Endpoint Detection & Response (EDR)
Endpoint Detection & Response (EDR) detects malware and protects your computers (also referred to as endpoints). Working in conjunction with our antivirus it detects and eliminates over 99% of threats. New threats are being developed and released into the wild every day. The deck is stacked in favour of cybercriminals. Every endpoint is a potential attack point and possible vulnerability. EDR can help you level the playing field and stay ahead of cybercriminals.
What is EDR?
Traditional antivirus has limitations in detecting newer threats and attackers easily bypass traditional protection. Endpoint Detection & Response is built on threat intelligence and analysis. It has advanced threat detection which picks up any malware and ransomware attacks. Once detected, an alert is triggered on our Professional Services Automation (PSA) system. False alarms are suppressed to prevent future false positives. Real threats are either terminated, eliminated or the infected device is isolated to prevent spread across your business network.
Continuous monitoring provides a shield against ransomware and other malware. Suspicious behaviour provides contextual information, blocks malicious activity and provides remediation to restore the affected system. One of EDR’s key functions is to automatically uncover stealth attackers. The endpoint visibility and behavioural analytics analyse events in real time to detect suspicious behaviour. Any suspicious activity triggers an alert.
Threat intelligence provides the context of any suspicious activity. This improves the accuracy of detection and records the details of an attacker which is shared to prevent further attacks. Live attacks are stopped and remediated immediately. Isolation of endpoints prevents repeated attack attempts and malware spread on a network.
EDR includes endpoint visibility, a threat database, behavioural protection, insight & intelligence, quick response and remediation. All of this protection is working silently in the background so you can focus on your business without the worry in this increasingly connected world.
Do I need EDR?
The vast majority of businesses operate online or connected to the Internet in some way. Every endpoint that is connected to the Internet needs EDR protection. In some cases EDR protection is a requirement by a governing body and/or your business insurance. Even where EDR is not a compliance requirement, it makes sense to protect your business from online threats.
Contact TST if you want the peace of mind and protection that comes with EDR. EDR Protection is part of our Business Essentials support package, which also includes antivirus, priority remote support, ransomware protection and endpoint backup.