Best Endpoint Detection & Response (EDR) Software

Endpoint detection and response (EDR) tools are the newest members of the endpoint security family. They combine elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. These tools give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as security information and event management (SIEM), vulnerability management, and incident response tools.

To qualify for inclusion in the Endpoint Detection and Response category, a product must:

  • Alert administrators when devices have been compromised
  • Search data and systems for the presence of malware
  • Possess analytics and anomaly detection features
  • Possess malware removal features
G2 Crowd Grid® for Endpoint Detection & Response (EDR)
Leaders
High Performers
Contenders
Niche
Momentum Leaders
Momentum Score
Market Presence
Satisfaction
Compare Endpoint Detection & Response (EDR) Software
    Results: 102

    Filters
    Star Rating

    Endpoint Detection & Response (EDR) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

    Symantec Endpoint Protection (SEP) is designed to protect against malware attacks including targeted attacks, advanced persistent threats, and zero-day threats with a layered approach to security at the endpoint. Superior protection that fuses essential and next-gen technologies in a multi-layered fashion. High-performance, lightweight single client, single management console across both physical and virtual protection and orchestrated response delivered at scale

    Symantec Endpoint Protection Reviews
    Optimized for quick response

    In a multi-vector attack, cybercriminals combine a variety of threat technologies, deployed in numerous stages, over multiple points of entry, or vectors, to infect computers and networks. To keep businesses, their users, and their devices safe, Webroot SecureAnywhere® Business Endpoint Protection offers a unique blend of layered multi-vector protection that stops threats across email, web browsing, files, URLs, ads, apps, and more.

    Webroot Endpoint Protection Reviews
    Optimized for quick response

    Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of advanced malware and exploit prevention methods that protect users and endpoints from known and unknown threats.


    Complete security that includes encryption, web filtering and patch assessment


    Bitdefender GravityZone combines all the security services organizations need into a single delivery platform to reduce their cost of building a trusted environment for all endpoints.


    Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.


    ESET’s Endpoint Security solutions leverage a multilayered approach that utilizes multiple technologies working in a dynamic equilibrium, which has the ability to constantly balance performance, detection and false positives. ESET Security Management Center can be installed on Windows, Linux or via Virtual Appliance. After install, all management is done via a web-console, allowing easy access and management from any device or operating system. All ESET Endpoint products despite the OS can be managed from a single ESET Security Management Center instance. In addition, ESET Security Management Center supports full Mobile Device Management (MDM) of Android and iOS devices. Multiple users and permission groups can be created to allow access to a limited portion of the ESET Security Management Center instance. This allows full streamlining of responsibilities across large enterprise teams.

    ESET Endpoint Security Reviews
    Optimized for quick response
    Get a Quote

    IBM® BigFix® addresses a major challenge faced by many organizations — how to gain full visibility into the constantly changing endpoint landscape while bridging the gap between threat detection and remediation. See clearly: Discover and audit endpoints on or off the corporate network. Detect evasive attacks with behavioral analytics. Understand completely: Guided investigations to define the scope of detected attacks. Define what remediation action you need to take. Act precisely: Immediately contain and remediate attacks enterprise-wide. Continuously reduce your attack surface.


    Cb Response is the market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Cb Response makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Cb Response also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement.


    53% of breaches do not use malware. Streaming prevention through Cb Defense goes beyond machine-learning AV to stop all types of attacks before they compromise your systems. Cb Defense, with its breakthrough prevention model, market-leading detection and response capabilities and single lightweight agent, is the future of next-gen antivirus.


    Stop known and unknown threats on all platforms using sophisticated machine learning and intelligent automation. SentinelOne predicts malicious behavior across all vectors, rapidly eliminates threats with a fully-automated incident response protocol, and adapts defenses against the most advanced cyber attacks.


    Easy to use security-as-a-service for organizations with limited IT security resources


    Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.


    FireEye Endpoint Security (HX series) products provide organizations with the ability to continuously monitor endpoints for advanced malware and indicators of compromise that routinely bypass signature-based and defense-in-depth security systems.


    Detect, isolate, and eliminate intrusions across all endpoints using AI, automated incident generation, and unparalleled threat intelligence.


    An enterprise solution that allows you to query and modify your managed computer assets in seconds, regardless of the size of your network.


    EnCase Endpoint Security is the most complete threat detection and response solution—eliminating the time it takes to detect, validate, triage, investigate, and remediate known and unknown threats lurking across the enterprise, unseen by perimeter and network solutions. An organization’s security is simply not complete without endpoint visibility.



    CloudCare is a free, cloud-based, endpoint security administration platform that makes it significantly faster and easier to monitor threats, resolve issues, and deliver multiple layers of protection to your customers.


    With Azure Advanced Threat Protection, the power and scale of the cloud help you safeguard against threats that are increasing in frequency, severity, and sophistication.


    Bromium has pioneered a completely new approach to defeat cyber attacks in real time and provide unmatched threat intelligence hardware-enforced isolation.


    Check Point Endpoint Security combines data security, network security, threat prevention technologies and remote access VPN into one package for complete Windows and Mac OS X protection.


    With Proofpoint Cloud Account Defense (PCAD), you can protect your people and your organization from Microsoft Office 365 account compromise.


    Deep Discovery Inspector is available as a physical or virtual network appliance. It's designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.


    Proofpoint Domain Discover for Email gives you the actionable intelligence to preemptively stop impostor emails before they reach your inbox.


    Proofpoint Email Fraud Defense gives you the visibility, tools, and services to authorize legitimate email and block fraudulent messages before they reach the inbox.


