{"global":{"lastError":{},"locale":"en","locales":{"data":[{"id":"de","name":"Deutsch"},{"id":"en","name":"English"}],"loading":false,"error":false},"currency":{"id":49,"name":"EUR"},"currencies":{"data":[{"id":49,"name":"EUR"},{"id":124,"name":"RUB"},{"id":153,"name":"UAH"},{"id":155,"name":"USD"}],"loading":false,"error":false},"translations":{"comparison":{"compare":{"ru":"Сравнить","_type":"localeString","en":"Compare"},"characteristics":{"ru":"Характеристики","_type":"localeString","en":"Characteristics"},"additional_template":{"ru":"Дополнительные характеристики","_type":"localeString","en":"Additional characteristics"},"nothing_to_show":{"ru":"Нет данных для отображения","_type":"localeString","en":"No data to compare"}},"header":{"help":{"de":"Hilfe","ru":"Помощь","_type":"localeString","en":"Help"},"how":{"de":"Wie funktioniert es","ru":"Как это работает","_type":"localeString","en":"How does it works"},"login":{"en":"Log in","de":"Einloggen","ru":"Вход","_type":"localeString"},"logout":{"ru":"Выйти","_type":"localeString","en":"Sign out"},"faq":{"_type":"localeString","en":"FAQ","de":"FAQ","ru":"FAQ"},"references":{"en":"Requests","de":"References","ru":"Мои запросы","_type":"localeString"},"solutions":{"_type":"localeString","en":"Solutions","ru":"Возможности"},"find-it-product":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"autoconfigurator":{"en":" Price calculator","ru":"Калькулятор цены","_type":"localeString"},"comparison-matrix":{"en":"Comparison Matrix","ru":"Матрица сравнения","_type":"localeString"},"roi-calculators":{"ru":"ROI калькуляторы","_type":"localeString","en":"ROI calculators"},"b4r":{"ru":"Бонус за референс","_type":"localeString","en":"Bonus for reference"},"business-booster":{"ru":"Развитие бизнеса","_type":"localeString","en":"Business boosting"},"catalogs":{"ru":"Каталоги","_type":"localeString","en":"Catalogs"},"products":{"ru":"Продукты","_type":"localeString","en":"Products"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"companies":{"_type":"localeString","en":"Companies","ru":"Компании"},"categories":{"_type":"localeString","en":"Categories","ru":"Категории"},"for-suppliers":{"ru":"Поставщикам","_type":"localeString","en":"For suppliers"},"blog":{"en":"Blog","ru":"Блог","_type":"localeString"},"agreements":{"en":"Deals","ru":"Сделки","_type":"localeString"},"my-account":{"en":"My account","ru":"Мой кабинет","_type":"localeString"},"register":{"_type":"localeString","en":"Register","ru":"Зарегистрироваться"},"comparison-deletion":{"_type":"localeString","en":"Deletion","ru":"Удаление"},"comparison-confirm":{"en":"Are you sure you want to delete","ru":"Подтвердите удаление","_type":"localeString"},"search-placeholder":{"_type":"localeString","en":"Enter your search term","ru":"Введите поисковый запрос"},"my-profile":{"_type":"localeString","en":"My profile","ru":"Мои данные"},"about":{"_type":"localeString","en":"About Us"},"it_catalogs":{"_type":"localeString","en":"IT catalogs"},"roi4presenter":{"en":"Roi4Presenter","_type":"localeString"},"roi4webinar":{"en":"Pitch Avatar","_type":"localeString"},"sub_it_catalogs":{"en":"Find IT product","_type":"localeString"},"sub_b4reference":{"en":"Get reference from user","_type":"localeString"},"sub_roi4presenter":{"_type":"localeString","en":"Make online presentations"},"sub_roi4webinar":{"_type":"localeString","en":"Create an avatar for the event"},"catalogs_new":{"en":"Products","_type":"localeString"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"},"it_our_it_catalogs":{"_type":"localeString","en":"Our IT Catalogs"},"it_products":{"en":"Find and compare IT products","_type":"localeString"},"it_implementations":{"_type":"localeString","en":"Learn implementation reviews"},"it_companies":{"en":"Find vendor and company-supplier","_type":"localeString"},"it_categories":{"en":"Explore IT products by category","_type":"localeString"},"it_our_products":{"en":"Our Products","_type":"localeString"},"it_it_catalogs":{"_type":"localeString","en":"IT catalogs"}},"footer":{"copyright":{"en":"All rights reserved","de":"Alle rechte vorbehalten","ru":"Все права защищены","_type":"localeString"},"company":{"ru":"О компании","_type":"localeString","en":"My Company","de":"Über die Firma"},"about":{"de":"Über uns","ru":"О нас","_type":"localeString","en":"About us"},"infocenter":{"en":"Infocenter","de":"Infocenter","ru":"Инфоцентр","_type":"localeString"},"tariffs":{"_type":"localeString","en":"Subscriptions","de":"Tarife","ru":"Тарифы"},"contact":{"ru":"Связаться с нами","_type":"localeString","en":"Contact us","de":"Kontaktiere uns"},"marketplace":{"de":"Marketplace","ru":"Marketplace","_type":"localeString","en":"Marketplace"},"products":{"ru":"Продукты","_type":"localeString","en":"Products","de":"Produkte"},"compare":{"_type":"localeString","en":"Pick and compare","de":"Wähle und vergleiche","ru":"Подобрать и сравнить"},"calculate":{"de":"Kosten berechnen","ru":"Расчитать стоимость","_type":"localeString","en":"Calculate the cost"},"get_bonus":{"_type":"localeString","en":"Bonus for reference","de":"Holen Sie sich einen Rabatt","ru":"Бонус за референс"},"salestools":{"de":"Salestools","ru":"Salestools","_type":"localeString","en":"Salestools"},"automatization":{"ru":"Автоматизация расчетов","_type":"localeString","en":"Settlement Automation","de":"Abwicklungsautomatisierung"},"roi_calcs":{"en":"ROI calculators","de":"ROI-Rechner","ru":"ROI калькуляторы","_type":"localeString"},"matrix":{"_type":"localeString","en":"Comparison matrix","de":"Vergleichsmatrix","ru":"Матрица сравнения"},"b4r":{"de":"Rebate 4 Reference","ru":"Rebate 4 Reference","_type":"localeString","en":"Rebate 4 Reference"},"our_social":{"_type":"localeString","en":"Our social networks","de":"Unsere sozialen Netzwerke","ru":"Наши социальные сети"},"subscribe":{"de":"Melden Sie sich für den Newsletter an","ru":"Подпишитесь на рассылку","_type":"localeString","en":"Subscribe to newsletter"},"subscribe_info":{"ru":"и узнавайте первыми об акциях, новых возможностях и свежих обзорах софта","_type":"localeString","en":"and be the first to know about promotions, new features and recent software reviews"},"policy":{"en":"Privacy Policy","ru":"Политика конфиденциальности","_type":"localeString"},"user_agreement":{"ru":"Пользовательское соглашение ","_type":"localeString","en":"Agreement"},"solutions":{"ru":"Возможности","_type":"localeString","en":"Solutions"},"find":{"_type":"localeString","en":"Selection and comparison of IT product","ru":"Подбор и сравнение ИТ продукта"},"quote":{"ru":"Калькулятор цены","_type":"localeString","en":"Price calculator"},"boosting":{"_type":"localeString","en":"Business boosting","ru":"Развитие бизнеса"},"4vendors":{"en":"4 vendors","ru":"поставщикам","_type":"localeString"},"blog":{"ru":"блог","_type":"localeString","en":"blog"},"pay4content":{"en":"we pay for content","ru":"платим за контент","_type":"localeString"},"categories":{"ru":"категории","_type":"localeString","en":"categories"},"showForm":{"ru":"Показать форму","_type":"localeString","en":"Show form"},"subscribe__title":{"ru":"Раз в месяц мы отправляем дайджест актуальных новостей ИТ мира!","_type":"localeString","en":"We send a digest of actual news from the IT world once in a month!"