EDR systems for companies: Security to the point

Endpoint Detection and Response (EDR) protects end devices in companies in many ways. What the products do and what companies need to look out for.

In the face of increasing cyberattacks, an entire industry has emerged in recent decades to develop software to protect companies and their IT. Security analysts often work 24 hours a day in the Security Operations Centre – SOC for short – to comb the company network for attacks and security gaps. A wide range of mostly proprietary products, which are as diverse as the attack patterns themselves, help them to do this. In practice, their functions often overlap, but to put it simply (there are other representations), the products fall into one or more of the four operational phases of preparation, protection, detection and response.

IX-TRACT

• Endpoint protection has evolved from pure antivirus packages to the more powerful endpoint detection and response systems.
• EDR and the extended XDR systems cover at least two of the four SOC operation phases of preparation, protection, detection and response.
• As the products focus on different aspects, interested parties must check which system is best suited to their own infrastructure.
• Data protection aspects should not be ignored either, as some tools collect an unnecessarily large amount of data.

Click here for the article.

**This article is only available in German**