eSentire scales elite cybersecurity expertise with Claude in Amazon Bedrock
Industry:
Cybersecurity
Company size:
Medium
Product:
Claude Developer Platform
Location:
North America
95% accuracy
matching top SOC analysts
$1M+ revenue
from platform licensing
The problem
The solution
eSentire uses Claude in Amazon Bedrock to replicate their top analysts' investigative processes, enabling the authority in managed detection and response to deliver expert-level security analysis to new markets while deepening engagement with current customers.
Key results with Claude in Amazon Bedrock:
- 95% validation accuracy matching top Security Operations Center (SOC) analysts across 1,000 investigations
- 99.3% threat suppression rate containing threats at first contact
- Over $1M in new revenue from platform licensing to security service providers
- 5 hours to 7 minutes for expert-grade analysis in critical first minutes of an attack
- Months to days for development and deployment cycles
Replicating elite security expertise at enterprise scale
As the authority in managed detection and response (MDR), eSentire protects critical infrastructure organizations in 80+ countries. With their Atlas Platform successfully delivering complete threat resolution, the company set their sights on a bigger opportunity: expanding to new markets while deepening customer engagement through enhanced security operations.
"We needed to deliver expert-level investigation precision at scale while enhancing transparency of threat resolution outcomes," said Dustin Hillard, CTO at eSentire. The goal was enabling existing security experts to amplify their capabilities, protecting more customers while deepening threat analysis in every investigation.
Why Claude in Amazon Bedrock for security investigations
eSentire evaluated multiple AI models across real-world security scenarios. Hillard notes, "Claude 3.5 provided the highest performance for complex security reasoning at the time, and 3.7 and 4 have only improved on that. Claude's agentic capabilities excelled at orchestrating multi-tool workflows while maintaining investigative coherence—essential for their MDR approach.
Amazon Bedrock provided the enterprise-grade security and infrastructure eSentire needed for sensitive intelligence. The fully managed service eliminated deployment complexity while ensuring strict security controls for critical infrastructure clients. Through Amazon Bedrock, eSentire accessed Claude's advanced capabilities while maintaining compliance standards their customers demanded.
Claude's intelligent tool selection mirrored expert analyst approaches to complex threat analysis. The model synthesized evidence from multiple sources, correlated disparate security events, and incorporated findings into comprehensive conclusions. Most importantly, Claude replicated the multi-step investigative processes that define expert-level security analysis while maintaining consistency across diverse threat scenarios.
Claude transforms threat investigation across the Atlas Platform
eSentire integrated Claude across critical areas of their Atlas Platform:
- Autonomous Threat Investigation: Claude replicates top SOC analysts' analytical processes, delivering consistent expert-level analysis through dynamic investigation workflows
- Natural Language Security Intelligence: Customers query security data conversationally, receiving comprehensive threat analysis accessible to technical and non-technical stakeholders
- Intelligent Log Analysis: Claude enables natural language searches of complex log data, transforming technical exploration into intuitive interactions
- Strategic Security Assessment: Claude synthesizes investigation data, vulnerability assessments, and threat intelligence to generate comprehensive security posture recommendations
Implementation evolved through careful phases from deterministic workflows to sophisticated autonomous capabilities. eSentire conducted rigorous validation using 1,000 real-world investigations, comparing Claude's decisions against their most senior SOC experts and achieving 95% alignment across diverse scenarios.
Transforming security delivery and creating new business models
Claude transformed both eSentire's operational capabilities and business model. The company now delivers what previously required 5 hours of expert analysis in under 7 minutes, maintaining 95% alignment with top analysts and achieving 99.3% initial host threat suppression.
This transformation enabled a new business model through platform licensing. By embedding Claude's autonomous investigation capabilities into Atlas Platform, they created a system sophisticated enough for third-party security service providers to license for their own MDR services. This approach generated over $1 million in new bookings, extending eSentire's reach while monetizing their investigative intelligence.
"The quality and depth of Atlas's AI investigation is unprecedented. It enabled us to bring full high-quality MDR service to the India market with speed and differentiation," said Kishore Uppalapati, CEO of Qylis, eSentire's first platform partner.
For direct customers, Claude enhanced both depth and transparency of security analysis. Every customer receives comprehensive, evidence-based investigations with clear explanations of security decisions. This transparency strengthened customer trust and enabled faster response times. The autonomous system handles routine investigative tasks, allowing human experts to focus on strategic threat hunting and complex scenarios.
Pioneering autonomous cybersecurity's future
eSentire envisions autonomous AI democratizing expert-level cybersecurity knowledge and transforming how security teams allocate expertise. Their goal is to have AI handle repeatable investigative tasks, enabling analysts to focus on anticipating attacker moves, understanding campaign objectives, and developing creative countermeasures.
The company is expanding autonomous capabilities to identify sophisticated threat campaigns across multiple customers and timeframes. This will enable proactive intelligence that anticipates attacker evolution. They're developing comprehensive security program assessment capabilities that combine historical threat data, vulnerability intelligence, and customer context understanding to provide actionable resilience recommendations.
"We're establishing the gold standard for how AI can deliver quantifiable, trusted security excellence at scale," Hillard explains. eSentire's collaboration with Anthropic focuses on pushing autonomous reasoning boundaries in security contexts, pioneering multi-agent collaboration approaches, developing advanced adversarial simulation capabilities, and creating adaptive learning frameworks that evolve with changing threat landscapes.
Video caption
Video caption
Video caption