Endpoint detection and response (EDR), also known as endpoint threat detection and response, is an integrated endpoint security solution that combines real-time continuous monitoring and collection of endpoint data with rules-based automated response and analysis capabilities. The term describes emerging security systems that detect and investigate suspicious activities on hosts and endpoints, employing a high degree of automation to enable security teams to quickly identify and respond to threats.
The primary functions of our EDR security system are to:
1. Monitor and collect activity data from endpoints that could indicate a threat
2. Analyze this data to identify threat patterns
3. Automatically respond to identified threats to remove or contain them, and notify security personnel
4. Forensics and analysis tools to research identified threats and search for suspicious activities