What is Endpoint detection and response (EDR)?
Endpoint detection and response (EDR), also known as endpoint threat detection and response (ETDR), is an integrated endpoint security solution that continuously monitors and collects endpoint data in real-time, and combines these with rule-based automatic response and analysis possibilities. The term was coined at Gartner to describe upcoming security systems that detect and analyse suspicious activity. These are mostly automatic systems that are capable of enabling security teams to rapidly identify threats and react.
The primary functions of an EDR security system are:
• Protect and detect endpoint activity data that might point to a threat.
• Analyse this data to identify threat patterns.
• Automatically react to identified threats to remove or suppress these, while notifying security personnel.
• Forensic and analysis instruments for researching identified threats and searching for suspicious activity.
Why is EDR important?
Compared to traditional security solutions, EDR offers better insight into endpoints and ensures a faster response. Additionally, EDR tools detect and protect your organisation from advanced forms of malware (such as polymorphic malware), APTs, phishing, etc. It is also worth noting that EDR solutions are based on machine learning algorithms that were designed to track down unknown types of malware. In essence, when certain files seem to behave maliciously (i.e. comparable to known types of malware), they will not succeed in trying to circumvent the EDR solutions.
Would you like to know more?
Get in touch today.
Read in-depth articles
Do you want to know more about online security and our mission to make the internet safer for everyone?
Become our partner
Networking4all is ready to make the next entry in our timeline. We would love to include you in the next step as our partner. Do you want to read more about our mission and the possibility of a partnership?