Endpoint Detection and Response (EDR) is an emerging technology. The term defines a
category of tools and solutions that focus on detecting, investigating, and mitigating
suspicious activities and issues on hosts and endpoints.
Advanced persistent threats and customized targeted malware attack toolkits are intentionally bypassing traditional signature-based antivirus solutions. Endpoint detection and response solutions supplement traditional signature-based technologies for richer behavior-based anomaly detection and visibility across endpoints.
Endpoint detection and response tools offer greater visibility into endpoint data that’s relevant for detecting and mitigating advanced threats, limiting sensitive data loss, and reducing the risk of devastating data breaches occurring on endpoints. Endpoint detection and response tools are complimentary to a variety of other security measures and solutions as well, including data loss prevention (DLP) solutions, security information and event management (SIEM), network forensics tools (NFT), and advanced threat defense (ATD) appliances.