What is EDR?

An EDR is a new generation antivirus. The acronym for EDR, Endpoint Detection and Response, indicates the main purpose of this technology, to detect and respond to a security threat.

EDR is software that is installed on a computer and monitors all system activity. Unlike a traditional signature-based antivirus, EDR analyses the behaviour of the software running on the system and detects threats, for example detecting unknown malware not classified by other antivirus engines.

It is common for EDR software to collect telemetry, that is, the detail of all disk, memory or system process activity and send it to a server in the cloud. The search among this telemetry of unknown threats is what is called Threat hunting.

We are using cookies to give you the best experience on our website. You can find out more about which cookies we are using or switch them off in Cookies Settings

Necessary

Strictly Necessary Cookie should be enabled at all times so that we can save your preferences for cookie settings.

Necessary cookies

3rd Party Cookies

This website uses Google Analytics to collect anonymous information such as the number of visitors to the site, and the most popular pages. Keeping this cookie enabled helps us to improve our website.

3rd party cookies

Cookies policy