},"subscribe__email-label":{"_type":"localeString","en":"Email","ru":"Email"},"subscribe__name-label":{"_type":"localeString","en":"Name","ru":"Имя"},"subscribe__required-message":{"ru":"Это поле обязательное","_type":"localeString","en":"This field is required"},"subscribe__notify-label":{"_type":"localeString","en":"Yes, please, notify me about news, events and propositions","ru":"Да, пожалуйста уведомляйте меня о новостях, событиях и предложениях"},"subscribe__agree-label":{"ru":"Подписываясь на рассылку, вы соглашаетесь с %TERMS% и %POLICY% и даете согласие на использование файлов cookie и передачу своих персональных данных*","_type":"localeString","en":"By subscribing to the newsletter, you agree to the %TERMS% and %POLICY% and agree to the use of cookies and the transfer of your personal data"},"subscribe__submit-label":{"en":"Subscribe","ru":"Подписаться","_type":"localeString"},"subscribe__email-message":{"ru":"Пожалуйста, введите корректный адрес электронной почты","_type":"localeString","en":"Please, enter the valid email"},"subscribe__email-placeholder":{"ru":"username@gmail.com","_type":"localeString","en":"username@gmail.com"},"subscribe__name-placeholder":{"_type":"localeString","en":"Last, first name","ru":"Имя Фамилия"},"subscribe__success":{"ru":"Вы успешно подписаны на рассылку. Проверьте свой почтовый ящик.","_type":"localeString","en":"You are successfully subscribed! Check you mailbox."},"subscribe__error":{"en":"Subscription is unsuccessful. Please, try again later.","ru":"Не удалось оформить подписку. Пожалуйста, попробуйте позднее.","_type":"localeString"},"roi4presenter":{"_type":"localeString","en":"Roi4Presenter","de":"roi4presenter","ru":"roi4presenter"},"it_catalogs":{"en":"IT catalogs","_type":"localeString"},"roi4webinar":{"_type":"localeString","en":"Pitch Avatar"},"b4reference":{"_type":"localeString","en":"Bonus4Reference"}},"breadcrumbs":{"home":{"en":"Home","ru":"Главная","_type":"localeString"},"companies":{"ru":"Компании","_type":"localeString","en":"Companies"},"products":{"en":"Products","ru":"Продукты","_type":"localeString"},"implementations":{"en":"Deployments","ru":"Внедрения","_type":"localeString"},"login":{"en":"Login","ru":"Вход","_type":"localeString"},"registration":{"ru":"Регистрация","_type":"localeString","en":"Registration"},"b2b-platform":{"en":"B2B platform for IT buyers, vendors and suppliers","ru":"Портал для покупателей, поставщиков и производителей ИТ","_type":"localeString"}},"comment-form":{"title":{"ru":"Оставить комментарий","_type":"localeString","en":"Leave comment"},"firstname":{"ru":"Имя","_type":"localeString","en":"First name"},"lastname":{"ru":"Фамилия","_type":"localeString","en":"Last name"},"company":{"en":"Company name","ru":"Компания","_type":"localeString"},"position":{"ru":"Должность","_type":"localeString","en":"Position"},"actual-cost":{"_type":"localeString","en":"Actual cost","ru":"Фактическая стоимость"},"received-roi":{"ru":"Полученный ROI","_type":"localeString","en":"Received ROI"},"saving-type":{"ru":"Тип экономии","_type":"localeString","en":"Saving type"},"comment":{"_type":"localeString","en":"Comment","ru":"Комментарий"},"your-rate":{"ru":"Ваша оценка","_type":"localeString","en":"Your rate"},"i-agree":{"en":"I agree","ru":"Я согласен","_type":"localeString"},"terms-of-use":{"en":"With user agreement and privacy policy","ru":"С пользовательским соглашением и политикой конфиденциальности","_type":"localeString"},"send":{"en":"Send","ru":"Отправить","_type":"localeString"},"required-message":{"ru":"{NAME} - это обязательное поле","_type":"localeString","en":"{NAME} is required filed"}},"maintenance":{"title":{"_type":"localeString","en":"Site under maintenance","ru":"На сайте проводятся технические работы"},"message":{"ru":"Спасибо за ваше понимание","_type":"localeString","en":"Thank you for your understanding"}}},"translationsStatus":{"comparison":"success"},"sections":{},"sectionsStatus":{},"pageMetaData":{"comparison":{"title":{"_type":"localeString","en":"Compare products","ru":"Сравнить продукты"}}},"pageMetaDataStatus":{"comparison":"success"},"subscribeInProgress":false,"subscribeError":false},"auth":{"inProgress":false,"error":false,"checked":true,"initialized":false,"user":{},"role":null,"expires":null},"products":{"productsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null,"useProductLoading":false,"sellProductLoading":false,"templatesById":{},"comparisonByTemplateId":{}},"filters":{"filterCriterias":{"loading":false,"error":null,"data":{"price":{"min":0,"max":6000},"users":{"loading":false,"error":null,"ids":[],"values":{}},"suppliers":{"loading":false,"error":null,"ids":[],"values":{}},"vendors":{"loading":false,"error":null,"ids":[],"values":{}},"roles":{"id":200,"title":"Roles","values":{"1":{"id":1,"title":"User","translationKey":"user"},"2":{"id":2,"title":"Supplier","translationKey":"supplier"},"3":{"id":3,"title":"Vendor","translationKey":"vendor"}}},"categories":{"flat":[],"tree":[]},"countries":{"loading":false,"error":null,"ids":[],"values":{}}}},"showAIFilter":false},"companies":{"companiesByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"implementations":{"implementationsByAlias":{},"aliases":{},"links":{},"meta":{},"loading":false,"error":null},"agreements":{"agreementById":{},"ids":{},"links":{},"meta":{},"loading":false,"error":null},"comparison":{"loading":false,"error":false,"templatesById":{"107":{"id":107,"title":"Endpoint Detection and Response","characteristics":[{"id":1929,"title":"Advanced Malware Detection","required":0,"type":"binary"},{"id":1931,"title":"Behavioral Analytics","required":0,"type":"binary"},{"id":1933,"title":"Botnet Detection","required":0,"type":"binary"},{"id":1935,"title":"Cloud-based Sandboxing","required":0,"type":"binary"},{"id":1937,"title":"Alert Management Workflow","required":0,"type":"binary"},{"id":1939,"title":"Risk Prioritization","required":0,"type":"binary"},{"id":1941,"title":"Incident Auto-correlation","required":0,"type":"binary"},{"id":1943,"title":"Incident Visualization","required":0,"type":"binary"},{"id":1945,"title":"File Reputation","required":0,"type":"binary"},{"id":1947,"title":"Event History","required":0,"type":"binary"},{"id":1949,"title":"Remediation Task List","required":0,"type":"binary"},{"id":1951,"title":"Termination of Malicious Activity","required":0,"type":"binary"},{"id":1953,"title":"Registry Repair","required":0,"type":"binary"},{"id":1955,"title":"NIC's Disabling","required":0,"type":"binary"},{"id":1957,"title":"Platforms","required":0,"type":"multiselect"}]}},"comparisonByTemplateId":{},"products":[{"id":3561,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/CrowdStrike_logo.png","logo":true,"scheme":false,"title":"Crowdstrike Falcon Insight","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"crowdstrike-falcon-insight","companyTypes":[],"description":"Traditional endpoint security tools have blind spots, making them unable to see and stop advanced threats. CrowdStrike Falcon Insight solves this by delivering complete endpoint visibility across your organization.\r\nInsight continuously monitors all endpoint activity and analyzes the data in real time to automatically identify threat activity, enabling it to both detect and prevent advanced threats as they happen. All endpoint activity is also streamed to the CrowdStrike Falcon platform so that security teams can rapidly investigate incidents, respond to alerts and proactively hunt for new threats.\r\n<span style=\"font-weight: bold;\">KEY BENEFITS:</span>\r\n<ul> <li>Detect advanced threats automatically</li> <li>Speed investigations with deep, real-time forensics</li> <li>Respond and remediate with confidence</li> <li>Conduct five-second enterprise searches</li> <li>Enable Falcon OverWatch threat hunting service</li> <li>Understand complex alerts at a glance with the MITRE-based detection framework</li> </ul>\r\nPrevention technologies are not perfect. If attackers manage to bypass your organization’s defenses, they can go unnoticed for weeks or months because security teams lack the visibility and detection tools to identify post-breach activity. This period of &quot;silent failure&quot; spells success for the attacker and potential disaster for the organization. Falcon Insight quickly detects, identifies and allows you to respond to incidents that are invisible to existing defenses.","shortDescription":"Falcon Insight streams threat detection and response lifecycle with speed, automation, and unrivaled visibility.