Want to see who topped the 2019 Best Software Awards?

Best Endpoint Detection & Response (EDR) Software

Endpoint detection and response (EDR) tools are the newest members of the endpoint security family. They combine elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. These tools give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as security information and event management (SIEM), vulnerability management, and incident response tools.

To qualify for inclusion in the Endpoint Detection and Response category, a product must:

  • Alert administrators when devices have been compromised
  • Search data and systems for the presence of malware
  • Possess analytics and anomaly detection features
  • Possess malware removal features
G2 Crowd Grid® for Endpoint Detection & Response (EDR)
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
Filters
Star Rating

Endpoint Detection & Response (EDR) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Endpoint Detection & Response (EDR) Software
Results: 58
    G2 Crowd takes pride in showing unbiased ratings on user satisfaction. G2 Crowd does not allow for paid placement in any of our ratings.
    Sort By:

    Symantec Endpoint Protection (SEP) is designed to protect against malware attacks including targeted attacks, advanced persistent threats, and zero-day threats with a layered approach to security at the endpoint. Superior protection that fuses essential and next-gen technologies in a multi-layered fashion. High-performance, lightweight single client, single management console across both physical and virtual protection and orchestrated response delivered at scale

    Symantec Endpoint Protection Reviews
    Optimized for quick response

    In a multi-vector attack, cybercriminals combine a variety of threat technologies, deployed in numerous stages, over multiple points of entry, or vectors, to infect computers and networks. To keep businesses, their users, and their devices safe, Webroot SecureAnywhere® Business Endpoint Protection offers a unique blend of layered multi-vector protection that stops threats across email, web browsing, files, URLs, ads, apps, and more.

    Webroot Endpoint Protection Reviews
    Optimized for quick response

    Complete security that includes encryption, web filtering and patch assessment


    Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of advanced malware and exploit prevention methods that protect users and endpoints from known and unknown threats.


    Bitdefender GravityZone combines all the security services organizations need into a single delivery platform to reduce their cost of building a trusted environment for all endpoints.


    Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.


    Easy to use security-as-a-service for organizations with limited IT security resources


    Cb Response is the market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Cb Response makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Cb Response also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement.


    53% of breaches do not use malware. Streaming prevention through Cb Defense goes beyond machine-learning AV to stop all types of attacks before they compromise your systems. Cb Defense, with its breakthrough prevention model, market-leading detection and response capabilities and single lightweight agent, is the future of next-gen antivirus.


    Stop known and unknown threats on all platforms using sophisticated machine learning and intelligent automation. SentinelOne predicts malicious behavior across all vectors, rapidly eliminates threats with a fully-automated incident response protocol, and adapts defenses against the most advanced cyber attacks.


    Kaspersky Endpoint Security for Business offers a tightly integrated combination of superior security technologies and far-reaching systems management capabilities, which can all be controlled via a single management console.


    FireEye Endpoint Security (HX series) products provide organizations with the ability to continuously monitor endpoints for advanced malware and indicators of compromise that routinely bypass signature-based and defense-in-depth security systems.


    An enterprise solution that allows you to query and modify your managed computer assets in seconds, regardless of the size of your network.


    Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.


    Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators the ability to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an auditable activity trail. With Proofpoint Threat Response Auto-Pull, you can protect your people, data, and brand from today’s threats by: • Automatically pulling malicious or unwanted messages from an end-users inbox. • Enriching each message by checking every domain and IP address against premium intelligence feeds. • Including built-in reporting, showing stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute • Reducing the remediation time needed from hours to minutes.


    Detect, isolate, and eliminate intrusions across all endpoints using AI, automated incident generation, and unparalleled threat intelligence.


    Check Point Endpoint Security combines data security, network security, threat prevention technologies and remote access VPN into one package for complete Windows and Mac OS X protection.


    EnCase Endpoint Security is the most complete threat detection and response solution—eliminating the time it takes to detect, validate, triage, investigate, and remediate known and unknown threats lurking across the enterprise, unseen by perimeter and network solutions. An organization’s security is simply not complete without endpoint visibility.



    Deep Discovery Inspector is available as a physical or virtual network appliance. It's designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.


    enSilo offers a complete endpoint security and malware protection solution, designed to stop malware post-infection real-time from causing harm and tampering or exfiltrating data from endpoints.


    Panda Endpoint Protection provides centralized protection for all of your Windows, Mac and Linux workstations, including laptops, smartphones and the leading virtualization systems.


    Proofpoint Information Archiving solutions provide automated social media content supervision, remediation, and record retention - all from a common interface.


