eSentire has been partnered with Carbon Black around managed detection and response since 2016, and the companies are now extending the partnership to cover next-gen endpoint protection.

Cambridge ON-based MDR [Managed Detection and Response- provider eSentire has announced an expansion of their partnership with Carbon Black. The new offering, Managed Endpoint Defense, powered by Carbon Black, allows eSentire to add a new EPP [Endpoint Protection Platform] offering to their services, to provide customers with next-gen anti-virus protection.

eSentire and Carbon Black originally partnered in September 2016 in the MDR space, with eSentire Endpoint Managed Detection and Response, powered by Carbon Black.

“The original partnership focused on what was their flagship product then, Carbon Black Response,” said Sean Blenkhorn, eSentire’s Field CTO. “It had forensics and behavioral detection capabilities, and was a tool for threat hunting, and that is very much what we do in MDR.”

Since then, there has been increased convergence between EDR and EPP, with Carbon Black entering the EPP space in July 2016 with its acquisition of Confer.

“Carbon Black had just made their EPP acquisition when we first partnered with them, and it was very new, so we focused on the threat hunting then,” Blenkhorn said. “We have traditionally stayed in the threat hunting space.” However, that convergence in the market, together with additional stories of pain points from customers, led eSentire to seek to expand the relationship.

“EPP provides next-generation protection using predictive analysis against threats at the endpoint, and is really a replacement for traditional AV,” Blenkhorn said. “The vendors in the market are shifting toward next-gen AV, because it is much more effective, but very few customers so far have made that transition, in part because of some of the complexities of deployment. The data we use [from the Ponemon Institute] estimates it at 14 to 15 per cent.” That data also indicates that 41 per cent of organizations say their biggest challenge with antivirus is complexity, deployment and management.

Managed Endpoint Defense provides that next-gen protection from Carbon Black, as a service, along with eSentire’s visibility into the threat landscape, to provide holistic and modern endpoint defense.

“We see tremendous value in introducing this kind of hardened endpoint, which will better protect our customers,” Blenkorn stated. “It will also make our SOC analysts more focused, and thus more effective.”

Managed Endpoint Defense offers initial set-up and ongoing, consultative, tuning and refinement of policies. It provides global threat intelligence integration from eSentire Managed Detection and Response, and uses integrated behavioral and cloud-based reputation to identify deceptive threats, together with endpoint isolation capabilities to prevent lateral spread.

“We see this as appealing primarily to the kind of clients who now buy our MDR,” Blenkorn indicated. “Midsize customers in particular are looking at these newer offerings, because they don’t want to deal with multiple agents on their endpoints. We think that the vast majority of customers are looking at this type of service, as they are looking at toolsets in the marketplace. Most haven’t yet made the decision, and we think this will appeal to them.”

Managed Endpoint Defense, powered by Carbon Black is sold as a separate SKU.

“We see this as a great opportunity for ourselves and our channel partners,” Blenkorn said. “It’s largely an untapped market, because the data indicate there are a lot of customers that have not yet gone this route. Theres a lot of appetite out for it. This will be a good revenue generation opportunity for partners, and is something they can sell on top of MDR.”