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":6,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Crowdstrike Falcon Insight","keywords":"","description":"Traditional endpoint security tools have blind spots, making them unable to see and stop advanced threats. CrowdStrike Falcon Insight solves this by delivering complete endpoint visibility across your organization.\r\nInsight continuously monitors all endpoint a","og:title":"Crowdstrike Falcon Insight","og:description":"Traditional endpoint security tools have blind spots, making them unable to see and stop advanced threats. CrowdStrike Falcon Insight solves this by delivering complete endpoint visibility across your organization.\r\nInsight continuously monitors all endpoint a","og:image":"https://old.roi4cio.com/fileadmin/user_upload/CrowdStrike_logo.png"},"eventUrl":"","translationId":3562,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10777,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10778,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10779,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10780,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10781,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10782,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10783,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10784,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10785,"characteristicId":1945,"templateId":107,"value":"N/A"},"1947":{"id":10786,"characteristicId":1947,"templateId":107,"value":"N/A"},"1949":{"id":10787,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":10788,"characteristicId":1951,"templateId":107,"value":"N/A"},"1953":{"id":10789,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10790,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10791,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3567,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Cybereason_logo.png","logo":true,"scheme":false,"title":"Cybereason Endpoint Detection & Response (EDR)","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"cybereason-endpoint-detection-response-edr","companyTypes":[],"description":"Endpoint detection and response (EDR) platforms are a category of endpoint security tools, built to provide endpoint visibility, and are used to detect and respond to cyber threats and exploits.\r\n<span style=\"text-decoration: underline;\"><span style=\"font-weight: bold;\">Features</span></span>\r\n<span style=\"font-weight: bold;\">Correlation Across Machines.</span> Get detailed, correlated, and enriched data from every endpoint on your system in real time, without delays.\r\n<span style=\"font-weight: bold;\">Contextualized Alerts.</span> Get a complete story of the attack from start to finish with all related attack elements for each alert.\r\n<span style=\"font-weight: bold;\">Remediation Toolbox.</span> Fight modern threats that affect many machines with our accelerated remediation toolbox.","shortDescription":"Cybereason Endpoint Detection & Response (EDR) monitors and responds to advanced internet threats.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cybereason Endpoint Detection & Response (EDR)","keywords":"","description":"Endpoint detection and response (EDR) platforms are a category of endpoint security tools, built to provide endpoint visibility, and are used to detect and respond to cyber threats and exploits.\r\n<span style=\"text-decoration: underline;\"><span style=\"font-weig","og:title":"Cybereason Endpoint Detection & Response (EDR)","og:description":"Endpoint detection and response (EDR) platforms are a category of endpoint security tools, built to provide endpoint visibility, and are used to detect and respond to cyber threats and exploits.\r\n<span style=\"text-decoration: underline;\"><span style=\"font-weig","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Cybereason_logo.png"},"eventUrl":"","translationId":3568,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."},{"id":40,"title":"Endpoint security","alias":"endpoint-security","description":"In network security, endpoint security refers to a methodology of protecting the corporate network when accessed via remote devices such as laptops or other wireless and mobile devices. Each device with a remote connecting to the network creates a potential entry point for security threats. Endpoint security is designed to secure each endpoint on the network created by these devices.\r\nUsually, endpoint security is a security system that consists of security software, located on a centrally managed and accessible server or gateway within the network, in addition to client software being installed on each of the endpoints (or devices).&nbsp; The server authenticates logins from the endpoints and also updates the device software when needed. While endpoint security software differs by vendor, you can expect most software offerings to provide antivirus, antispyware, firewall and also a host intrusion prevention system (HIPS).\r\nEndpoint security is becoming a more common IT security function and concern as more employees bring consumer mobile devices to work and companies allow its mobile workforce to use these devices on the corporate network.<br /><br />","materialsDescription":"<span style=\"font-weight: bold;\">What are endpoint devices?</span>\r\nAny device that can connect to the central business network is considered an endpoint. Endpoint devices are potential entry points for cybersecurity threats and need strong protection because they are often the weakest link in network security.\r\n<span style=\"font-weight: bold;\">What is endpoint security management?</span>\r\nA set of rules defining the level of security that each device connected to the business network must comply with. These rules may include using an approved operating system (OS), installing a virtual private network (VPN), or running up-to-date antivirus software. If the device connecting to the network does not have the desired level of protection, it may have to connect via a guest network and have limited network access.\r\n<span style=\"font-weight: bold;\">What is endpoint security software?</span>\r\nPrograms that make sure your devices are protected. Endpoint protection software may be cloud-based and work as SaaS (Software as a Service). Endpoint security software can also be installed on each device separately as a standalone application.\r\n<span style=\"font-weight: bold;\">What is endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response (EDR) solutions analyze files and programs, and report on any threats found. EDR solutions monitor continuously for advanced threats, helping to identify attacks at an early stage and respond rapidly to a range of threats.