For VendorsBlog

Endpoint Detection and Response

Endpoint Detection and Response

Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.

While small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.

A managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.

The most popular products in category Endpoint Detection and Response All category products

VMware Carbon Black Cloud Endpoint Standard
0
0
FireEye Endpoint Security
4
0
Rapid7 insightIDR
7
14
McAfee MVISION EDR
14
12
Palo Alto Networks Traps
6
12
Cisco Advanced Malware Protection (Cisco AMP for Endpoints)
1
2
ESET Enterprise Inspector
5
5
Symantec Endpoint Detection and Response
20
17
Trend Micro Detection and Response
15
4
VMware Carbon Black Cloud Enterprise EDR
15
9
RSA NetWitness Endpoint
8
9
Sophos Intercept X
1
16

Compare of products in the category Endpoint Detection and Response

Please turn the screen for optimal content display

Compare: Endpoint Detection and Response

Characteristics

Advanced Malware Detection

Behavioral Analytics

Botnet Detection

Cloud-based Sandboxing

Alert Management Workflow

Risk Prioritization

Incident Auto-correlation

Incident Visualization

File Reputation

Event History

Remediation Task List

Termination of Malicious Activity

Registry Repair

NIC's Disabling

Platforms

  • Linux
  • macOS
  • Windows
  • Linux
  • macOS
  • Windows
  • Linux
  • macOS
  • Windows
  • Windows
  • Windows Server 2003-2016
  • Linux
  • macOS
  • Windows
  • Linux
  • macOS
  • Windows
  • Android
  • iOS
  • Windows
  • Android
  • Linux
  • macOS
  • Windows
  • Android
  • iOS
  • Linux
  • macOS
  • Windows
  • Android
  • iOS
  • macOS (limited)
  • Windows
  • Linux
  • macOS
  • Windows
  • macOS
  • Windows
  • Linux
  • macOS
  • Windows
Found mistake? Write us.

Suppliers Endpoint Detection and Response

Cisco
AUT...
  • AUT
  • AUS
  • BRA
  • CAN
  • CHN
  • DEU
  • ESP
  • FRA
  • GBR
  • HUN
  • MEX
  • NOR
  • POL
  • SGP
  • UKR
  • USA
ISSP
CAN...
  • CAN
  • GEO
  • KAZ
  • POL
  • UKR
  • USA
Rapid7
ARM...
  • ARM
  • AZE
  • GEO
  • KGZ
  • KAZ
  • MDA
  • TJK
  • TKM
  • UKR
  • UZB
Winncom Technologies
COL...
  • COL
  • FRA
  • HUN
  • IRL
  • UKR
  • USA
BestComp Group
AZE...
  • AZE
  • GEO
  • KGZ
  • TJK
  • TKM
Accenture (Deja vu Security)
ARG...
  • ARG
  • AUT
  • AUS
  • BEL
  • BRA
  • CAN
  • CHN
  • FIN
  • FRA
  • GBR
  • GRC
  • HUN
  • IDN
  • IRL
  • IND
  • MYS
  • NOR
  • PHL
  • POL
  • ROU
  • SAU
  • SGP
  • TUR
  • USA
Atos
ARE...
  • ARE
  • BRA
  • DEU
  • DNK
  • EST
  • EGY
  • ESP
  • FIN
  • FRA
  • GBR
  • IND
  • ITA
  • MAR
  • MEX
  • NLD
  • PHL
  • POL
  • ROU
  • SAU
  • SWE
  • SGP
  • TUR
  • USA
Bitdefender
ARE...
  • ARE
  • AUS
  • CAN
  • DEU
  • DNK
  • ESP
  • FRA
  • GBR
  • ITA
  • NLD
  • ROU
  • SWE
  • USA
Intetics
ARM...
  • ARM
  • DEU
  • GBR
  • POL
  • UKR
  • USA
ANYSOFT
UKR...
  • UKR
  • USA

Vendors Endpoint Detection and Response

Cisco
AUT...
  • AUT
  • AUS
  • BRA
  • CAN
  • CHN
  • DEU
  • ESP
  • FRA
  • GBR
  • HUN
  • MEX
  • NOR
  • POL
  • SGP
  • UKR
  • USA
Rapid7
ARM...
  • ARM
  • AZE
  • GEO
  • KGZ
  • KAZ
  • MDA
  • TJK
  • TKM
  • UKR
  • UZB
ESET
All countries
Accenture (Deja vu Security)
ARG...
  • ARG
  • AUT
  • AUS
  • BEL
  • BRA
  • CAN
  • CHN
  • FIN
  • FRA
  • GBR
  • GRC
  • HUN
  • IDN
  • IRL
  • IND
  • MYS
  • NOR
  • PHL
  • POL
  • ROU
  • SAU
  • SGP
  • TUR
  • USA
Palo Alto Networks
ARE...
  • ARE
  • AUT
  • AUS
  • BEL
  • BRA
  • CAN
  • CHE
  • CHN
  • CZE
  • DEU
  • DNK
  • ESP
  • FIN
  • FRA
  • GBR
  • GRC
  • IDN
  • ISR
  • IND
  • ITA
  • JPN
  • KOR
  • MEX
  • MYS
  • NLD
  • NOR
  • NZL
  • PHL
  • PRT
  • QAT
  • SAU
  • SWE
  • SGP
  • THA
  • TUR
  • TWN
  • USA
  • VNM
Bitdefender
ARE...
  • ARE
  • AUS
  • CAN
  • DEU
  • DNK
  • ESP
  • FRA
  • GBR
  • ITA
  • NLD
  • ROU
  • SWE
  • USA
Intetics
ARM...
  • ARM
  • DEU
  • GBR
  • POL
  • UKR
  • USA
Fenror7
DEU...
  • DEU
  • ISR
  • USA
Malwarebytes
EST...
  • EST
  • IRL
  • USA

F.A.Q. about Endpoint Detection and Response

What is Endpoint detection and response (EDR)?

Endpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.

What are the Key Aspects of EDR Security?

According to Gartner, effective EDR must include the following capabilities:

  • Incident data search and investigation
  • Alert triage or suspicious activity validation
  • Suspicious activity detection
  • Threat hunting or data exploration
  • Stopping malicious activity

What to look for in an EDR Solution?

Understanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:

1. Visibility: Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.

2. Threat Database: Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.

3. Behavioral Protection: Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.

4. Insight and Intelligence: An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.

5. Fast Response: EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.

6. Cloud-based Solution: Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time.

Materials