Section 6.4 EDR
Endpoint Detection and Response (EDR) is used to secure endpoints: servers, workstations, desktops, mobile devices, etc. EDR is typically implemented as a host-based incident prevention system (HBIPS), software that runs on the endpoint to monitor and collect data.
These systems will usually watch for indicators of compromise, scan for malware, and can even quarantine or shutdown the endpoint as needed. Company hardware is a significant investment for any business and an EDR makes sure that investment is protected. Many systems exist for EDR including FireEye, SEP, and CrowdStrike.
You have attempted 1 of 1 activities on this page.