<br /><br />"}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10762,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10763,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10764,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10765,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10766,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10767,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10768,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10769,"characteristicId":1943,"templateId":107,"value":"N/A"},"1945":{"id":10770,"characteristicId":1945,"templateId":107,"value":"N/A"},"1947":{"id":10771,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10772,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":10773,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10774,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10775,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10776,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3571,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Cylance_logo.png","logo":true,"scheme":false,"title":"Cylance Optics","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"cylance-optics","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Prevent. Detect. Respond.</span> CylanceOPTICS pushes all detection and response decisions down to the endpoint, eliminating response latency that can mean the difference between a minor security event and a widespread, uncontrolled security incident.\r\n<span style=\"font-weight: bold;\">Recently Enhanced Features and Benefits:</span>\r\n<ul> <li>Improved threat visibility through syslog integration</li> <li>Programmatically integrate CylanceOPTICS into security stack with new API support</li> <li>MITRE ATT&amp;CK Framework rules packages</li> <li>Reduce dwell time, and increase response time and consistency with Playbook-driven response</li> <li>Complete suspicious device investigations faster with partial lockdown</li> </ul>\r\n<span style=\"font-weight: bold;\">Cracking the EDR Code with AI</span>\r\nThe threat detection, investigation, response, and automation delivered by CylanceOPTICS means organizations can maintain continuous situational awareness and strong security posture regardless of changes to the threat landscape, budget, or their security team.\r\n<span style=\"font-weight: bold;\">SC Media Innovator &quot;Hall of Fame&quot;</span>\r\nCylancePROTECT and CylanceOPTICS are not only SC Lab approved solutions, but SC Media has also recognized us as an &quot;Innovator&quot; three years in a row. Now they've inducted us into their &quot;Hall of Fame.","shortDescription":"CylanceOPTICS is an AI-driven EDR component that provides consistent endpoint visibility for root cause analysis, threat hunting, incident response and containment.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":11,"sellingCount":14,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Cylance Optics","keywords":"","description":"<span style=\"font-weight: bold;\">Prevent. Detect. Respond.</span> CylanceOPTICS pushes all detection and response decisions down to the endpoint, eliminating response latency that can mean the difference between a minor security event and a widespread, uncontr","og:title":"Cylance Optics","og:description":"<span style=\"font-weight: bold;\">Prevent. Detect. Respond.</span> CylanceOPTICS pushes all detection and response decisions down to the endpoint, eliminating response latency that can mean the difference between a minor security event and a widespread, uncontr","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Cylance_logo.png"},"eventUrl":"","translationId":3572,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10908,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10909,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10910,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10911,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10912,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10913,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10914,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10915,"characteristicId":1943,"templateId":107,"value":"N/A"},"1945":{"id":10916,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10917,"characteristicId":1947,"templateId":107,"value":"N/A"},"1949":{"id":10918,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10919,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10920,"characteristicId":1953,"templateId":107,"value":true},"1955":{"id":10921,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":10922,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3569,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/ESET_Enterprise_Inspector.png","logo":true,"scheme":false,"title":"ESET Enterprise Inspector","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"alias":"eset-enterprise-inspector","companyTypes":[],"description":"An Endpoint Detection &amp; Response tool designed to leverage ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete prevention, detection and response solutions for quick analysis and remediation of any security issue in the network enabling organizations to take immediate action to:\r\n<ul> <li>Detect advanced persistent threats</li> <li>Stop file less attacks</li> <li>Block zero-day threats</li> <li>Protect against ransomware</li> <li>Neutralize state-sponsored attacks</li> </ul>\r\n<span style=\"font-weight: bold;\">Open architecture &amp; integrations</span>\r\nESET Enterprise Inspector provides a unique behavior and reputation based detection that is fully transparent to security teams. All rules are easily editable via XML to allow fine-tuning or easily created to match the needs of specific enterprise environments, including SIEM integrations.\r\n<span style=\"font-weight: bold;\">Adjustable sensitivity</span>\r\nUtilize ESET’s Endpoint Detection and Response tool to easily suppress false alarms by adjusting the sensitivity of detection rules for different computer groups or users. Combine criteria such as file name / path / hash / command line / signer to fine-tune the trigger conditions.\r\n<span style=\"font-weight: bold;\">Historic Threat Hunting</span>\r\nEasily adjust behavior rules with ESET Enterprise Inspector, then &quot;re-scan&quot; the entire events database. This allows you to then identify any new alerts triggered by the adjusted detection rules. No longer are you searching for a static IOC, but for dynamic behavior with multiple parameters.\r\n<span style=\"font-weight: bold;\">Synchronized response</span>\r\nESET’s Endpoint Detection and Response tool is built on top of existing ESET endpoint security solutions, creating a consistent ecosystem that allows cross-linking of all relevant objects and synchronized remediation of incidents.","shortDescription":"Uncover the unknown in your network with our EDR solution - ESET Enterprise Inspector.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":5,"sellingCount":5,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"ESET Enterprise Inspector","keywords":"","description":"An Endpoint Detection &amp; Response tool designed to leverage ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete preventi","og:title":"ESET Enterprise Inspector","og:description":"An Endpoint Detection &amp; Response tool designed to leverage ESET's multilayered Endpoint Protection Platform. All layers send relevant data to ESET Enterprise Inspector, which analyzes vast amounts of real time endpoint data. The result is complete preventi","og:image":"https://old.roi4cio.com/fileadmin/user_upload/ESET_Enterprise_Inspector.png"},"eventUrl":"","translationId":3570,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10968,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10969,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10970,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10971,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10972,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10973,"characteristicId":1939,"templateId":107,"value":"N/A"},"1941":{"id":10974,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10975,"characteristicId":1943,"templateId":107,"value":"N/A"},"1945":{"id":10976,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10977,"characteristicId":1947,"templateId":107,"value":"N/A"},"1949":{"id":10978,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10979,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10980,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10981,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10982,"characteristicId":1957,"templateId":107,"value":"Windows, Windows Server 2003-2016"}}}},{"id":5741,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/fidelis_logo.png","logo":true,"scheme":false,"title":"Fidelis Endpoint","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"fidelis-endpoint","companyTypes":[],"description":"<span style=\"font-style: italic;\">Detect, investigate, hunt and respond to advanced threats within minutes.