    ET Intelligence helps prevent attacks and reduce risk by helping you understand the historical context of where these threats originated, who is behind them, when have they attacked, what methods they used, and what they're after.


    Comodo provides Advanced Endpoint Protection Solution for Small Medium Enterprise that solve malware problem quickly with complete security from known and unknown threats from automatic containment and crowd-sourced intelligence knowledge base.


    enSilo offers a complete endpoint security and malware protection solution, designed to stop malware post-infection real-time from causing harm and tampering or exfiltrating data from endpoints.


    Going beyond malware protection, F-Secure provides end-point protection and security management solutions. Developed in Europe for businesses around the globe.


    Proofpoint Information Archiving solutions provide automated social media content supervision, remediation, and record retention - all from a common interface.


    The ServiceNow Instance Security Dashboard gives your ServiceNow administrator quick and easy visibility to your instances' current compliance levels based on application security standards.


    Proofpoint Mail Routing Agent (MRA) provides secure, scalable, reliable email routing and management for even the most complex email infrastructures.


    Panda Endpoint Protection provides centralized protection for all of your Windows, Mac and Linux workstations, including laptops, smartphones and the leading virtualization systems.


    Bricata ProAccel provides a deep, multi-vector cyber threat defense to protect networks.


    SanerNow is a SaaS platform for endpoint security and management — a platform that hosts numerous tools to cover various endpoint security and management requirements. SanerNow addresses the following business cases: - Vulnerability Management - Patch Management - Compliance Management - Asset Management - Endpoint Management - Endpoint Threat Detection and Response


    Open source email server and solutions from Proofpoint


    Syniverse is a global transaction processor that connects more than 1,500 mobile service providers, enterprises, ISPs and OTTs in nearly 200 countries and territories, enabling seamless mobile communications across disparate and rapidly evolving networks, devices and applications.


    Proofpoint Targeted Attack Protection (TAP) helps organizations efficiently detect, mitigate and respond to known and unknown advanced threats that target people and VIPs through email. TAP provides unparalleled effectiveness in stopping targeted attacks that use polymorphic malware, weaponized documents and credential-stealing phishing techniques to obtain sensitive information. TAP seamlessly integrates with the Proofpoint secure email gateway (Proofpoint Email Protection) to deliver best-in-class email security in a way that is cost effective and easy to use. TAP leverages the cloud to scale deployment, adapt analysis and protect people on any network or device. With Proofpoint Targeted Attack Protection (TAP), you can: • Provide sophisticated analysis to prevent threats from getting to a user's inbox. • Detect known and unknown threats using adaptable analysis capabilities. • Provide security teams detailed analysis and visibility about threats and threat campaigns. • Provide visibility into threats targeting the Very Attacked People (VAP) in an organization.


    Adept Secure is an endpoint protection software that provides user control, internal network traffic management, and financial transaction tracking.


    All Domain Intrusion Detection, Investigation, and Containment


    High end Herd Management and Farm Automation for beef fattening farms. Especially designed for mid-large scale farm operations. From feed bunk management to abattoir automation.. Probably the most advanced Herd management on the market.


    Avast is the global leader in next-gen cyber security products for consumers and businesses and protects over 400 million people online. Avast offers products under the Avast and AVG brands, that protect people from threats on the internet with one of the most advanced threat detection networks in the world. Avast digital security products are top ranked for mobile, PC and Mac. For businesses, Avast offers comprehensive antivirus security that keeps your devices, data, and employees safe from the latest cyber threats. Work and browse confidently from anywhere knowing your business is completely protected. If you are a MSP or VAR, you can also deliver enhanced managed services to your customers and take your business even further. Just choose from our Avast CloudCare cloud-based protection solution or our full-stack, remote monitoring and management platform.


    Awake detects attacks that blend in with business-justified activity and enables conclusive and rapid response. With exhaustive intelligence from the network, Awake uniquely identifies mal-intent to stop insider attacks, file-less malware, and much more.


    BlackFog provides GDPR privacy and fileless cyberattack defense for real time protection against online threats. It focuses on non-signature based threat detection using outbound traffic monitoring to protect the device and privacy of the end user. It consists of 11 layers of defense against ransomware, spyware, malware and unauthorized data collection and profiling.


    BluVector Pulse delivers a fully turnkey sense and respond platform, automating the health and heartbeat monitoring and device management of the market-leading BluVector Cortex offering.


    Cb Predictive Security Cloud collects and analyzes unfiltered endpoint data to make predictions about, and protect against, future, and unknown attacks.


    Cb Protection is the strongest security possible for data centers and critical systems. Using a ‘Default Deny’ approach, Cb Protection reduces your attack surface with a single security agent and reduces downtime by automating approval of trusted software and eliminating the burden of whitelist management. and drives automatic approvals through IT-driven policies, as well one of the most extensive trust and reputation databases in the world. Cb Protection helps organizations achieve continuous compliance across every regulatory framework. It does this in a highly scalable manner that minimizes IT overhead, allowing a single admin to manage up to 10,000 endpoints.


    Check Point Infinity is the only fully consolidated cyber security architecture that provides unprecedented protection against Gen V mega-cyberattacks as well as future cyber threats across all networks, endpoint, cloud and mobile. The architecture is designed to resolve the complexities of growing connectiviity and inefficient security


    CimTrak delivers integrity monitoring, proactive incident response, change control, and auditing capabilities in one easy to use and cost effective file integrity monitoring tool.