Please let me know if organizations have deployed EDR (question posted on behalf of a CISO member) 

Views: 115

Reply to This

Replies to This Discussion

The below response is based on CISO Platform closed group discussion:

(private CISO member): Yes

The below response is based on CISO Platform closed group discussion:

(private CISO member): Which?

The below response is based on CISO Platform closed group discussion:

(private CISO member): FireEye

EDR is becoming a great part of end point protection evolution strategy.

from AV , we moved to EPP which offers heuristic and anamoly based approach to block the malware. EDR is next level evolution for end points offering greater protection . some benefits as follows.

1> Dynamic process monitoring 2> Registry changes detection 3> File renaming and alias detection 4> Forensics capability 5> centralised management and ability to push different versions of software to different type of clients ( not to load all end points with huge software) 

The point we need to keep in mind is , it is process intensive and sometimes become too invasive .

otherwise, EDR is going to be de-facto installation in light of new attacks like Ransomware targeting the weak end point. 

  

Hi,

Yes now a days many organization looking for EDR solution to reduce the turn around time for any malicious activity on endpoint. benefit of EDR is it can be use to automate remediation activity and can be part of SOAR solution.

RSS

© 2020   Created by CISO Platform.   Powered by

Badges  |  Report an Issue  |  Privacy Policy  |  Terms of Service