eSentire launches integrated MDR and SIEM platform for threat visibility and response
eSentire announced a partnership with Sumo Logic. This partnership will allow eSentire to deliver the MDR platform that offers full spectrum detection and response capabilities across distributed IT environments through its portfolio of esNETWORK, esENDPOINT, esRECON, and now esLOG+, which spans network, endpoint, cloud, mobile and modern application assets.
“In today’s modern IT environment, organizations need security that goes deeper, broader, provides more precise data, and is quicker in taking action against evolving and future suspected threats,” said Kerry Bailey, CEO, eSentire.
“The Sumo Logic partnership combines the best-of-breed in MDR and cloud-based SIEM that provides us with broader visibility to accelerate detection for customers whose security may be compromised. Improved analytics, along with the depth of our intelligence capabilities will deliver mid to large size enterprises the optimized security they need against constantly advancing cyber threats.”
Sumo Logic and eSentire partnership
Sumo Logic helps democratize security analytics across IT, breaking down legacy silos with new cloud models, including DevSecOps.
The Sumo Logic cloud-native platform delivers native scale for on-demand, security analytics capacity and deployment agility, enabling new insights and workflows across security, IT, and all lines of business.
The integration of Sumo Logic’s cloud-native solution, with eSentire’s MDR platform, provides visibility across the organization.
eSentire security analysts leverage Sumo Logic’s ability to bring together log and metric data from on-premises and cloud assets. They then can identify and contain suspicious activities on behalf of customers, disrupting threats before they become business impacting.
“Today’s digital organizations operate on a wide range of modern applications and infrastructures and cloud models, such as DevSecOps, accumulating and releasing massive amounts of data, that if managed incorrectly, can allow threats to slip through the cracks and cause business-critical crises,” said Steve Fitz, chief revenue officer, Sumo Logic.
“We are thrilled to partner with eSentire to detect and investigate machine data for the rapidly evolving and expanding threat surfaces of cloud and hybrid environments, and respond in a timely, efficient, and effective manner to bolster their security postures.”
Functionality of esLOG+ within the eSentire platform
Offering cloud-native security analytics technology embedded in eSentire’s MDR services, esLOG+ is up-and-running in a SIEM to aggregate intelligence from an organization’s network assets, endpoints, applications, and cloud services.
Providing visibility across the entire attack surface, eSentire Security Operations Center (SOC) analysts leverage the power of big data analytics, machine learning, customized rule-sets, and behavioral analysis to make sense of expected and unexpected events and behaviors across the IT environment to identify potential threats.
The combined esLOG+ service will be available as of Oct. 1, 2018.
Cross-platform monitoring and visibility: Collects, aggregates, and monitors data across on-premises, cloud, multi-cloud, and hybrid platforms like AWS, Microsoft Azure, and the Google Cloud Platform, providing 24x7x365 SOC analysts with visibility to threats across the entire attack surface.
Embedded threat hunting and forensic investigation: Includes embedded threat hunting and forensic investigation of aggregated log data accelerating precision and speed that facilitates response and threat containment.
Big data analytics: Leverages the power of big data and analytics into end-user, application, and infrastructure element behaviors, to detect anomalies (deviations from the established baseline), and flag exceptions in real-time to identify real and potential threats.
Machine learning integration: Utilizes machine learning and predictive analytics to make sense of expected and unexpected behavior across the IT environment with pattern, anomaly, and outlier detection.
Co-management: Provides a co-managed model with access to run advanced search queries, generate alerts, manage profiles, customize and run reports, and investigate events alongside eSentire SOC analysts.
Simplified compliance management reporting: Ensures compliance mandates are managed with centralized logging, continuous monitoring, and automated retention policies with various out of the box and custom security reports that provide audit data for regulatory requirements such as HIPAA, PCI, SEC, GDPR, etc.