[Term of the Day]: Endpoint Detection and Response

Term of the Day

“Endpoint Detection and Response”

Definition — What is EDR?

Endpoint Detection and Response (EDR) is the latest trending security solution in the world of cybersecurity. EDR focuses on securing a network and enhancing connected endpoints’ visibility, the term EDR was first coined by Anton Chuvakin, research director at the Gartner in July 2013. Traditional cybersecurity solutions work by monitoring for predefined malicious actions. For example, anti-virus software can identify potentially harmful files, because it checks data from files on computers against a database of known viruses. Once identified, the anti-virus software can isolate and remove the data; however, it must discover the virus before it can act. In the meantime, the virus is running in the background, multiplying, and compromise sensitive data. Due to the pandemic(Covid-19) situation, remote work has become more common, strong endpoint security is an increasingly vital component of any organization’s cybersecurity strategy.

EDR solution can provide protection to the company network by containing the threat and keeping it from spreading. It works in real-time by monitoring, collecting, and recording data to identify and detect malicious behavior. It has the capability to analyze the nature of the threat and give the IT team information regarding how it was initiated, which parts of the network it has attacked, what it is currently doing, and how to stop the attack altogether. With a full understanding of EDR and how it can bolster your security measures, you can choose the best EDR for your network. Incorporating EDR can improve the security of both the devices connected to your network and your overall IT system.