Replies

  • Hi,

    Yes now a days many organization looking for EDR solution to reduce the turn around time for any malicious activity on endpoint. benefit of EDR is it can be use to automate remediation activity and can be part of SOAR solution.

  • EDR is becoming a great part of end point protection evolution strategy.

    from AV , we moved to EPP which offers heuristic and anamoly based approach to block the malware. EDR is next level evolution for end points offering greater protection . some benefits as follows.

    1> Dynamic process monitoring 2> Registry changes detection 3> File renaming and alias detection 4> Forensics capability 5> centralised management and ability to push different versions of software to different type of clients ( not to load all end points with huge software) 

    The point we need to keep in mind is , it is process intensive and sometimes become too invasive .

    otherwise, EDR is going to be de-facto installation in light of new attacks like Ransomware targeting the weak end point. 

      

  • The below response is based on CISO Platform closed group discussion:

    (private CISO member): FireEye

  • The below response is based on CISO Platform closed group discussion:

    (private CISO member): Which?

  • The below response is based on CISO Platform closed group discussion:

    (private CISO member): Yes

This reply was deleted.