Endpoint Detection and Response (EDR) Questions
Samy Adel
Senior ICT Helpdesk Administrator at CACC Cargolinx
Sep 21 2021

Hello,

I'm working as a Senior ICT Helpdesk Administrator at a Logistics & Supply Chain company with 500+ employees.

Which Endpoint Detection and Response (EDR) product would you recommend purchasing and why?

I appreciate the help!

Darshil SanghviHi @Samy Adel ​ I just wanted to know some more details about your… more »
Georges-Emmanuel TOPEIf you are already using Windows 10 for the clients, you may benefit from a… more »
Cheri SmithWithout really knowing what type of system you are running I'm going to stab… more »
Edgardo Arrieta
Cybersecurity and Cyber Defense Manager at ecopetrol
Sep 21 2021

Hi peers,

Our company is looking for the best EDR or XDR solution for the company with 9K+ employees.

What would be your professional advice to us? Why this or another solution should be our choice?

Thanks in advance!

Navin Rehnius
Security Engineer at a tech services company with 201-500 employees
Aug 02 2021

What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions?

Thanks.

John RendyHi @Navin Rehnius, The IDR focus is on the correlation of the host system… more »
Constance Chinonzo
Networks and Hardware Manager at ZIMSEC
Jun 16 2021

I intend to deploy a new endpoint solution. 

I already have a CISCO ASA firewall and have to decide on the Sophos central endpoint or Kaspersky endpoint (I am moving from the Symantec endpoint). 

In your opinion, which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?

Thank you!

Evgeny Belenky
IT Central Station
May 21 2021

Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.

Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure

Lessons from the Colonial Pipeline ransomware attack

Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.

What can be done better in the future? Is it about backup and recovery tools? About EDR? 

Should the incident response be managed in a different way?

Thanks

ITSecuri7cfdAt minimum, do the basics. Patch or mitigate vulnerabilities by isolating the… more »
Prem
Analyst at a security firm with 501-1,000 employees

I'm an Analyst, Managed Security Services in a Legal firm. Where can I find information about pricing of multiple EDR solution and the support levels provided?

Rony_Sklar
IT Central Station

With remote work having become the norm for many, what security should businesses have in place? Do you have suggestions of specific products that businesses should look at?

Philippe PanardieThere is not a single answer. In our company, we use only company devices for… more »
Omer MohammedWearing a mask while accessing your service is not a joke hardening tunneling… more »
Letsogile BaloiSecurity is a multi-layered problem and as always the human end is the weak… more »
Rony_Sklar
IT Central Station
Apr 24 2021

How can businesses protect themselves against Mimikatz malware?

Technicalconsult568Mimiktaz is a post exploitation tool that dumps passwords from memory… more »
Steve PenderMimikatz is a tool developed by Benjamin Delpy that is used to gather credential… more »
Bryan HurdBesides having Microsoft Defender which detects this threat, also the newest… more »
Rony_Sklar
IT Central Station
Jul 16 2021

Can EDR replace antivirus, or are both needed?

ShreekumarNairYou can use EDR solutions to track, monitor, and analyze data on endpoints to… more »
Matthias De ToffolHello EDR can replace a normal AntiVirus and can offer even more, as they can… more »
Nikki WebbEDR can replace antivirus, if you get the right EDR solution. A solution that… more »