most sensitive data.
Security Leadership

Build a proven security program.
Cyber Threat Intelligence

Operationalize cyber threat intelligence.
Identity Response

Stop identity-based cyberattacks.
Resources
VIEW ARTICLES
Resources
Case Studies
Compare MDR Vendors
TRU Intelligence Center
Cybersecurity Tools
Videos
Reports
Webinars
Data Sheets
Real vs. Fake MDR
Blogs
Security Advisories
EXPLORE LIBRARY
SECURITY ADVISORIES
Jul 24, 2025
Cisco Vulnerabilities Exploited CVE-2025-20281 & CVE-2025-20337

THE THREATOn July 21st, 2025, Cisco confirmed attempted exploitation of recently disclosed maximum severity vulnerabilities impacting its Identity Services Engine (ISE) and ISE Passive…

 Jul 21, 2025
CrushFTP Zero-Day Vulnerability CVE-2025-54309

THE THREAT On July 18th, 2025, CrushFTP confirmed exploitation of a critical zero-day vulnerability, CVE-2025-54309. CVE-2025-54309 (CVSS: 9.0) occurs due to mishandling of…
View Advisories
Company
ABOUT ESENTIRE

eSentire is The Authority in Managed Detection and Response Services, protecting the critical data and applications of 2000+ organizations in 80+ countries from known and unknown cyber threats. Founded in 2001, the company’s mission is to hunt, investigate and stop cyber threats before they become business disrupting events.

About Us
Leadership
Careers
Event Calendar
Newsroom
Aston Villa Football Club
EVENT CALENDAR
Aug
02
Black Hat
Aug
10
ILTACON
Aug
12
August TRU Intelligence Briefing
Aug
14
FutureCon Omaha
Aug
14
INTERFACE Kansas City
View Calendar
LATEST PRESS RELEASE
Mar 06, 2025
eSentire Unleashes AI-Driven Atlas Nexus Network, Empowering Cybersecurity Partners to Build Differentiated Security Services at Scale
Read More
View Newsroom
OUR PARTNERSHIPS
Aston Villa Football Club

AVFC takes its cyber protection to the Next Level with eSentire as its official cybersecurity partner.

Learn More
Partners
PARTNER PROGRAM

Apply to become an e3 ecosystem partner with eSentire today.
APPLY NOW

Login to the Partner Portal for resources and content for current partners.
LOGIN NOW
Search

Search our site

Quick Links

ALL-IN-ONE MDR SERVICE

Multi-Signal MDR with 300+ technology integrations to support your existing investments.
24/7 SOC SUPPORT

24/7 SOC-as-a-Service with unlimited threat hunting and incident handling.
MDR PRICING AND PACKAGES

We offer three flexible MDR pricing packages that can be customized to your unique needs.
TRU INTELLIGENCE CENTER

The latest security advisories, blogs, reports, industry publications and webinars published by TRU.
MDR VENDOR COMPARISONS

Compare eSentire to other Managed Detection and Response vendors to see how we stack up against the competition.
MDR CASE STUDIES

See why 2000+ organizations globally have chosen eSentire for their MDR Solution.
Get Started
Get Started
Build A Quote
Become A Partner
Home What We Do TRU

THREAT RESPONSE UNIT

Prevent the Most Advanced Cyberattacks from Ever Breaking Through

Stay ahead of sophisticated known and unknown cyber threats with proactive threat intelligence, original threat research, and a world-class team of seasoned industry veterans.

GET STARTED
GET STARTED
×
 

Reclaim the Advantage Over Sophisticated Cybercriminals with Expert Threat Response

Modern threat response requires the ability to collect unstructured data from disparate sources associated with attacker tactics, techniques, and procedures (TTPs) and operationalize global protections – all in a timely manner.

Unfortunately, many in-house security teams don’t have the bandwidth or expertise to perform proactive threat hunting, conduct original threat research, and develop or deploy new threat detection rules.

The eSentire Threat Response Unit (TRU) is an industry-leading threat research team committed to helping your organization become more resilient. This is an elite team of threat hunters and researchers that supports our 24/7 Security Operations Centers (SOCs), builds threat detection models across the eSentire XDR Cloud Platform, and works as an extension of your security team to continuously improve our Managed Detection and Response service.

