Endpoint Detection and Response EDR
EDR tools improve a company’s ability to detect and respond to outsider and insider threats; enhance a company’s speed and flexibility to contain any future attack or anomaly; and help a company manage data threats more effectively overall.
EDR tools act in concert with traditional signature-based antivirus solution, which are no longer enough to defend against data breaches. EDR solutions can supplement traditional signature-based technologies for more fulsome behavior-based anomaly detection and more powerful visibility across endpoints. For example, Advanced Persistent Threat Attacks or “APTs” are stealthy, sophisticated, targeted and relentless (typically) state sponsored attacks, which use customized targeted malware that can bypass traditional signature based off-the-shelf antivirus products. An EDR tool fills this void by providing insights into an APT attack as well as internal lateral movement of attackers while concurrently performing system/application scans to, for instance, monitor and contain the use of stolen credentials (an oft used APT tactic) across an internal network.