eSentire, Inc., the global leader in Managed Detection and Response (MDR), keeps organizations safe from constantly evolving cyberattacks that technology alone cannot prevent. Its 24x7 Security Operations Center (SOC), sta�ed by elite security analysts, hunts, investigates, and responds in real-time to known and unknown threats before they become business disrupting events. Protecting more than $6 trillion AUM, eSentire absorbs the complexity of cybersecurity, delivering enterprise-grade protection and the ability to comply with growing regulatory requirements. For more information, visit www.esentire.com and follow @eSentire.

The problem: Prevention technology is not enough and your security sta� can’t keep up

How can you prevent unknown zero-day attacks?

Threat actors continuously find ways to circumvent endpoint detection, so your defenses must continuously evolve to stay ahead of new attacker behaviors.

Organizations that experienced an endpoint attack which compromised data assets and/or IT infrastructure.1

Technology tools and automation are an important piece of the puzzle for stopping known attacks in their tracks, but you cannot ring an alarm on the elusive. Understanding and predicting attacker behavior is a critical component in the evolution of endpoint security.

The solution: Modern endpoint security

You need a holistic endpoint security solution that combines leading endpoint protection technology and predictive security modeling with 24x7 monitoring, machine learning and elite threat hunting to enable organizations to detect and stop the elusive.

eSentire esENDPOINT, powered by VMware Carbon Black

esENDPOINT combines eSentire’s elite threat hunting with VMware Carbon Black’s next-generation antivirus and EDR capabilities to eliminate blind spots traditional prevention misses. VMware Carbon Black’s predictive threat modeling combines with eSentire’s proprietary machine learning technology to continuously tune the latest detection measures to prevent known attacks and identify potential unknown and zero-day threats. Recognized threats are automatically blocked at the endpoint with VMware Carbon Black’s technology and an elite team of eSentire’s threat hunters rapidly investigate and neutralize the most elusive of threats, preventing lateral spread.

VMware software powers the world’s complex digital infrastructure. The company’s cloud, networking and security, and digital workspace o�erings provide a dynamic and e�cient digital foundation to customers globally, aided by an extensive ecosystem of partners. Headquartered in Palo Alto, California, VMware is committed to being a force for good, from its breakthrough innovations to its global impact. For more information, please visit https://www.vmware.com/company.html VMware and Carbon Black are registered trademarks or trademarks of VMware, Inc. or its subsidiaries in the United States and other jurisdictions. This article may contain hyperlinks to non-VMware websites that are created and maintained by third parties who are solely responsible for the content on such websites.

1,2,3 The Third Annual Study on the State of Endpoint Security Risk – Ponemon Institute, January 2020, 4 VMware Carbon Black - 2020 Cybersecurity Outlook Report, 5 Source: a commissioned study conducted by Forrester Consulting on behalf of VMware, January 2020, 6,7 The Third Annual Study on the State of Endpoint Security Risk – Ponemon Institute, January 2020, 8 VMware Carbon Black - 2020 Cybersecurity Outlook Report

The best defense is a good o�ense

Top 10 Malware Behaviors of 2019*

Attacker behavior continues to evolve and become more evasive. VMware Carbon Black observed evasion behaviors in 90% of malware samples analyzed, a clear indication that attackers are increasingly attempting to circumvent legacy security solutions.8

Defenders need to shift from a purely prevention (blocking) mindset to a behavioral (hunting) methodology.

Attacks respondents believe antivirus misses.7

Traditional Antivirus:

Endpoint detection and response (EDR) technology:Successful endpoint breaches that

are new zero-day attacks.2

Of organizations say it is likely they will experience a new or unknown zero-day attack.3

VMware Carbon Black security experts observed

defense evasion behavior in 90% of malware

and 95% of ransomware samples analyzed.4

Do not have the sta� to support the technology.6

Of IT and security respondents report teams are understa�ed.5

Defense Evasion: Software Packing

Defense Evasion: Hidden Window

Command & Control: Standard Application Layer Protocol

Discovery: Process Discovery Persistence: Registry Run Keys/ Startup Folder

Defense Evasion: Modify Registry

Defense Evasion: Visualization/Sandbox Evasion

Discovery: File & Directory Discovery

Command & Control Lateral Movement: Remote File Copy

Discovery: Time Discovery

*Source:VMware Carbon Black

800600400200

TOTAL COUNT

0

Turning the Elusive into the TangibleUnderstand cyberattacker behavior to e�ectively hunt endpoint threats.