Sold by: eSENTIRE
Deployed on AWS
eSentire Threat Intelligence offers high-fidelity Indicators of Compromise (IOCs), rigorously vetted by eSentire experts. Use our cyber threat intelligence feed across your existing security tool stack to reduce false positive alerts and enhance your threat detection and response capabilities.
4.6
Overview
Mediocre threat intelligence has become common in cybersecurity, causing many security leaders to collect multiple threat intelligence feeds that have redundant, outdated data. Inaccurate threat intelligence sources can lead to false positives that waste valuable resources.
The eSentire Threat Intelligence feed offers a curated list of high-fidelity Indicators of Compromise (IOCs), meticulously vetted and approved by our Elite Threat Hunters and Threat Response Unit (TRU), so you can confidently integrate the actionable intelligence into your existing security tool stack.
Integrate our threat intelligence feed with your existing tools (e.g., firewalls, email servers, EDR) using the STIX™ format for a cost-effective approach to operationalize threat intelligence and enhance detection capabilities.
With coverage of 71 industries and a 99% true positive rate, leveraging our high-quality threat intelligence feed allows you to focus your threat detection and response on the critical threats that matter, not false positives.
The result? Your team can cut the noise, minimize false positive alerts, and improve the automated blocking capabilities of known cyber threats.
Highlights
- Get access to IOCs with 95% true positive rate that have been verified by our Elite Threat Hunters and Threat Response Unit (TRU).
- Our threat feed is refreshed every 24 hours and every IOC in the feed has been observed in positive investigations across customer environments, significantly reducing the number of false positives.
- Cover a broad spectrum of potential threats and malicious activities with multiple IOCs (i.e., IP addresses, domain names, file hashes) so your team can improve your detection accuracy and gain full context into the threat.
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
Pricing is based on the duration and terms of your contract with the vendor. This entitles you to a specified quantity of use for the contract duration. If you choose not to renew or replace your contract before it ends, access to these entitlements will expire.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Dimension | Description | Cost/12 months |
|---|---|---|
eSentire Threat Intelligence Feed | API access for organizations up to 250 users | $20,650.00 |
Vendor refund policy
All orders and fees are non-cancellable and non-refundable once placed except as required by law.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Software as a Service (SaaS)
SaaS delivers cloud-based software applications directly to customers over the internet. You can access these applications through a subscription model. You will pay recurring monthly usage fees through your AWS bill, while AWS handles deployment and infrastructure management, ensuring scalability, reliability, and seamless integration with other AWS services.
Resources
Vendor resources
Support
Vendor support
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
eSentire MDR for Endpoint offers you the flexibility and choice of leveraging technology platforms from our best in class ecosystem of endpoint partners. We also go beyond other MDR providers by developing custom detection engineering based on our threat intelligence and proprietary Machine Learning (ML) applications that hunt and respond to endpoint threats.
eSentire MDR for Log provides critical visibility, data correlation, deep investigation and enhanced threat detection enabling complete response across your multi-cloud or hybrid environments.
See and understand cloud changes at scale without requiring manual interventions by your team every time a new cloud service or technology is adopted. Our Cloud Workload Protection Platform (CWPP) offering runs natively in the cloud and provides continuous build to run-time threat detection, behavioral anomaly detection, and compliance across multi-cloud environments, workloads, accounts, containers, and Kubernetes.
eSentire MDR for Network on AWS provides deep packet inspection and real-time traffic interruption capabilities at virtual firewalls in AWS cloud when malicious activities are detected, reducing the mean time to detect, and respond (MTTR).
Customer reviews
Stanley C.
Proactive MDR with Stellar Integration and Exceptional Support
Reviewed on Dec 17, 2025
Review provided by G2
What do you like best about the product?
eSentire delivers truly proactive Managed Detection and Response. Their SOC analysts are fast, transparent, and consistently on point detecting, investigating, and containing threats quickly across endpoint, network, and cloud. The Threat Center portal is excellent: AI-generated case summaries, clear timelines, and investigation artifacts make it easy to understand what happened and why decisions were made.
Integration depth is a standout. eSentire works smoothly alongside Microsoft 365 Defender, giving us end-to-end visibility without duplicating effort. Their Managed Phishing & Security Awareness program is practical and measurable, and regular Quarterly Service Reviews keep strategy, action items, and escalation plans aligned. Having access to on‑demand Incident Response and advisory adds confidence for high‑stakes situations.