</span>\r\n<span style=\"font-weight: bold;\">Arm Your Security Operations with Advanced EDR</span>\r\nWith Fidelis Endpoint you will know how to gain deep visibility into all endpoint activity – in real-time and retrospectively, simplify threat hunting and detection, prevent threats through your preferred AV engine and process blocking, and how to automate response with pre-built scripts and playbooks.\r\n<span style=\"font-weight: bold;\">Deep Visibility and Insights into Endpoint Activity</span>\r\nSee all endpoint activity across Windows, Mac, and Linux systems and gain unmatched insight through the collection of all executable files and scripts that are analyzed against the latest threat intelligence. Detect threats in real-time or hunt retrospectively through recorded events. You can also monitor a full software inventory and identify vulnerabilities with links to MITRE CVEs or Microsoft KB Reports.\r\nWith Fidelis, visibility and defenses are always on, whether the endpoint is on or off the network.\r\n<span style=\"font-weight: bold;\">Speed Incident Response with Live Console</span>\r\nFidelis Endpoint provides incident responders with direct, remote access into an endpoint’s disk, files and processes, to more quickly mitigate threats found on an asset.\r\n<span style=\"font-weight: bold;\">Investigate Once, then Automate Response</span>\r\nAutomate response with scripts and playbooks, including the ability to isolate endpoints, terminate processes, remove files, and deploy custom scripts. Fidelis enables you to jumpstart investigations with memory analysis, vulnerability scans, and system inventory.\r\nYou can also gain unmatched forensic data capture and speed with memory and full disk images, as well as the ability to remotely access endpoints to view and take action on files and processes.\r\n<span style=\"font-weight: bold;\">Enhance Your Endpoint Detection and Protection</span>\r\nEndpoint threats are mapped to MITRE ATT&amp;CK™ allowing analysts to see the TTPs in use and to determine the proper response. Untrusted executables are automatically sent to the cloud sandbox and can be integrated into process blocking (IOC, hash, and YARA rules).\r\nWhile Fidelis offers endpoint protection via BitDefender, other protection methods include process blocking and process behavior blocking that runs independently of AV engines, giving customers free choice for their AV needs.\r\n<span style=\"font-weight: bold;\">More Accurate Detections with Curated Threat Research</span>\r\nFidelis Insight leverages real-time and historical data, sandboxing, and machine learning to provide curated threat intelligence that rapidly detects threats. Our Threat Research as a Service (TRaaS) provides on-demand access to threat research experts for detailed information, intelligence, and malware services, plus consulting services to improve your skills and countermeasures.","shortDescription":"Fidelis Endpoint - Speed Digital Forensics, Investigation and Response to Advanced Threats through a Single Agent and Console.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":8,"sellingCount":3,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Fidelis Endpoint","keywords":"","description":"<span style=\"font-style: italic;\">Detect, investigate, hunt and respond to advanced threats within minutes.</span>\r\n<span style=\"font-weight: bold;\">Arm Your Security Operations with Advanced EDR</span>\r\nWith Fidelis Endpoint you will know how to gain deep vis","og:title":"Fidelis Endpoint","og:description":"<span style=\"font-style: italic;\">Detect, investigate, hunt and respond to advanced threats within minutes.</span>\r\n<span style=\"font-weight: bold;\">Arm Your Security Operations with Advanced EDR</span>\r\nWith Fidelis Endpoint you will know how to gain deep vis","og:image":"https://old.roi4cio.com/fileadmin/user_upload/fidelis_logo.png"},"eventUrl":"","translationId":5742,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":12487,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":12488,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":12489,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":12490,"characteristicId":1935,"templateId":107,"value":true},"1937":{"id":12491,"characteristicId":1937,"templateId":107,"value":"N/A"},"1939":{"id":12492,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":12493,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":12494,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":12495,"characteristicId":1945,"templateId":107,"value":"N/A"},"1947":{"id":12496,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":12497,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":12498,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":12499,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":12500,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":12501,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3103,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/FireEye_NX.png","logo":true,"schemeURL":"https://old.roi4cio.com/fileadmin/user_upload/Fireeyeends.JPG","scheme":true,"title":"FireEye Endpoint Security","vendorVerified":0,"rating":"2.30","implementationsCount":1,"suppliersCount":0,"alias":"fireeye-endpoint-security","companyTypes":[],"description":"\r\nTo prevent common malware, Endpoint Security uses a signature based endpoint protection platform (EPP) engine. To find threats for which a signature does not yet exist, MalwareGuard uses machine learning seeded with knowledge from the frontlines of cyber attacks. To deal with advanced threats, endpoint detection and response (EDR) capabilities are enabled through a behavior-based analytics engine. Finally, a real-time indicators of compromise (IOC) engine that relies on current, frontline intelligence helps find hidden threats. This defense in depth strategy helps protect vital information stored on customer endpoints. Even with the best protection, breaches are inevitable.