Needed capacities or functions - Endpoint Detection and Response (EDR)
Consider deploying EDR technologies, which are the latest tools to combat the risk of viruses, such as malware, spyware, and ransomware. They provide proactive means to identify and mitigate risks by isolating endpoints from the network and, thus, preventing them from spreading further from the single point of attack.
Important Considerations and Best PracticesWhile most organizations only use antivirus ("AV") solutions, AV is becoming less effective at detecting and preventing evolving malware, and the methods used by cyber threat actors are becoming increasingly sophisticated. EDR is critical for enhancing an organization's endpoint security posture. More organizations are now adopting EDR to supplement their AV solutions or as part of a broader endpoint security platform. EDR technologies provide a more advanced level of protection against new and emerging threats that may evade traditional AV and use behavioral analysis and machine learning to address potential threats proactively. Programs should consider EDR technologies for all servers and endpoints. Examples of EDR technologies include Microsoft Defender, Sentinel One, and Sophos XDR. |