    SanerNow is a SaaS platform for endpoint security and management — a platform that hosts numerous tools to cover various endpoint security and management requirements. SanerNow addresses the following business cases: - Vulnerability Management - Patch Management - Compliance Management - Asset Management - Endpoint Management - Endpoint Threat Detection and Response


    Symantec Protection Suite Enterprise Edition combines best-of-breed products to secure your endpoint and email infrastructure. It delivers protection against complex malware, data loss, and spam threats along with industry-leading messaging protection.


    All Domain Intrusion Detection, Investigation, and Containment


    Awake detects attacks that blend in with business-justified activity and enables conclusive and rapid response. With exhaustive intelligence from the network, Awake uniquely identifies mal-intent to stop insider attacks, file-less malware, and much more.


    BluVector Pulse delivers a fully turnkey sense and respond platform, automating the health and heartbeat monitoring and device management of the market-leading BluVector Cortex offering.


    Real-time, client-less, application-independent threat detection and protection based on innovative and patented technology.


    CylancePROTECT redefines what antivirus can and should do for your organization by leveraging artificial intelligence to detect AND prevent malware from executing on your endpoints in real time.


    Cynet converges multiple technologies (EPP, EDR, UBA, Deception, Network Analytics and vulnerability management), with a 24/7 cyber SWAT team, to provide unparalleled visibility and defend all domains of your internal network: endpoints, network, files and users, from all types of attacks.


    Endgame Platform is an endpoint security platform that prevents all device compromise, stops ongoing attacks, and automates the hunt for the next generation of attacks.


    IntSights is revolutionizing cyber security with a first of its kind Enterprise Threat Intelligence & Mitigation platform that delivers proactive defense by transforming threat intelligence into automated security action. It monitors your external risk profile, aggregates and analyzes tens of thousands of threats, and automates the risk mitigation lifecycle.


    ESET Enterprise Inspector is ESET's Endpoint Detection and Response (EDR) tool for identification of anomalous behavior, identification of breaches, risk assessment, and further forensic investigation that features response capabilities to mitigate the discovered threats.


    Falcon Complete™ changes the game by making endpoint security powerful and easy for all organizations. Falcon Complete combines CrowdStrike’s industry-leading protection technologies with the people, expertise and processes necessary to provide the most effective, worry-free approach to endpoint security.


    CrowdStrike Falcon endpoint protection unifies the technologies required to successfully stop breaches: next-generation antivirus, endpoint detection and response, IT hygiene, 24/7 threat hunting and threat intelligence. They combine to provide continuous breach prevention in a single agent.


    CrowdStrike® Falcon Insight™ eliminates silent failure by providing the highest level of real-time monitoring capabilities that span across detection, response and forensics.


    KF Web Server is a free HTTP Server that can host a number of web sites.


    Lastline Detonator integrates Lastline's unmatched advanced malware analysis and protection capabilities seamlessly into your existing security products. It puts the years of research on evasive malware by Lastline's team of internationally recognized experts at your fingertips.


    LightCyber is a security platform protecting enterprises from persistent threats and targeted attacks.


    Automatically learns from human analysts and automates detection and response, never having analysts repeat the same investigations ever again.


    Matrix42, the leading provider of workspace management solutions, has entered into a strategic partnership with enSilo and now offers the innovative security company's products exclusively in Central Europe and integrates enSilo into its comprehensive Workspace Management Suite


    Metapacket is a proxy platform that detects & prevents malwares from exfiltration, rendering malware useless.


    Morphisec Endpoint Threat Prevention thwarts hackers with their own strategies like deception, obfuscation, modification, and polymorphism.


    Whether in DETECT or PREVENT mode, managed by us or you, the Nyotron War Room provides you in-depth details about an attack as it happens: where the attack is happening, if it is spreading to other endpoints, what the nature of the threat is, how it got in, and how it spread.


    Paladion offers an artificial intelligence-driven managed detection and response services.


    Promisec Integrity offers customers the same nimble agentless functionality as our on-premise solution, but through a browser interface to enable antivirus validation, unauthorized software discovery, and patch management validation.


    RSA ECAT is an endpoint threat detection and response solution that exposes targeted, advanced malware, highlights suspicious activity for investigation, and instantly determines the scope of a compromise to help security teams stop advanced threats faster.


    R-Scope puts networks under a microscope so that customers can respond to both known and zero-day attacks before they become crises.


    The Secureworks Counter Threat Platform™ (CTP™) combines the speed and scalability of machine learning with the insight of human intelligence.