Case Study: UK-Headquartered Investment Management Company achieves 22-minute compromise-to-containment with eSentire

eSentire Dispatches Sophisticated Attacker Before Business Disruption

UK-Headquartered Investment Management Company faced a targeted compromise after an employee fell for social engineering and downloaded a malicious JavaScript file that opened a remote control channel and later executed PowerShell for lateral movement, putting client data and the firm’s financial and reputational standing at risk. eSentire was engaged to monitor and respond using its SOC and managed detection capabilities.

eSentire’s SOC, using eSentire MDR for Endpoint, eSentire MDR for Network and its BlueSteel machine‑learning detection, identified the JS download, the malicious web redirect and the PowerShell activity, then isolated the three compromised hosts and terminated the attacker’s command‑and‑control channel. The attacker’s dwell time was limited to 22 minutes from initial compromise to containment, preventing further spread and business disruption and helping the company justify its investment in eSentire to the Board.