Endpoint detection and response (EDR) tools are the newest members of the endpoint security family. They combine elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. These tools give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as security information and event management (SIEM), vulnerability management, and incident response tools.
To qualify for inclusion in the Endpoint Detection and Response category, a product must:
Endpoint Detection & Response (EDR) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Symantec Endpoint Protection (SEP) is designed to protect against malware attacks including targeted attacks, advanced persistent threats, and zero-day threats with a layered approach to security at the endpoint. Superior protection that fuses essential and next-gen technologies in a multi-layered fashion. High-performance, lightweight single client, single management console across both physical and virtual protection and orchestrated response delivered at scale
In a multi-vector attack, cybercriminals combine a variety of threat technologies, deployed in numerous stages, over multiple points of entry, or vectors, to infect computers and networks. To keep businesses, their users, and their devices safe, Webroot SecureAnywhere® Business Endpoint Protection offers a unique blend of layered multi-vector protection that stops threats across email, web browsing, files, URLs, ads, apps, and more.
Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.
ESET’s Endpoint Security solutions leverage a multilayered approach that utilizes multiple technologies working in a dynamic equilibrium, which has the ability to constantly balance performance, detection and false positives. ESET Security Management Center can be installed on Windows, Linux or via Virtual Appliance. After install, all management is done via a web-console, allowing easy access and management from any device or operating system. All ESET Endpoint products despite the OS can be managed from a single ESET Security Management Center instance. In addition, ESET Security Management Center supports full Mobile Device Management (MDM) of Android and iOS devices. Multiple users and permission groups can be created to allow access to a limited portion of the ESET Security Management Center instance. This allows full streamlining of responsibilities across large enterprise teams.
IBM® BigFix® addresses a major challenge faced by many organizations — how to gain full visibility into the constantly changing endpoint landscape while bridging the gap between threat detection and remediation. See clearly: Discover and audit endpoints on or off the corporate network. Detect evasive attacks with behavioral analytics. Understand completely: Guided investigations to define the scope of detected attacks. Define what remediation action you need to take. Act precisely: Immediately contain and remediate attacks enterprise-wide. Continuously reduce your attack surface.
Cb Response is the market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Cb Response makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Cb Response also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement.
53% of breaches do not use malware. Streaming prevention through Cb Defense goes beyond machine-learning AV to stop all types of attacks before they compromise your systems. Cb Defense, with its breakthrough prevention model, market-leading detection and response capabilities and single lightweight agent, is the future of next-gen antivirus.
Stop known and unknown threats on all platforms using sophisticated machine learning and intelligent automation. SentinelOne predicts malicious behavior across all vectors, rapidly eliminates threats with a fully-automated incident response protocol, and adapts defenses against the most advanced cyber attacks.
Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.
Detect, isolate, and eliminate intrusions across all endpoints using AI, automated incident generation, and unparalleled threat intelligence.
EnCase Endpoint Security is the most complete threat detection and response solution—eliminating the time it takes to detect, validate, triage, investigate, and remediate known and unknown threats lurking across the enterprise, unseen by perimeter and network solutions. An organization’s security is simply not complete without endpoint visibility.
Deep Discovery Inspector is available as a physical or virtual network appliance. It's designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.
SanerNow is a SaaS platform for endpoint security and management — a platform that hosts numerous tools to cover various endpoint security and management requirements. SanerNow addresses the following business cases: - Vulnerability Management - Patch Management - Compliance Management - Asset Management - Endpoint Management - Endpoint Threat Detection and Response
Syniverse is a global transaction processor that connects more than 1,500 mobile service providers, enterprises, ISPs and OTTs in nearly 200 countries and territories, enabling seamless mobile communications across disparate and rapidly evolving networks, devices and applications.
Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and credential-stealing phishing techniques to obtain sensitive information. TAP seamlessly integrates with the Proofpoint secure email gateway (Proofpoint Email Protection) to deliver best-in-class email security in a way that is cost effective and easy to use. TAP leverages the cloud to scale deployment, adapt analysis and protect people on any network or device. With Proofpoint Targeted Attack Protection (TAP), you can: • Provide sophisticated analysis to prevent threats from getting to a user's inbox. • Detect known and unknown threats using adaptable analysis capabilities. • Provide security teams detailed analysis and visibility about threats and threat campaigns. • Provide visibility into threats targeting the Very Attacked People (VAP) in an organization.
Avast is the global leader in next-gen cyber security products for consumers and businesses and protects over 400 million people online. Avast offers products under the Avast and AVG brands, that protect people from threats on the internet with one of the most advanced threat detection networks in the world. Avast digital security products are top ranked for mobile, PC and Mac. For businesses, Avast offers comprehensive antivirus security that keeps your devices, data, and employees safe from the latest cyber threats. Work and browse confidently from anywhere knowing your business is completely protected. If you are a MSP or VAR, you can also deliver enhanced managed services to your customers and take your business even further. Just choose from our Avast CloudCare cloud-based protection solution or our full-stack, remote monitoring and management platform.
BlackFog provides GDPR privacy and fileless cyberattack defense for real time protection against online threats. It focuses on non-signature based threat detection using outbound traffic monitoring to protect the device and privacy of the end user. It consists of 11 layers of defense against ransomware, spyware, malware and unauthorized data collection and profiling.
Cb Protection is the strongest security possible for data centers and critical systems. Using a ‘Default Deny’ approach, Cb Protection reduces your attack surface with a single security agent and reduces downtime by automating approval of trusted software and eliminating the burden of whitelist management. and drives automatic approvals through IT-driven policies, as well one of the most extensive trust and reputation databases in the world. Cb Protection helps organizations achieve continuous compliance across every regulatory framework. It does this in a highly scalable manner that minimizes IT overhead, allowing a single admin to manage up to 10,000 endpoints.
Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyberattacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectiviity and inefficient security