Please let me know if organizations have deployed EDR (question posted on behalf of a CISO member) 

Views: 57

Reply to This

Replies to This Discussion

The below response is based on CISO Platform closed group discussion:

(private CISO member): Yes

The below response is based on CISO Platform closed group discussion:

(private CISO member): Which?

The below response is based on CISO Platform closed group discussion:

(private CISO member): FireEye

EDR is becoming a great part of end point protection evolution strategy.

from AV , we moved to EPP which offers heuristic and anamoly based approach to block the malware. EDR is next level evolution for end points offering greater protection . some benefits as follows.

1> Dynamic process monitoring 2> Registry changes detection 3> File renaming and alias detection 4> Forensics capability 5> centralised management and ability to push different versions of software to different type of clients ( not to load all end points with huge software) 

The point we need to keep in mind is , it is process intensive and sometimes become too invasive .

otherwise, EDR is going to be de-facto installation in light of new attacks like Ransomware targeting the weak end point. 

  

RSS

© 2019   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service