Leadership Brief

Do I Need Endpoint Detection & Response (EDR)?

EDR products are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? If so, do you have the expertise in-house to properly deploy, operate, and get value out of it? We’ll look at reasons to consider EDR or EDR as a managed service below.

John Tolbert

jt@kuppingercole.com

1 Executive Summary

Endpoint Detection & Response (EDR) solutions look for evidence and effects of malware that may have slipped past EPP products. EDR solutions log activities centrally, allow administrators to examine endpoints remotely, and generate reports often complete with attribution theories and confidence levels.

Many organizations use EPP and EDR products, often by the same vendor. In these cases, both EPP and EDR functionality is usually bundled in the same package and can be enabled by licensing. Some organizations choose to outsource EDR, in which case it is referred to as Managed Detection & Response (MDR).

How do you know if EDR is a good fit for your organization? We will look at a simple flowchart and describe business use cases where EDR can be a crucial cybersecurity architectural component below.


Full article is available for registered users with free trial access or paid subscription.

Register and read on!

Sign up for the Professional or Specialist Subscription Packages to access the entire body of the KuppingerCole research library consisting of 700+ articles.

I have an account
Log in  
Register your account to start 30 days of free trial access
Register  
Subscribe to become a client
Choose a package