Cybersecurity Tips & Tricks: What is endpoint detection and response software, and why does it matter?

Next story
Editor

Anti-malware products protect IT systems by scanning computer traffic as it enters an endpoint system, with malicious files automatically being blocked. These clever products use multiple technologies in a layered approach to achieve this, with one important element being endpoint detection and response (EDR) software.

EDR solutions are designed to collect, record and store large amounts of data generated from the activity on the endpoint and send it back to a central security platform for inspection. The data is then analyzed by a central tool and produces an alarm that alerts security professionals to further investigate any advanced attacks that would otherwise go unnoticed.

These advanced threats use complex techniques to avoid the automated defense systems and require a different approach to seeking them out. By collecting the data and having the right tools to interrogate them, IT security professionals can resolve the risk. Having monitored the attack, controlled it and then stopped it, it’s possible for security professionals to understand all the points the attack touched and clear up any further damage caused.

In this way, anti-malware solutions and EDR products complement each other by working in harmony to prevent known and unknown malware attacks. ESET’s own EDR tool – ESET Enterprise Inspector – analyzes vast amounts of real-time data to enable the swift detection that companies need to protect their systems in today’s highly complex digital environment.