How EDR stops hackers in their tracks

EDR definition

Endpoint detection and response (EDR) is a category of security tools that monitor end-user hardware devices across a network for a range of suspicious activities and behavior, reacting automatically to block perceived threats and saving forensics data for further investigation.

An EDR platform combines deep visibility into everything that’s happening on an endpoint device — processes, changes to DLLs and registry settings, file and network activity — with data aggregation and analytics capabilities that allow threats to be recognized and countered by either automated processes or human intervention. Endpoint here generally means any end-user device, from a laptop to a smartphone, and can encompass IoT gadgets as well.

To read this article in full, please click here

Read more: How EDR stops hackers in their tracks

Story added 8. November 2019, content source with full text you can find at link above.