eSentire, a Canadian managed detection and response (MDR) service provider, has released a logging and event management platform that delivers real-time threat detection and response across network, endpoint and cloud services.
The logging and event management platform, esLOG, eliminates the complexity and costs associated with traditional security information and event management (SIEM) solutions by providing security log aggregation and forensics capabilities, eSentire stated.
esLOG delivers purpose-built log management for MDR, eSentire said, and its features include:
- Real-Time Alerts: Notifies eSentire security operations center (SOC) analysts about suspicious activities in real-time.
- Log Management: Provides immediate collection, aggregation and analysis of raw log data from multiple sources.
- Log Archiving: Enables eSentire SOC analysts to conduct forensic investigations and root cause analyses of all incidents.
- Log Data Visualizations: Empowers eSentire SOC analysts with customizable dashboards and security visualizations.
In addition, esLOG delivers "end-to-end, enterprise-grade threat visibility and protection," eSentire Chief Technology Officer Mark McArdle said in a prepared statement.
esLOG supplements the eSentire Managed Detection and Response service (a 24x7 SOC) to deliver enhanced threat detection, forensic investigation and compliance reporting.
What Separates an MDR Provider from an MSSP?
Founded in 2001, eSentire is "the largest pure-play service provider," according to the company, and this claim is already helping the business differentiate itself from traditional MSSPs.
MSSPs typically offer network monitoring or device management services, eSentire noted in a prepared statement. However, these services providers often are unable to address sophisticated cyberattacks, eSentire asserted. Comparatively, an MDR provider is committed to "hunting and detecting previously undetected threats that have bypassed security controls," eSentire indicated.
An MDR provider also explores ways to contain cyber threats before they can impact an organization – something that requires advanced expertise and technology that MSSPs lack, eSentire stated.