\r\nTo ensure a substantive response that minimizes business disruption, Endpoint Security provides tools to:\r\n<ul> <li>Search for and investigate known and unknown threats on tens of thousands of endpoints in minutes</li> <li>Identify and detail vectors an attack used to infiltrate an endpoint</li> <li>Determine whether an attack occurred (and persists) on a specific endpoint and where it spread</li> <li>Establish timeline and duration of endpoint compromises and follow the incident</li> <li>Clearly identify which endpoints and systems need containment to prevent further compromise</li> </ul>\r\n<span style=\"font-weight: bold;\">Primary Features</span>\r\n<ul> <li>Single agent with three detection engines to minimize configuration and maximize detection and blocking</li> </ul>\r\n<ul> <li>Single integrated workflow to analyze and respond to threats within Endpoint Security</li> </ul>\r\n<ul> <li>Fully integrated malware protection with antivirus (AV) defenses, machine learning, behavior analysis, indicators of compromise (IOCs) and endpoint visibility</li> </ul>\r\n<ul> <li>Triage Summary and Audit Viewer for exhaustive inspection and analysis of threats</li> </ul>\r\n<span style=\"font-weight: bold;\">Additional Features</span>\r\n<ul> <li>Enterprise Security Search to rapidly find and illuminate suspicious activity and threats</li> </ul>\r\n<ul> <li>Data Acquisition to conduct detailed in-depth endpoint inspection and analysis over a specific time frame</li> </ul>\r\n<ul> <li>End-to-end visibility that allows security teams to rapidly search for, identify and discern the level of threats</li> </ul>\r\n<ul> <li>Detection and response capabilities to quickly detect, investigate and contain endpoints to expedite response</li> </ul>\r\n<ul> <li>Easy-to-understand interface for fast interpretation and response to any suspicious endpoint activity</li> </ul>","shortDescription":"FireEye Endpoint Security combines the best of legacy security products, enhanced with FireEye technology, expertise and intelligence to defend against today’s cyber attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":4,"sellingCount":0,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"FireEye Endpoint Security","keywords":"","description":"\r\nTo prevent common malware, Endpoint Security uses a signature based endpoint protection platform (EPP) engine. To find threats for which a signature does not yet exist, MalwareGuard uses machine learning seeded with knowledge from the frontlines of cyber att","og:title":"FireEye Endpoint Security","og:description":"\r\nTo prevent common malware, Endpoint Security uses a signature based endpoint protection platform (EPP) engine. To find threats for which a signature does not yet exist, MalwareGuard uses machine learning seeded with knowledge from the frontlines of cyber att","og:image":"https://old.roi4cio.com/fileadmin/user_upload/FireEye_NX.png"},"eventUrl":"","translationId":3104,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10923,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10924,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10925,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10926,"characteristicId":1935,"templateId":107,"value":true},"1937":{"id":10927,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10928,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10929,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10930,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10931,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10932,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10933,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10934,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10935,"characteristicId":1953,"templateId":107,"value":true},"1955":{"id":10936,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":10937,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3589,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/large-logo-mcafee.png","logo":true,"scheme":false,"title":"McAfee MVISION EDR","vendorVerified":1,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"alias":"mcafee-mvision-edr","companyTypes":[],"description":"<span style=\"font-weight: bold;\">Avoid the high-volume, fatigue-inducing approach of traditional EDR solutions!</span>\r\n<span style=\"font-weight: bold;\">McAfee MVISION Endpoint Detection and Response (EDR)</span> helps you get ahead of modern threats with AI-guided investigations that surface relevant risks and automate and remove the manual labor of gathering and analyzing evidence.\r\n<span style=\"font-weight: bold;\">Reduce alert noise</span>\r\nGain visibility into emerging threats with continuous monitoring of endpoint activity, detect suspicious behavior, make sense of high-value data, and understand context. Analysts can quickly prioritize threats for action and minimize disruption from threats.\r\n<span style=\"font-weight: bold;\">Do more with existing resources</span>\r\nSecurity expertise is in short supply. Guided investigation automatically asks and answers questions while gathering, summarizing, and visualizing evidence from multiple sources to mount a more resilient defense and minimize the impact of breaches. While analysts go through guided investigations, they are constantly learning and fine-tuning their skills, reducing the need for additional SOC resources.\r\n<span style=\"font-weight: bold;\">Low-maintenance cloud solution</span>\r\nCloud-based deployment and analytics lets your skilled analysts focus on strategic defense — freeing them from tedious tool maintenance and fire drills. Users can leverage their existing McAfee ePolicy Orchestrator (McAfee ePO) on-premises management platform or SaaS-based McAfee MVISION ePO to reduce infrastructure maintenance. Either way, you benefit from implementing the right solution for your organization.","shortDescription":"McAfee MVISION EDR - powerful threat detection, investigation, and response - simplified.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":14,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"McAfee MVISION EDR","keywords":"","description":"<span style=\"font-weight: bold;\">Avoid the high-volume, fatigue-inducing approach of traditional EDR solutions!</span>\r\n<span style=\"font-weight: bold;\">McAfee MVISION Endpoint Detection and Response (EDR)</span> helps you get ahead of modern threats with AI-g","og:title":"McAfee MVISION EDR","og:description":"<span style=\"font-weight: bold;\">Avoid the high-volume, fatigue-inducing approach of traditional EDR solutions!</span>\r\n<span style=\"font-weight: bold;\">McAfee MVISION Endpoint Detection and Response (EDR)</span> helps you get ahead of modern threats with AI-g","og:image":"https://old.roi4cio.com/fileadmin/user_upload/large-logo-mcafee.png"},"eventUrl":"","translationId":3590,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10747,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10748,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10749,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10750,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10751,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10752,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10753,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10754,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10755,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10756,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10757,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10758,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10759,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10760,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10761,"characteristicId":1957,"templateId":107,"value":"Android, iOS, Windows"}}}},{"id":3599,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/palo_alto_networks.png","logo":true,"scheme":false,"title":"Palo Alto Networks Traps","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"alias":"palo-alto-networks-traps","companyTypes":[],"description":"The threat landscape has quickly evolved to a level of sophistication that it can bypass traditional endpoint protection. Traps combines powerful endpoint protection technology with critical endpoint detection and response (EDR) capabilities into a single agent, enabling your security teams to automatically protect, detect and respond to known, unknown and sophisticated attacks, using machine learning and AI techniques from data collected on the endpoint, network and cloud.