Enterprise Cloud and AI Security Architect at Wipro Technologies London
Real User
Top 5
2025-02-06T14:00:19Z
Feb 6, 2025
For me, I only use EDRÂ like how CrowdStrike Falcon software is sufficient enough to protect IT assets. For additional layer of security, when your IT assets are accessed from the outside Internet, please ensure NAC (Network Access Control) capability is implemented and in place at the enterprise level to provide the enterprise level security.
Search for a product comparison in IT Asset Management
The short answer is no. EDR includes EPP (EndPoint Protection) which is more advanced that antivirus and detects zero-day threats, malicious behaviour and much more.Â
Also, products like SentinelOne make Incident Response and threat hunting so much easier because they track and record all the relevant events happened during an attack.
When evaluating EDR vs. antivirus, it’s important to note that an Endpoint Detection and Response solution does all that the best antivirus product does – and more. Typically it is recommended other antivirus tools be removed when an EDR solution is installed.Â
Running both can cause slowness or other technical issues on systems and devices. To defend against complex and evolving threats, the choice is clear – Endpoint Detection and Response will give you more advanced security.
EDR Features: 1. EDR includes real-time monitoring and detection of threats – including those that may not be easily recognized or defined by standard antivirus. Also, EDR is behavior-based, so it can detect unknown threats based on a behavior that isn’t normal.
2. Data collection and analysis determine threat patterns and alerts organizations to threats
3. Forensic capabilities can assist in determining what has happened during a security event
4. EDR can isolate and quarantine suspicious or infected items. It often uses sandboxing to ensure a file’s safety without disrupting the user’s system.
5. EDR can include automated remediation or removal of certain threats
Antivirus Features:
1. Antivirus is signature-based, so it only recognizes threats that are known.
2. AV can include scheduled or regular scanning of protected devices to detect known threats
3. Assists in the removal of more basic viruses (worms, trojans, malware, adware, spyware, etc.)
There is a lot of discussion on this topic, and opinions vary. Some people believe that using both an EDR solution and an AV solution is the best way to protect your computer, while others believe that using one or the other is sufficient.
The truth is that there is no one right answer. The best way to protect your computer is to use a combination of both EDR and AV solutions, as this will provide the most comprehensive protection. However, if you are only able to use one or the other, then it is better to use an EDR solution rather than an antivirus.
The crypto Currency Authorities should monitor every Brokers and Account Managers activities, I lost over $230,000 to unregulated Brokers who convinced me into investing my capital. After some successful trades and my profit increased I made a withdrawal request but surprisingly all my withdrawal requests were declined. I contacted their customer service unit but I was not given a meaningful Reason why my request was declined. I tried all I could to withdraw my fund but no solution , at the end I lost all my capital without a single profit return .In search for help on how to get my money back I was directed to contact Mrs.Olivia Trader who work with crypto Currency authorities, I contacted him and explained my situation to him , he requested for some details about the broker and concerning my investment, I forwarded all the details to him. It was all like a dream , through him I was able to get back all my money , please don’t sit back and cry when you facing difficulties in withdrawing your profit or you totally lost your funds to any Broker or Account Manager , kindly contact Mrs. Olivia Trader with his email below I assure you a successful recovery of your funds olivia trader 44  at g mail.c 0om and he will guide you on steps to take.
Network Security Services at ACE Managed Securty Services
Real User
Top 5
2022-12-13T04:23:45Z
Dec 13, 2022
It depends on your organization's security posture. A multi-layered security approach is always best and should include EDR vs antivirus solutions. Additional layers might include a firewall, intrusion detection/prevention system (IDS/IPS), email security, and web filtering.
EDR solutions use rules-based detection to identify malicious or unauthorized activity. This type of detection is very effective at identifying attacks that have bypassed traditional AV solutions. EDR solutions can also help you quickly identify and respond to incidents, improve your visibility into what's happening on your network, and help you optimize your security resources.
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 10
2022-08-05T18:53:35Z
Aug 5, 2022
´til now, both. EDR technology is moving to XDR but is on "peak of inflated expectations", the second of five phases in product development hype (Gartner). I'd rather wait a little bit, may be ZDR :)
No, you don't need both because EDR is an advanced Antivirus with behavior-based analysis.Â
Unless you have a whole team that is able to determine and parse the data, you might even consider an MDR (Managed Detection & Response). MDRs have a team watching the alerts. They monitor the device logs and, if it is advanced enough, they will also monitor your firewall traffic as well.
