Engineering:Endpoint Detection and Response

From HandWiki
Short description: Threat monitoring technology

Endpoint Detection and Response (EDR), also known as Endpoint Threat Detection and Response (ETDR) is a cyber technology that continually monitors and responds to mitigate cyber threats.[1][2]

History

In 2013, Anton Chuvakin of Gartner coined the Endpoint Threat Detection and Response terminology to imply "the tools primarily focused on detecting and investigating suspicious activities (and traces of such) other problems on hosts/endpoints".[3] Now, it is commonly known as Endpoint Detection and Response.

According to the Endpoint Detection and Response - Global Market Outlook (2017-2026) report, the adoption of cloud-based and on-premise EDR solutions are going to grow 26% annually, and will be valued at $7273.26 million by 2026.[4] Also, according to the Artificial Intelligence (AI) in Cyber Security Market report by Zion Market Research, the role of machine learning and artificial intelligence will create a $30.9 billion cyber security market by 2025.[5][6]

Concept

Endpoint Detection and Response (EDR) is a technology used to protect endpoints, which are computer hardware devices, from threat. Creators of the EDR technology based platforms deploy tools to gather data from endpoint devices, and then analyze the data to reveal potential cyber threats and issues. It is a protection against hacking attempts and stealing of user data. The software is installed on the end-user device and it is continually monitored. The data is stored in a centralized database. In an incident when a threat is found, the end-user is immediately prompted with preventive list of actions.[7][8]

Every EDR platform has its unique set of capabilities. However, some common capabilities include the monitoring of endpoints in both the online and offline mode, responding to threats in real-time, increasing visibility and transparency of user data, detecting store endpoint events and malware injections, creating blacklists and whitelist, and integration with other technologies.[1][7]

References

  1. 1.0 1.1 "EDR Security and Protection for the Enterprise" (in en-US). https://www.cynet.com/platform/threat-protection/edr-endpoint-detection-and-response/. 
  2. "What is Endpoint Detection and Response (EDR)? - Definition from Techopedia" (in en). https://www.techopedia.com/definition/33710/endpoint-detection-and-response-edr. 
  3. "Named: Endpoint Threat Detection & Response" (in en). 2013-07-26. https://blogs.gartner.com/anton-chuvakin/2013/07/26/named-endpoint-threat-detection-response/. 
  4. "Global $7.27 Bn Endpoint Detection and Response Market to 2026" (in en-US). https://finance.yahoo.com/news/global-7-27-bn-endpoint-131500381.html. 
  5. Research, Zion Market (2019-08-28). "Artificial Intelligence (AI) In Cyber Security Market Will Reach to USD 30.9 Billion By 2025: Zion Market Research". http://www.globenewswire.com/news-release/2019/08/28/1907655/0/en/Artificial-Intelligence-AI-In-Cyber-Security-Market-Will-Reach-to-USD-30-9-Billion-By-2025-Zion-Market-Research.html. 
  6. "10 Ways AI And Machine Learning Are Improving Endpoint Security". https://www.business2community.com/celebrity/10-ways-ai-and-machine-learning-are-improving-endpoint-security-02247235. 
  7. 7.0 7.1 "What is endpoint detection and response (EDR)? A definition by WhatIs.com" (in en). https://searchsecurity.techtarget.com/definition/endpoint-detection-and-response-EDR. 
  8. "What Is EDR? | A Brief Definition of Endpoint Detection and Response" (in en-US). 2019-03-06. https://enterprise.comodo.com/blog/what-is-endpoint-detection-response/. 




Retrieved from "https://handwiki.org/wiki/index.php?title=Engineering:Endpoint_Detection_and_Response&oldid=469124"