Endpoint Detection & Response (EDR)
Data loss via Advanced Persistent Threats (APT), Insider Threat, and other vectors remains a top concern of businesses worldwide. EDR tools are becoming more widely used to help detect and remediate these kinds of threats. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for EDR tools.
1 How to use the Buyer‘s Compass
This KuppingerCole Buyer’s Compass on Endpoint Detection and Response (EDR) provides information about
- Use Cases
- Functional Selection Criteria
- Non-functional Selection Criteria
- Technical Prerequisites
- Organizational Prerequisites
- Questions to ask the vendors
By focusing on the most important aspects of product selection during and RFI/RFP cycle, end-user organizations can more efficiently select the subset of available products to evaluate, based on the experience of KuppingerCole from our research and advisory services.
This document is not a complete guideline for selecting vendors but should provide an excellent starting point to streamline the decision-making process.
How to use it:
- Identify your primary use cases
- Review the functional selection criteria – their weight might be based on the matrix of these use cases and the functional selection criteria
- Review the non-functional selection criteria
- Request information and rate the vendors on these criteria
- Ask additional questions of the vendors, as defined
- Define a shortlist of vendors based on the results and continue with the vendor selection process, with more detailed RFIs and PoCs
- Ensure that the technical and organizational prerequisites are in place.
Note: This Buyer’s Compass addresses detection of threats present, signs of compromise, and possible automatic remediation processes for endpoint systems. A complete cybersecurity architecture must include network layer defenses as well, such as content-aware perimeter firewalls, web application firewalls, email gateway scanners, SIEM, and forensic tools. There are additional considerations and questions that are involved in preparing procurement processes for these different types of solutions.
There are related documents available from KuppingerCole. KuppingerCole Advisory Services can provide further support in the vendor selection processes.