1 Executive Summary
Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past EPP products. EDR solutions log activities centrally, allow administrators to examine endpoints remotely, and generate reports often complete with attribution theories and confidence levels.
Many organizations use EPP and EDR products, often by the same vendor. In these cases, both EPP and EDR functionality is usually bundled in the same package and can be enabled by licensing. Some organizations choose to outsource EDR, in which case it is referred to as Managed Detection & Response (MDR).
How do you know if EDR is a good fit for your organization? We will look at a simple flowchart and describe business use cases where EDR can be a crucial cybersecurity architectural component below.