James Foster Points to Agentic Security and Need for Customers to Outsource Defense
New eSentire CEO James Foster plans to build artificial intelligence-driven systems capable of autonomous investigation, response and coordination across diverse security environments.
See Also: AI Impersonation Is the New Arms Race—Is Your Workforce Ready?
The longtime leader of ZeroFox plans to push Waterloo, Ontario-based eSentire beyond traditional managed detection and response and into agentic security to better investigate, respond and adapt. This represents a broad category evolution similar to what Foster experienced at ZeroFox, which expanded from a niche focus into a broader platform addressing digital risk and external attack surfaces.
“I think the MDR space is at this really interesting inflection point in the industry where it’s not going to be called MDR by the end of the year,” Foster told ISMG. “I think that it’s moving on.”
Foster founded ZeroFox in 2013, took the company public in August 2022 at a $1.4 billion valuation by merging with a special purpose acquisition company and left the CEO role in conjunction with the firm’s sale private equity firm Haveli Investments for $350 million in May 2024. At eSentire, Foster replaces Kerry Bailey, who had served as the company’s CEO since February 2018 (see: AI-Driven Cyberthreats and Remote Work Challenges).
Why Organizations Are Looking to Outsource Cyber Defense
As attackers increasingly use AI to scale and speed their operations, defenders are under pressure to keep pace. As a result, Foster predicts that most organizations will move toward outsourcing their cyber defense capabilities, relying on specialized providers that can operate at machine speed. An inability to keep pace internally is making managed and automated defense models essential rather than optional.
“Every single company in the world is going to outsource defense over the next couple of years because the pace of play from offense is increasing through AI,” Foster said.
Despite the growing role of AI, Foster said customers are unwilling to fully relinquish human control, and instead seek a balance between automation and human oversight. Companies want the efficiency and scalability of AI but still require the judgment, accountability and trust that human experts provide. He sees defining this balance as one of the most important unsolved problems in cybersecurity today.
“Every single customer I’ve talked to has said something similar,” Foster said. “They’re like, ‘We want AI, we want the speed of AI, we want the contextual awareness of AI, but we want human trust, we want human control and we want this balance.'”
Foster said eSentire has hundreds of engineers working on AI initiatives and has been building these capabilities for years, including through acquisitions. This long-term investment has enabled eSentire to develop an agentic infrastructure for cyber defense capable of ingesting and analyzing data from multiple sources and automating complex investigative workflows, Foster said.
“We have hundreds of engineers working in AI,” Foster said. “We made an acquisition several years ago in the AI space. We’ve been working on this a long time.”
How eSentire Will Put Its Historical Dataset to Work
A key differentiator for eSentire is its extensive historical dataset due to having more than 25 years of threat intelligence and operational tradecraft, Foster said. This depth of data provides a strong foundation for training AI models, enabling more accurate detection and more context-aware responses compared to newer entrants that lack similar datasets, Foster said.
“One of the advantages that eSentire has versus any upstart competitor is we have 25 years of threat data and 25 years of tradecraft in our platform,” Foster said.
Rather than pushing customers toward a single integrated stack, eSentire positions itself as an independent platform that integrates best-of-breed technologies across endpoint, network, cloud and identity systems, Foster said. This approach aligns with what Foster hears from CISOs, who want both fewer vendors and the flexibility to use the best tools available in each category.
“We can be that vendor-independent operational platform that connects the required best of breed solutions together,” Foster said.
Foster said tasks that once took human analysts much longer can now be completed in approximately six minutes using multiple AI agents working in parallel. These agents can correlate signals from different systems, perform contextual analysis and generate actionable insights far more efficiently than traditional methods, he said.
“We have agentic infrastructure today automating almost all things Tier I,” Foster said. “We’ve elevated into different roles around Tier II and Tier III.”
Click Here For The Original Source.
