What Is EDR? (Endpoint Detection & Response)

Oct 28, 2021 4:37:52 PM | Threat Protection What Is EDR? (Endpoint Detection & Response)

An endpoint is a device that users at a company rely on such as laptops, mobile phones, servers, and desktops. Anything that is an entry point into the network is considered an endpoint. In today’s world, even small companies have tons of endpoints, with each person usually having multiple. In order to protect these points of access (without taking away everybody’s devices of course) it is best to use an Endpoint Detection & Response (EDR) program.

EDR has some overlap with traditional antivirus programs, but it can do much more and reacts in ways that are more sophisticated. EDR can detect threats in real time and is based on behavior, whereas regular antivirus uses signature matching to compare files to a list of “bad” files and a scan must be done regularly to detect problems. EDR can do everything that a traditional antivirus program can do and more, so having an EDR solution in place is the best option.

At Shartega, we use SonicWall Capture Client to track the origins of threats, kill or quarantine them, and “roll back” the device to a previously good state in case of infection. SonicWall is well known for their content filtering software which can block malicious phishing sites to prevent email attacks and ransomware downloads. This content filtering technology (Web Threat Protection) is integrated into Capture Client and blocks access to millions of malicious URLs. To learn more about how EDR can help protect your business from modern ransomware and stop threats before they execute,

 

Check out this overview!

Written By: Brian Paglia