We just raised a $30M Series A: Read our story
Endpoint Detection and Response (EDR) Questions
Evgeny Belenky
IT Central Station
Nov 30 2021

Which one is better and in which use cases? 

Satish Singh
Cloud Security Architect at Kyndryl
Nov 06 2021
Hi dear professionals, I'm working as the Cloud Security Architect at a Tech Sevices company with 10,000+ employees and I'm looking for suggestions about on-premise endpoint security solutions.  Please recommend the best product/solution that fits the requirements below (salient features and… (more)

Hi dear professionals,

I'm working as the Cloud Security Architect at a Tech Sevices company with 10,000+ employees and I'm looking for suggestions about on-premise endpoint security solutions. 

Please recommend the best product/solution that fits the requirements below (salient features and expected features):

  • Endpoint Protection Platform (EPP)
  • Application Change Control (ACC)
  • File Integrity Monitoring (FIM)
  • Endpoint Detection and Response (EDR)

Expected Features:


1. Integration with NAC solution
2. Real-time scans (both new files and URLs) and scheduled scans (scanning all files against newly-deployed signatures)
3. Protection from malicious web downloads
4. Protection from exploits
5. Application and device control
6. Reports and alerts
7. Detecting alerts (ASAP)
8. Incident investigation and remediation
9. AI/MI-based behavior anomaly detection and remediation
10. Third-party integrations
11. Flexible deployment options
12. Endpoint Security Solution Threat Intelligence
13. Sandboxing is a must

(less)
Eric RiseSatish, Thank you for your well-thought-out and detailed question on this… more »
Samy Adel
Senior ICT Helpdesk Administrator at CACC Cargolinx
Sep 21 2021

Hello,

I'm working as a Senior ICT Helpdesk Administrator at a Logistics & Supply Chain company with 500+ employees.

Which Endpoint Detection and Response (EDR) product would you recommend purchasing and why?

I appreciate the help!

Darshil SanghviHi @Samy Adel ​ I just wanted to know some more details about your… more »
Georges-Emmanuel TOPEIf you are already using Windows 10 for the clients, you may benefit from a… more »
Cheri SmithWithout really knowing what type of system you are running I'm going to stab… more »
Edgardo Arrieta
Cybersecurity and Cyber Defense Manager at ecopetrol
Sep 21 2021

Hi peers,

Our company is looking for the best EDR or XDR solution for the company with 9K+ employees.

What would be your professional advice to us? Why this or another solution should be our choice?

Thanks in advance!

Navin Rehnius
Security Engineer at a tech services company with 201-500 employees
Aug 02 2021

What is the difference between Incident Detection Response (IDR) e.g. in Rapid7 InsightIDR and Endpoint Detection and Response (EDR) in other solutions?

Thanks.

John RendyHi @Navin Rehnius, The IDR focus is on the correlation of the host system… more »
Constance Chinonzo
Networks and Hardware Manager at ZIMSEC
Jun 16 2021
I intend to deploy a new endpoint solution.  I already have a CISCO ASA firewall and have to decide on the Sophos central endpoint or Kaspersky endpoint (I am moving from the Symantec endpoint).  In your opinion, which endpoint solution is more effective in terms of protection and remote… (more)

I intend to deploy a new endpoint solution. 

I already have a CISCO ASA firewall and have to decide on the Sophos central endpoint or Kaspersky endpoint (I am moving from the Symantec endpoint). 

In your opinion, which endpoint solution is more effective in terms of protection and remote administration: Sophos Intercept X or Kaspersky Endpoint Security?

Thank you!

(less)
Evgeny Belenky
IT Central Station
Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC. Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure.  Dear community, let's share your… (more)

Colonial Pipeline has confirmed it paid a $4.4m (£3.1m) ransom, according to BBC.

Earlier this month, Hugh has written about it in this article: The Colonial Pipeline Ransomware Attack: Preventing the Next Cybercrime Disruption of Critical Infrastructure

Lessons from the Colonial Pipeline ransomware attack

Dear community, let's share your professional opinion with other peers on what lessons can we learn from this ransomware attack.

What can be done better in the future? Is it about backup and recovery tools? About EDR? 

Should the incident response be managed in a different way?

Thanks

(less)
ITSecuri7cfdAt minimum, do the basics. Patch or mitigate vulnerabilities by isolating the… more »
Prem
Analyst at a security firm with 501-1,000 employees

I'm an Analyst, Managed Security Services in a Legal firm. Where can I find information about pricing of multiple EDR solution and the support levels provided?

Rony_Sklar
IT Central Station

How can businesses protect themselves against Mimikatz malware?

Technicalconsult568Mimiktaz is a post exploitation tool that dumps passwords from memory… more »
Steve PenderMimikatz is a tool developed by Benjamin Delpy that is used to gather credential… more »
Bryan HurdBesides having Microsoft Defender which detects this threat, also the newest… more »
Rony_Sklar
IT Central Station
Sep 30 2021

Hi community,

There are many EDR solutions out there. In your opinion, what are the most important features that an EDR solution should have these days? 

Additionally, what are good questions to ask vendors when researching EDR solutions? 

Akhil KumarThat's true that there are many EDR solutions out there, According to me the… more »
Ian KellerThe answers given by Presh and Akhil are all spot one so I wont touch on those… more »
Paresh MakwanaMost Important feature is Prevention – First, this means Effectiveness… more »
Rony_Sklar
IT Central Station
Jul 16 2021

Can EDR replace antivirus, or are both needed?

ShreekumarNairYou can use EDR solutions to track, monitor, and analyze data on endpoints to… more »
Matthias De ToffolHello EDR can replace a normal AntiVirus and can offer even more, as they can… more »
Nikki WebbEDR can replace antivirus, if you get the right EDR solution. A solution that… more »