Endpoint Detection & Response

Video

Analyst Chat #88: What (and why) is XDR?

XDR (eXtended Detection & Response) solutions are an emerging category of security tools that are designed to consolidate and replace multiple point solutions. John Tolbert and Alexei Balaganski join Matthias and share their views on this market, the existing offerings, and how it might…

Executive View

Nucleon Smart Endpoint

Nucleon Smart Endpoint is an Endpoint Protection Detection & Response (EPDR) solution for Windows and Linux. It takes a multi-layered Zero Trust approach to preventing malware execution and provides Machine Learning (ML) detection models to look for signs of compromise across managed…

Blog

What is XDR?

Almost all enterprises have many security tools in place already, some of which are still focused on perimeters/DMZs and on hosts, such as servers and endpoints. Endpoint Detection & Response (EDR) tools are becoming more commonplace in enterprises and SMBs. EDR tools depend on agents…

Video

Analyst Chat #59: Understanding the SolarWinds Incident and Recommended First Steps

The SolarWinds incident made the news in December 2020 and continues to impact many organizations. John Tolbert joins Matthias to give a short introduction of what decision makers need to know at this stage and which measures to look at first.

Video

Effective Endpoint Security With Automatic Detection and Response Solutions

The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown…

Blog

Attack Surface Reduction and XDR

Many if not most organizations have moved to a risk management model for cybersecurity and identity management. Priorities have shifted in two major ways over the last decade: decreasing attack surface sizes focusing on detection and response technologies instead of prevention only…

Executive View

Elastic Security

Elastic Security is a security platform built on top of the Elastic Stack. It combines security information and event management, threat hunting, endpoint security, and cloud monitoring to help analysts prevent, detect, and respond to cyber threats more efficiently.

Video

Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to…

Executive View

ManageEngine Log360

Log360 from ManageEngine is a tightly integrated suite of log management and network security analytics tools. Complementing SIEM capabilities with EDR, DLP, and even SOAR functionality, it offers a convenient and affordable one-stop solution for security analytics and threat remediation…

Webinar

Oct 28, 2020: Using Deception for Early and Efficient Threat Detection

Most organizations are benefiting from the scalability, flexibility, and convenience of modern cloud services and new, highly distributed hybrid corporate networks. Unfortunately, many have also learned the hard way that defense of these systems and the assets they contain continue to remain…

Blog

What Some Vendors Missed in MITRE ATT&CK Round Two and How to Fix the Gaps

MITRE recently published the detailed results of their second round of tests. This test pitted APT29 malware and methods against 21 cybersecurity vendors. The MITRE testing is an excellent benchmark for comprehensively exercising Endpoint Protection (EPP) and Endpoint Detection &…

Webinar

Jan 14, 2021: Effective Endpoint Security With Automatic Detection and Response Solutions

The realization that cyber-attacks are inevitable has led the cybersecurity industry to shift some of its focus to detection and response rather than prevention in recent years. Therefore, the market for solutions designed to detect attacks on endpoints and respond accordingly has grown…

Video

Protect, Detect, Respond, Mitigate: A Modern Security Paradigm for Modern Enterprises

The traditional approach forces enterprises to deploy multiple additional security solutions – EPP, EDR or NDR among them – to try and close remaining gaps, leading to even higher strain on security analysts. Facing response times of hours if not days, companies turn to managed…

Executive View

Executive View: SentinelOne Singularity Platform - 80139

Die integrierte Sicherheitsplattform von SentinelOne kombiniert Präventions-, Erkennungs-, Analyse- und Mitigierungsfunktionen mit dem autonomen KI-Agenten und ermöglicht so tiefe Einblicke und konsistenten Schutz für On-Premises-Endgeräte, virtualisierte Umgebungen und…

Executive View

Executive View: SentinelOne Singularity Platform - 80139

SentinelOne’s integrated security platform combines prevention, detection, analysis, and mitigation capabilities with the autonomous AI agent to enable deep visibility and consistent endpoint security across on-premises devices, virtualized environments and cloud workloads.

Executive View

Executive View: ESET Enterprise Inspector - 80192

Enterprise Inspector is ESET’s Endpoint Detection & Response (EDR) solution. It currently runs on Windows with future plans to cover Linux, and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution…

Executive View

Executive View: F-Secure Rapid Detection & Response - 80182

Rapid Detection & Response is F-Secure’s Endpoint Detection & Response (EDR) solution. It runs on Windows and Mac clients, collecting and analyzing information to help security analysts determine if malicious activities have occurred. The solution also allows for…

Buyer's Compass

Endpoint Detection & Response (EDR) - 80213

Data loss via Advanced Persistent Threats (APT), Insider Threat, and other vectors remains a top concern of businesses worldwide. EDR tools are becoming more widely used to help detect and remediate these kinds of threats. This KuppingerCole Buyer’s Compass will provide you with…

Leadership Brief

Leadership Brief: The Differences Between Endpoint Protection (EPP) and Endpoint Detection & Response (EDR) - 80186

Endpoint Detection & Response products are capturing a lot of mindshare in cybersecurity. But how do they differ from the more standard Endpoint Protection products? We’ll look at key features of each type of solution below.

Leadership Brief

Leadership Brief: Do I Need Endpoint Detection & Response (EDR)? - 80187

EDR products are getting a lot of attention at conferences and in the cybersecurity press. But does your organization need it? If so, do you have the expertise in-house to properly deploy, operate, and get value out of it? We’ll look at reasons to consider EDR or EDR as a managed…

Blog

How to Train Your AI to Mis-Identify Dragons

This week Skylight Cyber disclosed that they were able to fool a popular “AI”-based Endpoint Protection (EPP) solution into incorrectly marking malware as safe. While trying to reverse-engineer the details of the solution's Machine Learning (ML) engine, the researchers found that…


KuppingerCole PLUS

Get access to the whole body of KC PLUS research including Leadership Compass documents for only €800 a year

KuppingerCole Select

Register now for KuppingerCole Select and get your free 30-day access to a great selection of KuppingerCole research materials and to live trainings.

Blog

Blog

A Iot to Venture, More to GAIN

A Iot to Venture, More to GAIN
Matthias Reinwarth

As social beings, people interact with their environment, whether as citizens of a state, as employees of a company or as contractual partners (customers, insured persons) with a company in the private sector. Even if a large number of such transactions can take place anonymously (coffee to go on the way to the office in the morning does not require identification), proof of identity or the reliable assurance of a particular characteristic ("of legal age," "fully vaccinated") is often [...]

Latest Insights

Hot Topics


Become a Client

Learn more about becoming a Client

Contact Us

Call Us

+49 211 2370770
Mo - Fr 8:00 - 17:00