Do I Need Endpoint Detection & Response (EDR)?
EDR products are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? If so, do you have the expertise in-house to properly deploy, operate, and get value out of it? We’ll look at reasons to consider EDR or EDR as a managed service below.
1 Executive Summary
Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past EPP products. EDR solutions log activities centrally, allow administrators to examine endpoints remotely, and generate reports often complete with attribution theories and confidence levels.
Many organizations use EPP and EDR products, often by the same vendor. In these cases, both EPP and EDR functionality is usually bundled in the same package and can be enabled by licensing. Some organizations choose to outsource EDR, in which case it is referred to as Managed Detection & Response (MDR).
How do you know if EDR is a good fit for your organization? We will look at a simple flowchart and describe business use cases where EDR can be a crucial cybersecurity architectural component below.