Product Manager at a comms service provider with 51-200 employees
Real User
2022-06-24T13:45:19Z
Jun 24, 2022
These two solutions are more like complementary tools.Â
However, if you "really" have a security team that works 24/7, then you might not need an AV but this team should be really competent. Otherwise, it won't produce the result you're expecting.
Endpoint Detection and Response (EDR) is a cybersecurity solution that focuses on detecting, investigating, and mitigating advanced cyber threats at the endpoint level. Organizations use EDR solutions to enhance their threat detection capabilities and respond effectively to security incidents.
EDR solutions combine real-time continuous monitoring and collection of endpoint data with rule-based automated response and analysis capabilities. This enables organizations to rapidly identify and...
For me, I only use EDRÂ like how CrowdStrike Falcon software is sufficient enough to protect IT assets. For additional layer of security, when your IT assets are accessed from the outside Internet, please ensure NAC (Network Access Control) capability is implemented and in place at the enterprise level to provide the enterprise level security.
The short answer is no. EDR includes EPP (EndPoint Protection) which is more advanced that antivirus and detects zero-day threats, malicious behaviour and much more.Â
Also, products like SentinelOne make Incident Response and threat hunting so much easier because they track and record all the relevant events happened during an attack.
Hi @reviewer1740369​,
When evaluating EDR vs. antivirus, it’s important to note that an Endpoint Detection and Response solution does all that the best antivirus product does – and more. Typically it is recommended other antivirus tools be removed when an EDR solution is installed.Â
Running both can cause slowness or other technical issues on systems and devices. To defend against complex and evolving threats, the choice is clear – Endpoint Detection and Response will give you more advanced security.
Hi @reviewer1740369​,
Hope this will be helpful when you have to take a call for exact differences.
EDR Features:
1. EDR includes real-time monitoring and detection of threats – including those that may not be easily recognized or defined by standard antivirus. Also, EDR is behavior-based, so it can detect unknown threats based on a behavior that isn’t normal.
2. Data collection and analysis determine threat patterns and alerts organizations to threats
3. Forensic capabilities can assist in determining what has happened during a security event
4. EDR can isolate and quarantine suspicious or infected items. It often uses sandboxing to ensure a file’s safety without disrupting the user’s system.
5. EDR can include automated remediation or removal of certain threats
Antivirus Features:
1. Antivirus is signature-based, so it only recognizes threats that are known.
2. AV can include scheduled or regular scanning of protected devices to detect known threats
3. Assists in the removal of more basic viruses (worms, trojans, malware, adware, spyware, etc.)
4. Warnings about possibly malicious sites
There is a lot of discussion on this topic, and opinions vary. Some people believe that using both an EDR solution and an AV solution is the best way to protect your computer, while others believe that using one or the other is sufficient.
The truth is that there is no one right answer. The best way to protect your computer is to use a combination of both EDR and AV solutions, as this will provide the most comprehensive protection. However, if you are only able to use one or the other, then it is better to use an EDR solution rather than an antivirus.
@Navcharan SinghÂ
It depends on your organization's security posture. A multi-layered security approach is always best and should include EDR vs antivirus solutions. Additional layers might include a firewall, intrusion detection/prevention system (IDS/IPS), email security, and web filtering.
EDR solutions use rules-based detection to identify malicious or unauthorized activity. This type of detection is very effective at identifying attacks that have bypassed traditional AV solutions. EDR solutions can also help you quickly identify and respond to incidents, improve your visibility into what's happening on your network, and help you optimize your security resources.
´til now, both. EDR technology is moving to XDR but is on "peak of inflated expectations", the second of five phases in product development hype (Gartner). I'd rather wait a little bit, may be ZDR :)
Hi,Â
No, you don't need both because EDR is an advanced Antivirus with behavior-based analysis.Â
Unless you have a whole team that is able to determine and parse the data, you might even consider an MDR (Managed Detection & Response). MDRs have a team watching the alerts. They monitor the device logs and, if it is advanced enough, they will also monitor your firewall traffic as well.
These two solutions are more like complementary tools.Â
However, if you "really" have a security team that works 24/7, then you might not need an AV but this team should be really competent. Otherwise, it won't produce the result you're expecting.