Artificial Intelligence & Machine Learning,
Managed Detection & Response (MDR),
Next-Generation Technologies & Secure Development
James Foster Emphasizes Importance of Agentic Security and Outsourcing Defense
James Foster, the newly appointed CEO of eSentire, intends to create artificial intelligence-driven systems designed for autonomous investigation, response, and coordination within various security contexts. This initiative represents a significant shift as eSentire moves beyond its traditional managed detection and response (MDR) framework towards agentic security, enhancing its ability to investigate, respond, and adapt to threats effectively.
Foster, who previously led ZeroFox, highlights the current transitional phase in the MDR sector, suggesting that by the end of the year, the nomenclature surrounding it might change altogether. “MDR is at a crucial inflection point, pushing towards broader adaptability,” he stated in an interview with ISMG. His experience at ZeroFox, where he guided the company from a niche focus to a comprehensive platform addressing digital risks, informs his strategy at eSentire.
Outsourcing Cyber Defense: A Growing Trend
With cyber attackers utilizing AI to accelerate their operations, organizations are under increased pressure to match that pace. Foster anticipates a widespread shift towards outsourcing cyber defense capabilities, recognizing the necessity for specialized providers capable of operating at machine speed. This transition indicates that managed and automated defense models are becoming essential rather than an option.
“In the coming years, virtually every company will turn to outsourced defense as offensive capabilities evolve through AI,” Foster noted. Despite this trend, many clients express a hesitance to fully relinquish human oversight, seeking a balance that incorporates both AI efficiency and human judgment. He considers establishing this equilibrium as one of the foremost unsolved challenges in cybersecurity.
eSentire’s investment in AI is significant, with hundreds of engineers dedicated to developing capabilities in this area, including through strategic acquisitions aimed at enhancing its infrastructure. Foster emphasizes the importance of their extensive historical dataset spanning 25 years, which serves as a robust foundation for training AI models, offering a competitive edge in threat detection and contextual response when compared to less experienced entrants.
Integrating Best-of-Breed Technologies
Positioning itself as a vendor-independent operational platform, eSentire aims to seamlessly integrate top-notch technologies across endpoint, network, cloud, and identity systems. This approach responds to the demand from Chief Information Security Officers (CISOs) for fewer vendors while maintaining the flexibility to select the best tools in each category.
Foster mentions that tasks that once required significant time from human analysts can now be accomplished in a matter of minutes through the collaborative efforts of AI agents. These agents have the capacity to correlate data from disparate systems, conduct contextual analyses, and provide actionable insights with remarkable efficiency.
With an agentic infrastructure in place that automates many Tier I tasks, eSentire is elevating its capabilities into Tier II and Tier III realms, aligning operational efficacy with the demands of today’s complex cybersecurity landscape.