1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Endpoint Detection and Response (EDR): What’s Important?

Discussion in 'Network World' started by RSS, Jun 9, 2016.

  1. RSS

    RSS New Member Member

    My colleagues Doug Cahill, Kyle Prigmore and I recently completed a research project on next-generation endpoint security. We determined that there are actually two distinct product categories within next-generation endpoint security: Advanced prevention and advanced detection and response (aka EDR).

    While most firms seem to be gravitating toward advanced prevention, massive enterprise organizations tend to move in the opposite direction by evaluating, testing, and deploying EDR products. Why? These organizations have large cybersecurity teams with lots of experience so they are willing to dedicate resources toward more complex projects. Furthermore, many of these enterprise organizations are already investing in security analytics by collecting, processing, and analyzing data from numerous disparate sources (i.e. network forensics, events/logs, threat intelligence, etc.). Endpoint forensic data is a natural extension of these cybersecurity analytics efforts.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page