eSentire Launches Integrated MDR and SIEM Platform for Full Threat Visibility and Rapid Response
September 2018 by Marc Jacob
eSentire, Inc. announced a partnership with Sumo Logic, the leading cloud-native machine data analytics platform that delivers continuous intelligence. This partnership will allow eSentire to deliver the only MDR platform that offers full spectrum detection and response capabilities across distributed IT environments through its portfolio of esNETWORK, esENDPOINT, esRECON, and now esLOG+, which spans network, endpoint, cloud, mobile and modern application assets.
Sumo Logic and eSentire Partnership
Sumo Logic helps democratize security analytics across IT, breaking down legacy silos with new cloud models, including DevSecOps. The Sumo Logic cloud-native platform delivers native elastic scale for on-demand, high-volume security analytics capacity and deployment agility, enabling new horizontal, collaborative, and scalable insights and workflows across security, IT, and all lines of business.
The integration of Sumo Logic’s cloud-native solution, with eSentire’s pure-play MDR platform, provides full spectrum visibility across the organization, eliminating common blind spots all too often exploited by adversaries. eSentire expert security analysts leverage Sumo Logic’s ability to bring together log and metric data from on-premises and cloud assets. They then can quickly identify and contain suspicious activities on behalf of customers, disrupting threats before they become business impacting.
Key Functionality of esLOG+ within the eSentire Platform
Offering cloud-native next-generation security analytics technology embedded in eSentire’s MDR services, esLOG+ is up-and-running in a fraction of the time of a traditional SIEM to aggregate meaningful and actionable intelligence from an organization’s network assets, endpoints, applications, and cloud services. Providing full spectrum visibility across the entire attack surface, eSentire Security Operations Center (SOC) analysts leverage the power of big data analytics, machine learning, customized rule-sets, and behavioral analysis to make sense of expected and unexpected events and behaviors across the IT environment to identify potential threats.
Cross-Platform Monitoring and Visibility: Collects, aggregates, and monitors data across on-premises, cloud, multi-cloud, and hybrid platforms like AWS, Microsoft Azure, and the Google Cloud Platform, providing 24x7x365 SOC analysts with full spectrum visibility to threats across the entire attack surface.
Embedded Threat Hunting and Forensic Investigation: Includes embedded threat hunting and forensic investigation of aggregated log data accelerating precision and speed that facilitates rapid response and threat containment.
Big Data Analytics: Leverages the power of big data and advanced analytics into end-user, application, and infrastructure element behaviors, to detect anomalies (deviations from the established baseline), and flag exceptions in real-time to identify real and potential threats.
Machine Learning Integration: Utilizes machine learning and predictive analytics to make sense of expected and unexpected behavior across the IT environment with pattern, anomaly, and outlier detection.
Co-Management: Provides a co-managed model with access to run advanced search queries, generate alerts, manage profiles, customize and run reports, and investigate events alongside eSentire SOC analysts.
Simplified Compliance Management Reporting: Ensures compliance mandates are tightly managed with centralized logging, continuous monitoring, and automated retention policies with various out of the box and custom security reports that provide audit data for regulatory requirements such as HIPAA, PCI, SEC, GDPR, etc.
– Availability
The combined esLOG+ service will be available as of Oct. 1, 2018.