Senior Consultant at a tech services company with 11-50 employees
Real User
2022-01-28T16:27:33Z
Jan 28, 2022
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
Works at a tech services company with 11-50 employees
Real User
2022-01-28T01:51:47Z
Jan 28, 2022
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
Endpoint Detection and Response (EDR) is a cybersecurity solution that focuses on detecting, investigating, and mitigating advanced cyber threats at the endpoint level. Organizations use EDR solutions to enhance their threat detection capabilities and respond effectively to security incidents.
EDR solutions combine real-time continuous monitoring and collection of endpoint data with rule-based automated response and analysis capabilities. This enables organizations to rapidly identify and...
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
@Chetan Woodun Thanks for your views.
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
@Alan, Thanks for your response.
Any suggestions on the tools/solutions that you have used?