Software on laptops, servers, and devices that continuously monitors for malicious activity and helps responders investigate and contain it.
Endpoint detection and response goes beyond traditional antivirus by recording endpoint activity and looking for behavior that signals an attack, such as unusual process execution or lateral movement. It gives security teams the visibility and tools to isolate a compromised device and investigate what happened.
EDR is a key detective and responsive control and a common source of evidence during incident response.
KaitoSec