Endpoint detection and response (EDR) tools are the newest members of the endpoint security family. They combine elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. These tools give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as security information and event management (SIEM), vulnerability management, and incident response tools.
To qualify for inclusion in the Endpoint Detection and Response category, a product must:
Endpoint Detection & Response (EDR) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.
Symantec Endpoint Protection (SEP) is designed to protect against malware attacks including targeted attacks, advanced persistent threats, and zero-day threats with a layered approach to security at the endpoint. Superior protection that fuses essential and next-gen technologies in a multi-layered fashion. High-performance, lightweight single client, single management console across both physical and virtual protection and orchestrated response delivered at scale
In a multi-vector attack, cybercriminals combine a variety of threat technologies, deployed in numerous stages, over multiple points of entry, or vectors, to infect computers and networks. To keep businesses, their users, and their devices safe, Webroot SecureAnywhere® Business Endpoint Protection offers a unique blend of layered multi-vector protection that stops threats across email, web browsing, files, URLs, ads, apps, and more.
To stop the widest range of threats, Sophos Intercept X employs a comprehensive defense-in-depth approach to endpoint protection rather than simply relying on one primary security technique. This is the “the power of the plus” – a combination of leading foundational (traditional) and modern (next-gen) techniques. Intercept X integrates the industry’s top-rated malware detection and exploit protection with built-in endpoint detection and response (EDR). Drive threat prevention to unmatched levels. The artificial intelligence built into Intercept X is a deep learning neural network, an advanced form of machine learning that detects both known and unknown malware without relying on signatures. Deep learning makes Intercept X smarter, more scalable, and higher-performing than endpoint security solutions that use traditional machine learning or signature-based detection alone.
Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.
Stop known and unknown threats on all platforms using sophisticated machine learning and intelligent automation. SentinelOne predicts malicious behavior across all vectors, rapidly eliminates threats with a fully-automated incident response protocol, and adapts defenses against the most advanced cyber attacks.
Always-on protection for your laptops, desktops and servers
53% of breaches do not use malware. Streaming prevention through Cb Defense goes beyond machine-learning AV to stop all types of attacks before they compromise your systems. Cb Defense, with its breakthrough prevention model, market-leading detection and response capabilities and single lightweight agent, is the future of next-gen antivirus.
Cb Response is the market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. Cb Response makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. Cb Response also allows teams to connect to and isolate infected machines to prevent lateral movement and remediate devices without costly IT involvement.
Malwarebytes Endpoint Security brings all of our industry-leading protection and remediation technologies into one powerful solution. This multi-layer defense model breaks the attack chain by combining advanced malware detection and remediation, malicious website blocking, ransomware blocking, and exploit protection in a single platform. Malwarebytes Breach Remediation, our threat detection and remediation solution, scans for and remediates malware, reducing dwell time and the need for endpoint re-imaging. It integrates seamlessly into existing security stacks.
Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.
Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators the ability to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an auditable activity trail. With Proofpoint Threat Response Auto-Pull, you can protect your people, data, and brand from today’s threats by: • Automatically pulling malicious or unwanted messages from an end-users inbox. • Enriching each message by checking every domain and IP address against premium intelligence feeds. • Including built-in reporting, showing stats like: Email quarantine success or failures, email retraction read status, targeting by active directory attribute • Reducing the remediation time needed from hours to minutes.
EnCase Endpoint Security is the most complete threat detection and response solution—eliminating the time it takes to detect, validate, triage, investigate, and remediate known and unknown threats lurking across the enterprise, unseen by perimeter and network solutions. An organization’s security is simply not complete without endpoint visibility.
Deep Discovery Inspector is available as a physical or virtual network appliance. It's designed to quickly detect advanced malware that typically bypasses traditional security defenses and exfiltrates sensitive data. Specialized detection engines and custom sandbox analysis detect and prevent breaches.
ESET Enterprise Inspector is ESET's Endpoint Detection and Response (EDR) tool for identification of anomalous behavior, identification of breaches, risk assessment, and further forensic investigation that features response capabilities to mitigate the discovered threats.
CrowdStrike Falcon endpoint protection unifies the technologies required to successfully stop breaches: next-generation antivirus, endpoint detection and response, IT hygiene, 24/7 threat hunting and threat intelligence. They combine to provide continuous breach prevention in a single agent.
SanerNow is a SaaS platform for endpoint security and management — a platform that hosts numerous tools to cover various endpoint security and management requirements. SanerNow addresses the following business cases: - Vulnerability Management - Patch Management - Compliance Management - Asset Management - Endpoint Management - Endpoint Threat Detection and Response
Symantec Protection Suite Enterprise Edition combines best-of-breed products to secure your endpoint and email infrastructure. It delivers protection against complex malware, data loss, and spam threats along with industry-leading messaging protection.
GFI EndPointSecurity could save your business. It gives you control of all your portable devices from one central control panel. Data theft is prevented, and harmful new software and files are blocked from your network. GFI EndPointSecurity is packed with features that protect and secure your data. Access Control allows you to grant or deny access to any known device on your network. You control which devices are blocked by class, physical port or device ID. You control access duration. Grant devices access for two hours, one week, or any time period. And Access Control can block unknown devices automatically. So your data is always fully secured.
SNOW is an endpoint detection/response solution in the form of a lightweight cross platform sensor. Operating on a host based managed system, it proactively searches through networks 24/7 to provide the ultimate protection against todays most sophisticated cyber security threats.
Endpoint Detection and Response
Cynet converges multiple technologies (EPP, EDR, UBA, Deception, Network Analytics and vulnerability management), with a 24/7 cyber SWAT team, to provide unparalleled visibility and defend all domains of your internal network: endpoints, network, files and users, from all types of attacks.
SparkCognition is a leader in cognitive computing analytics that develops AI-Powered cyber-physical software for the safety, security, and reliability of IT, OT, and the IIoT. SparkCognition builds artificial intelligence solutions for applications in energy, oil and gas, manufacturing, finance, aerospace, defense, and security.
Sequretek���s EDPR helps organizations to Detect, Protect and Respond against zero-day threats, advanced persistent threats, ransomware attacks and other malware. EDPR is the first product in the industry to achieve efficiency and sophistication in product design that combines a multitude of technologies.
IntSights is revolutionizing cyber security with a first of its kind Enterprise Threat Intelligence & Mitigation platform that delivers proactive defense by transforming threat intelligence into automated security action. It monitors your external risk profile, aggregates and analyzes tens of thousands of threats, and automates the risk mitigation lifecycle.
Falcon Complete™ changes the game by making endpoint security powerful and easy for all organizations. Falcon Complete combines CrowdStrike’s industry-leading protection technologies with the people, expertise and processes necessary to provide the most effective, worry-free approach to endpoint security.