By providing complete visibility across your attack surface and performing global threat sweeps and proactive hypothesis-driven threat hunts augmented by original threat research, we are laser-focused on defending your organization against known and unknown threats.

We prioritize creating and updating our detection rules and machine learning (ML) models regularly, so your security posture is hardened against the evolving threat landscape. Our content development is built upon the MITRE ATT&CK Framework® and is constantly fine-tuned for efficacy to reduce false positives.

Why Choose eSentire's Threat Response Unit (TRU)

TRU acts as an extension of your security team to build your cyber resilience and prevent business disruption. With TRU by your side, you can rest easy knowing that you’re protected by an MDR provider that law enforcement agencies rely on to identify threat actors and collaborate on threat intelligence.

Prepare and react to emerging, unknown cyber threats to prevent business disruption

TRU continuously monitors the threat landscape, publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.

Harden your toolkit with novel threat detection rules and advanced ML models

As a foundational component of the eSentire MDR service, TRU constantly builds and updates new threat detection rules and ML models across our eSentire XDR platform. These detections are further strengthened by robust investigative runbooks to support our SOC Cyber Analysts in their investigation and containment actions – on your behalf.

Go into battle with a team of industry veterans with real-world experience

TRU has discovered dangerous cyber threats and nation-state attacks (e.g., the Kaseya MSP breach and identities of hackers behind the more_eggs malware). With a 95% employee retention rate, TRU consists of highly certified, seasoned industry veterans who regularly hold threat briefings, share their expertise with industry publications, and have proven to be trusted sources for global law enforcement agencies.

Advanced Threat Intelligence That Outpaces Cyberattacks

ALL-IN-ONE MDR SERVICE

Multi-Signal MDR with 300+ technology integrations to support your existing investments.

Learn More

ESENTIRE THREAT INTELLIGENCE

Extend eSentire protection with our threat intel feed curated from IOCs of positive SOC investigations to enhance your automated blocking.

Learn More

TRU INTELLIGENCE CENTER

Threat intelligence resources including the latest security advisories, blogs, reports, industry publications, webinars and more.

Learn More

WE OWN THE R IN MDR

See eSentire in Action

An effective defensive posture requires process, technology and most importantly human expertise for combat-level containment and response. You can’t battle these types of cyberattacks alone. Learn how eSentire MDR responded to emerging threats, including zero-day and ransomware attacks, with a balance of automated platform disruptions and hands-on expertise for investigation & manual cyber threat containment.

ZERO-DAY ATTACK

ZERO-DAY ATTACK

A Review of the Zero-Day Attacks Impacting the Kaseya VSA Platform

Watch this video with one of eSentire’s Elite Threat Hunters, Spence Hutchinson, as he reviews the Kaseya VSA supply chain attacks and how eSentire’s Security Operations Center (SOC) & Threat Response Unit (TRU) were able to quickly respond on our customer’s behalf and notify Kaseya of the breaches.

WATCH NOW →
RANSOMWARE ATTACK

RANSOMWARE ATTACK

Malicious BestCrypt Detection Uncovers Full Blown Ransomware Attack at 3am

Watch this video to see how a Fortinet vulnerability led to a ransomware attack impacting 250 endpoints in a customer’s environment. Original detection engineering developed by TRU identified the malicious use of BestCrypt and our 24/7 SOC Cyber Analysts immediately contained the attack and reversed the encryption.

WATCH NOW →
×
 
×
 

Notable Threat Detections

WE STOP THREAT ACTORS IN THEIR TRACKS.
OTHERS CLAIM IT, WE PROVE IT.

Our Threat Response Unit (TRU) collects and processes threat intelligence from 54 commercial threat feeds and 10+ proprietary intel sources, the Dark Web, social media, security reports, positive SOC-driven threat investigations, and various third-party tools to conduct further investigations and identify potential Indicators of Compromise (IOCs).

