Senior Consultant at a tech services company with 11-50 employees
Real User
Top 10
2022-01-28T16:27:33Z
Jan 28, 2022
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
Works at a tech services company with 11-50 employees
Real User
2022-01-28T01:51:47Z
Jan 28, 2022
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
A business endpoint is any device (such as mobile phone, desktop, laptop, tablet, server, or any virtual environment) that is physically an endpoint on a business’s enterprise computer network.
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
@Chetan Woodun Thanks for your views.
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
@Alan, Thanks for your response.
Any suggestions on the tools/solutions that you have used?