\r\nUnique in the breadth and depth of its endpoint protections, Traps:\r\n<ul> <li>Stops malware, exploits and ransomware by observing attack techniques and behaviors.</li> <li>Uses machine learning and AI to automatically detect and respond to sophisticated attacks.</li> <li>Includes WildFire malware prevention service to improve accuracy and coverage.</li> <li>Harnesses Cortex XDR detection and response to speed, alert triage and incident response by providing a complete picture of each threat and its root cause, automatically.</li> <li>Coordinates enforcement with network and cloud security to prevent successful attacks.</li> <li>Provides a single lightweight agent for protection and response.</li> <li>Protects endpoints while online and offline, on a network and off.</li> </ul>\r\n<span style=\"font-weight: bold;\">Stops malware and ransomware</span>\r\nTraps prevents the launching of malicious executable files, DLLs and Office files with multiple methods of prevention, reducing the attack surface and increasing the accuracy of malware prevention.\r\n<span style=\"font-weight: bold;\">Provides behavior-based protection</span>\r\nSophisticated attacks that utilize multiple legitimate applications and processes are more common, can be hard to detect, and require visibility to correlate malicious behavior. Traps detects and stops attacks by monitoring for malicious behaviors across a sequence of events and terminates the attack when detected.\r\n<span style=\"font-weight: bold;\">Blocks exploits and fileless attacks</span>\r\nRather than focusing on individual attacks, Traps blocks the exploit techniques the attacks use. By doing so at each step in an exploit attempt, Traps breaks the attack lifecycle and renders threats ineffective.\r\n<span style=\"font-weight: bold;\">Coordinates enforcement with network and cloud</span>\r\nTight integration between network, endpoint and cloud enables a continually improving security posture and provides layered prevention from zero-day attacks. Whenever a firewall sees a new piece of malware or an endpoint sees a new threat, protections are made available in minutes to all other next-gen firewalls and endpoints running Traps with no effort on the admin’s part, whether it happens at 1 a.m. or 3 p.m.\r\n<span style=\"font-weight: bold;\">Detect and respond to sophisticated attacks</span>\r\nTraps uses the Cortex Data Lake to store all event and incident data captured, allowing seamless integration with Cortex XDR for investigation and incident response. Cortex XDR, a cloud-based detection and response app that empowers SecOps to stop sophisticated attacks and adapt defenses in real time. By combining rich network, endpoint, and cloud data with analytics, Cortex XDR allows you to:\r\n<ul> <li>Automatically determine the root cause to accelerate triage and incident response.</li> <li>Reduce the time and experience required from triage to threat hunting.</li> <li>Respond to threats quicker and adapt defenses from knowledge gained, making the next response even faster.</li> </ul>","shortDescription":"Palo Alto Networks Traps endpoint protection and response stops threats on endpoints and coordinates enforcement with network and cloud security to prevent successful cyber attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":6,"sellingCount":12,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Palo Alto Networks Traps","keywords":"","description":"The threat landscape has quickly evolved to a level of sophistication that it can bypass traditional endpoint protection. Traps combines powerful endpoint protection technology with critical endpoint detection and response (EDR) capabilities into a single agen","og:title":"Palo Alto Networks Traps","og:description":"The threat landscape has quickly evolved to a level of sophistication that it can bypass traditional endpoint protection. Traps combines powerful endpoint protection technology with critical endpoint detection and response (EDR) capabilities into a single agen","og:image":"https://old.roi4cio.com/fileadmin/user_upload/palo_alto_networks.png"},"eventUrl":"","translationId":3600,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10878,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10879,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10880,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10881,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10882,"characteristicId":1937,"templateId":107,"value":"N/A"},"1939":{"id":10883,"characteristicId":1939,"templateId":107,"value":"N/A"},"1941":{"id":10884,"characteristicId":1941,"templateId":107,"value":"N/A"},"1943":{"id":10885,"characteristicId":1943,"templateId":107,"value":"N/A"},"1945":{"id":10886,"characteristicId":1945,"templateId":107,"value":"N/A"},"1947":{"id":10887,"characteristicId":1947,"templateId":107,"value":"N/A"},"1949":{"id":10888,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10889,"characteristicId":1951,"templateId":107,"value":"N/A"},"1953":{"id":10890,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10891,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10892,"characteristicId":1957,"templateId":107,"value":"Android, Linux, macOS, Windows"}}}},{"id":3575,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/sentinelone-logo.jpg","logo":true,"scheme":false,"title":"SentinelOne ActiveEDR","vendorVerified":0,"rating":"1.00","implementationsCount":0,"suppliersCount":0,"alias":"sentinelone-activeedr","companyTypes":[],"description":"Anti Virus, EPP and EDR as you know they do not solve the cybersecurity problem for the enterprise. To compensate, some rely on additional services to close the gap. But relying on the cloud increases dwell time. Depending on connectivity is too late in the game, as it takes only seconds for malicious activity to infect an endpoint, do harm, and remove traces of itself. This dependency is what makes the EDR tools of today passive as they rely on operators and services to respond after it’s already too late.\r\nActiveEDR&nbsp; is delivered via SentinelOne’s single agent, single codebase, single console architecture. Going beyond traditional antivirus and EDR solutions, ActiveEDR, powered by SentinelOne’s proprietary TrueContext technology, allows security teams to quickly understand the story and root cause behind threat actors and autonomously respond, without any reliance on cloud resources. With ActiveEDR, everyone from advanced SOC analysts to novice security teams can automatically remediate threats and defend against advanced attacks. This technology empowers security teams to focus on the alerts that matter and leverage technology to assist in what before was limited to human mandated tasks.","shortDescription":"With ActiveEDR, everyone from advanced SOC analysts to novice security teams can automatically remediate threats and defend against advanced attacks.