Once a threat is discovered, eSentire TRU publishes regular threat advisories, security bulletins, and threat intelligence reports, and conducts proactive real-time threat hunts so you can stay ahead of the latest emerging threats and prevent business disruption.

eSentire TRU has discovered some of the most dangerous cyber threats and nation-state attacks in our space. Last year, TRU built 500+ new detectors to protect our customers and circulated 35 Security Advisories. We broke the news on the Kaseya MSP breach, the malicious more_eggs malware and more.

35%

Of threats are identified by TRU before they appear on commercial threat feeds.

12%

Of threats identified by TRU are never seen in the commercial feeds we manage.

Original nation-state attacks and threats discovered by eSentire TRU:

1. The Kaseya Crypto-mining Attack

2. Hackers Spearphish Professionals on LinkedIn with Fake Job Offers, Infecting them with more_eggs Malware

3. Malicious Google Ads to Lure Computer Users to Spoofed "Signal" and "Telegram" Websites

4. Hackers Flood the Web with 100,000+ Malicious Pages to Deliver Malware

5. Gootloader Hackers Poison Websites Globally to Infect Business Professionals with Ransomware

WEBINAR

From Defense to Offense: Leveraging Threat Intelligence & Dark Web Monitoring for Enhanced Security

Watch this webinar with Spence Hutchinson as he discusses why leveraging proactive threat intelligence is critical to stay ahead of sophisticated threats, inform your cybersecurity strategies, and reduce cyber risk.

WATCH ON-DEMAND

Original Research and Publications

The TRU team publishes reports, industry publications and white papers based on its original research and the insights driven through proactive threat hunts.

REPORT

Ransomware Readiness: How SMBs Can Prepare for the Rising Threat of Ransomware-as-a-Service, Initial Access Brokers, and Credential Theft

Download our ransomware report to inform your cybersecurity strategies, reduce cyber risk, and see how to prepare for a ransomware attack.

DOWNLOAD THE REPORT

REPORT

The Modern Threat Actors’ Playbook: How Initial Access and Ransomware Deployment Trends are Shifting in 2025

Download our 2024 threat recap and 2025 threat landscape outlook report to help you reduce your cyber risks, build resilience, and prevent business disruption.

DOWNLOAD THE REPORT

Review more of our detailed Threat Dissections from the Threat Response Unit:

Threat Dissection: Emotet

Threat Dissection: Trickbot

Threat Dissection: Suspicious Remote Access

Endpoint Threat Dissection: Anatomy of a PowerShell Attack

EXPLORE RESOURCES IN OUR TRU INTELLIGENCE CENTER →

Read the Latest Security Advisories and TRU Positives

eSentire TRU regularly publishes Security Advisories, TRU Positives, and Malware Analyses on emerging cyber threats to arm you with the latest intel so you can make informed decisions that evolve with the threat landscape. TRU’s research routinely supports law enforcement agencies in their mission to unmask threat actors and stop cybercrime.

Static TRU logo Image

LATEST POST – Jul 24, 2025

Cisco Vulnerabilities Exploited CVE-2025-20281 & CVE-2025-20337

THE THREATOn July 21st, 2025, Cisco confirmed attempted exploitation of recently disclosed maximum severity vulnerabilities impacting its Identity Services Engine (ISE) and ISE Passive Identity Connector (ISE-PIC).CVE-2025-20281 (CVSS: 10) and CVE-2023-20337 (CVSS: 10) are vulnerabilities in a specific API of the impacted Cisco products and can allow an unauthenticated, remote attacker to execute arbitrary code with root privileges. Successful exploitation of these…

READ NOW →

Jul 21, 2025

CrushFTP Zero-Day Vulnerability CVE-2025-54309

READ NOW →

Jul 21, 2025

Microsoft Zero-Day Vulnerabilities CVE-2025-53770 & CVE-2025-53771

READ NOW →

Jul 10, 2025

RedDirection Browser Extension Campaign

READ NOW →

TRU Positives

Read the summaries of recent threat investigations, how our TRU team responded to confirmed threats, and recommendations on defending your organization from emerging threats.

Read the latest from our
TRU Team.

READ NOW

Cyber Threat Hunting Done Right

Adversaries don’t work 9-5 and neither do we.