Integration depth is a standout. eSentire works smoothly alongside Microsoft 365 Defender, giving us end-to-end visibility without duplicating effort. Their Managed Phishing & Security Awareness program is practical and measurable, and regular Quarterly Service Reviews keep strategy, action items, and escalation plans aligned. Having access to on‑demand Incident Response and advisory adds confidence for high‑stakes situations.
What do you dislike about the product?
As with most mature MDR platforms, some periodic tuning is necessary to minimize noise and ensure policies are properly aligned. Occasionally, portal features are introduced in stages, which means that UI and feature consistency may not always match what is described in the release notes right away. While the pricing is reasonable for the capabilities offered, it is not the lowest available. However, in our experience, the quality of service and the speed of response more than justify the premium.
What problems is the product solving and how is that benefiting you?
We depend on eSentire for around-the-clock MDR, which helps minimize dwell time and reduce business risk across our hybrid infrastructure. Their services enable us to centralize threat detections, speed up incident response, and improve configurations that could otherwise leave us vulnerable. The security awareness and phishing program targets the human element, while their advisory and incident response services enhance our policies, readiness, and compliance.
Information Technology and Services
Essential Partner for Robust Cybersecurity Operations
Reviewed on Dec 17, 2025
Review provided by G2
What do you like best about the product?
eSentire has proven to be a valuable asset to our cybersecurity operations as our SOC. The ongoing log collection, activity monitoring, and prompt incident remediation and escalation have all contributed to strengthening our company’s security posture. Additionally, the simulated phishing campaigns and the comprehensive end-user training catalog have further enhanced our organization’s cybersecurity efforts.
What do you dislike about the product?
It has become clear that our company requires ongoing reminders to stay vigilant about cyber-security. This ongoing need highlights the importance of maintaining awareness within our organization.
What problems is the product solving and how is that benefiting you?
eSentire supplements our internal IT team by assisting with ongoing cybersecurity operations. The platform provides clear dashboards, continuous user training, and keeps us informed about SOC incidents.
Jason P.
Outstanding Service Range and Exceptional Support
Reviewed on Dec 13, 2025
Review provided by G2
What do you like best about the product?
Broad range of services; friendly and helpful account and customer success teams; up-to-date threat landscape news and vulnerability reports.
What do you dislike about the product?
Log ingestion and overage issues requiring manual adjustments.
Escalation process confusion in the Insight Portal.
Occasional CPU spikes during Nessus scans, needing timeline changes
Escalation process confusion in the Insight Portal.
Occasional CPU spikes during Nessus scans, needing timeline changes
What problems is the product solving and how is that benefiting you?
We have a small security team so outsourcing our SIEM and EDR solutions to eSentire takes a lot of time and effort of our plates and strengthens our security posture.
Rod D.
Top-Notch Security and Seamless Integration
Reviewed on Dec 11, 2025
Review provided by G2
What do you like best about the product?
We use eSentire as our Security Operations Center (SOC) and Managed Detection and Response (MDR) partner. I appreciate the very complete and thorough analysis they provide, as well as their quick response and how easy they are to work with. They significantly reduce the noise from alerts. eSentire does more than just send alerts and recommend actions; they dive into problems, analyzing why they happened, giving us far more detail than just monitoring alerts. The initial setup was extremely easy, ranking as one of the top 1 or 2 easiest integrations I've experienced, which is impressive given the scope. Their service is very good.
What do you dislike about the product?
Nothing to note
What problems is the product solving and how is that benefiting you?
I use eSentire for 24x7 security monitoring and quick endpoint isolation. It cuts down alert noise and provides detailed problem analysis beyond just alerts, helping us understand issues better.
Kevin V.
Robust Security Solution with Stellar Support
Reviewed on Dec 11, 2025
Review provided by G2
What do you like best about the product?
I like that eSentire is well priced and their playbooks are aligned with our tech stack. They have a great team to work with. I also value their SIEM, EDR, and dark web monitoring, which are important tools for us. Additionally, the initial setup was very easy, and we were up and running within a month.
What do you dislike about the product?
I would love for them to have something that could understand our platform.
What problems is the product solving and how is that benefiting you?
eSentire provides us with 24/7 coverage for our security team.