By leveraging contextualized human-driven threat intelligence, original content on emerging cyber threats, 24/7 availability of Elite Threat Hunters, and advanced analytics based on the latest TTPs, TRU is committed to delivering the strongest MDR offering from eSentire.

eSentire TRU is foundational to our MDR service – no add-ons or additional costs required. You benefit from:

  • Curated Threat Intelligence
  • Threat Hunting
  • Mitigation Support for Zero-Day Threats
  • Original Threat Research
  • Proactive and Reactive Threat Sweeps
  • Live Defense Against Attackers
  • Updated Detection Rules
  • Monthly TRU Intelligence Briefings

Security Leaders Count on eSentire to Prevent Business Disruption

A 4.7/5 G2 rating which indicates that customers rate eSentire as one of the best SOC-as-a-Service companies.
G2 Leader Desktop Badges in the MDR category showing that eSentire is recognized as one of the best SOC-as-a-Service providers. G2 Leader Mobile Badges in the MDR category showing that eSentire is recognized as one of the best SOC-as-a-Service providers.
READ MORE REVIEWS AND CASE STUDIES

eSentire has helped us in many situations. They have alerted us of the most simple of threats, and also of bad actors on our network. Before we even have to triage the situation they block the device(s) and keep our environment safe from lateral movement from the bad actors being on the device(s) that were infected.

Charles C.

Security Architect

Mid-Market Company
READ THE FULL REVIEW

There are so many things I like but the best is the complete ecosystem we've built with them for 24x7x365 coverage. We are utilizing Network, Endpoint, Log, Vulnerability Management, Incident Response and Forensics. Oh, also love the quarterly cadence calls to sync up with them about issues, questions or improvements.

Phil M.

Information Security Architect

Mid-market Legal Services Company
READ THE FULL REVIEW

eSentire has an incredibly broad range of platforms that can be used individually or in tandem to protect your infrastructure and your users the way you want them protected. Their network interceptor product and MDR products are top products in the industry. Once installed, the product is absolutely transparent to your users.

David M.

Director of Information Technology

Mid-Market Company
READ THE FULL REVIEW

They have a high skilled technical team and great communication to keep you in the loop. They are very detailed oriented and follow up with any / all requests. They keep us updated with their future plans and prevent us from falling behind!

Thomas K.

IT Manager

Mid-Market Company
READ THE FULL REVIEW

We've been using eSentire for over 5 years. Our experience with them has been great from the very beginning. Implementation is very easy and they are with you every step of the way. They have excellent customer support. Our dedicated customer success manager is always available to help, quick to respond, and loops in other experts when needed to provide expert security guidance. They go above and beyond to make sure we are well-supported, no matter the complexity of the issue. Their threat intelligence briefings and papers are also very helpful. They proactively warn us of current and emerging cyber threats and perform proactive threat hunts which helps us stay a step ahead of potential risks. Overall, eSentire has proven to be a reliable security partner. The ability to send in multiple signals (endpoing, log, network, vulnerability, identity, etc.) truly set them apart.

Verified Customer

Industrial Automation Enterprise Company
READ THE FULL REVIEW

Learn How Our Threat Response Solutions Safeguard Your Business

DATA SHEET
eSentire Threat Response Unit
VIEW DATA SHEET →
WEBINAR
TRU Intelligence Briefings
WATCH NOW →
REPORT
The Modern Threat Actors’ Playbook: How Initial Access and Ransomware Deployment Trends are Shifting in 2025
DOWNLOAD NOW →

Ready to start building a more resilient security operation today?

We're here to help! Submit your information and an eSentire representative will be in touch to demonstrate how eSentire Multi-Signal MDR service stops cyber threats before they impact your business.

ARE YOU EXPERIENCING A SECURITY INCIDENT OR HAVE YOU BEEN BREACHED?
Call 1-866-579-2200

The Proven Choice for
Managed Detection and Response

GET STARTED PARTNER LOGIN

Sales and
Customer Support

NORTH AMERICA 1-866-579-2200 EMEA (0)8000-443242 ANZ/APAC 1-519-651-2200
What we do
How we do it
Industries
Use Cases
Resources
Tools
Company

2025 eSentire, Inc. All Rights Reserved.