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":12,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"SentinelOne ActiveEDR","keywords":"","description":"Anti Virus, EPP and EDR as you know they do not solve the cybersecurity problem for the enterprise. To compensate, some rely on additional services to close the gap. But relying on the cloud increases dwell time. Depending on connectivity is too late in the ga","og:title":"SentinelOne ActiveEDR","og:description":"Anti Virus, EPP and EDR as you know they do not solve the cybersecurity problem for the enterprise. To compensate, some rely on additional services to close the gap. But relying on the cloud increases dwell time. Depending on connectivity is too late in the ga","og:image":"https://old.roi4cio.com/fileadmin/user_upload/sentinelone-logo.jpg"},"eventUrl":"","translationId":3576,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10938,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10939,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10940,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10941,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10942,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10943,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10944,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10945,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10946,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10947,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10948,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":10949,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10950,"characteristicId":1953,"templateId":107,"value":true},"1955":{"id":10951,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":10952,"characteristicId":1957,"templateId":107,"value":"Android, iOS, Linux, macOS, Windows"}}}},{"id":3583,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/sophos.jpg","logo":true,"scheme":false,"title":"Sophos Intercept X","vendorVerified":0,"rating":"1.40","implementationsCount":0,"suppliersCount":0,"alias":"sophos-intercept-x","companyTypes":[],"description":"To stop breaches before they start, prevention is crucial. Intercept X consolidates unmatched protection and endpoint detection and response into a single solution. This means that most threats are stopped before they can ever cause damage, and Intercept X Advanced with EDR provides additional cybersecurity assurance with the ability to detect, investigate, and respond to potential security threats.\r\nThe inclusion of EDR into a consistently top-rated endpoint protection suite enables Intercept X to significantly lighten the EDR workload. The more threats that are prevented, the less noise that is created for security teams to investigate. This means teams can optimize key resources enabling them to focus on the business of IT rather than chasing false positives and an overwhelming volume of alerts.\r\nIntercept X replicates the tasks normally performed by skilled analysts, so organizations can add expertise without having to add staff. Unlike other EDR solutions which rely on highly skilled human analysts to ask questions and interpret data, Intercept X is powered by machine learning and enhanced with curated SophosLabs threat intelligence.\r\n<span style=\"font-weight: bold;\">Security expertise:</span> Intercept X puts security expertise into the hands of IT by automatically detecting and prioritizing potential threats. Using machine learning, suspicious events are identified and elevated as the most important and in need of immediate attention. Analysts can quickly see where to focus their attention and understand which machines may be impacted.\r\n<span style=\"font-weight: bold;\">Malware expertise:</span> Most organization rely on malware experts that specialize in reverse engineering to analyze suspicious files. Not only is this approach time consuming and difficult to achieve, but it assumes a level of cybersecurity sophistication which most organizations don’t possess. Intercept X offers a better approach by leveraging Deep Learning Malware Analysis which automatically analyzes malware in extreme detail, breaking down file attributes and code and comparing them to millions of other files. Analysts can easily see which attributes and code segments are similar to “known-good” and “known bad” files so they can determine if a file should be blocked or allowed.\r\n<span style=\"font-weight: bold;\">Threat intelligence expertise:</span> When Intercept X elevates a potentially suspicious file, IT administrators can gather more information by accessing on-demand threat intelligence curated by SophosLabs which receives and processes approximately 400,000 previously unseen malware samples each day. This and other threat intelligence is collected, aggregated, and summarized for easy analysis. This means that teams that do not have dedicated threat intelligence analysts, or access to expensive and hard to understand threat feeds, can benefit from one of the top cybersecurity research and data science teams in the world.\r\n<span style=\"text-decoration: underline;\"><span style=\"font-weight: bold;\">Highlights:</span></span>\r\n<ul> <li>EDR combined with the strongest endpoint protection</li> <li>Deep Learning Malware Analysis</li> <li>On-demand curated threat intelligence from SophosLabs</li> <li>Machine learning detection and prioritization of suspicious events</li> <li>Guided investigations make EDR approachable yet powerful</li> <li>Respond to incidents with a single click</li> </ul>","shortDescription":"Sophos Intercept X integrates intelligent EDR with the industry’s top-rated malware detection, top-rated exploit protection, and other unmatched endpoint protection features.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":1,"sellingCount":16,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Sophos Intercept X","keywords":"","description":"To stop breaches before they start, prevention is crucial. Intercept X consolidates unmatched protection and endpoint detection and response into a single solution. This means that most threats are stopped before they can ever cause damage, and Intercept X Adv","og:title":"Sophos Intercept X","og:description":"To stop breaches before they start, prevention is crucial. Intercept X consolidates unmatched protection and endpoint detection and response into a single solution. This means that most threats are stopped before they can ever cause damage, and Intercept X Adv","og:image":"https://old.roi4cio.com/fileadmin/user_upload/sophos.jpg"},"eventUrl":"","translationId":3584,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10893,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10894,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10895,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10896,"characteristicId":1935,"templateId":107,"value":"N/A"},"1937":{"id":10897,"characteristicId":1937,"templateId":107,"value":"N/A"},"1939":{"id":10898,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10899,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10900,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10901,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10902,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10903,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10904,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10905,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10906,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":10907,"characteristicId":1957,"templateId":107,"value":"Android, iOS, macOS (limited), Windows"}}}},{"id":3579,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/symantec_logo.png","logo":true,"scheme":false,"title":"Symantec Endpoint Detection and Response","vendorVerified":0,"rating":"2.00","implementationsCount":0,"suppliersCount":0,"alias":"symantec-endpoint-detection-and-response","companyTypes":[],"description":"Enterprises are increasingly under threat from sophisticated attacks. In fact, research has found that threats dwell in a customer’s environment an average of 190 days.&nbsp; These Advanced Persistent Threats use stealthy techniques to evade detection and bypass traditional security defenses.&nbsp; Once an advanced attack gains access to a customer environment the attacker has many tools to evade detection and begin to exploit valuable resources and data.&nbsp; Security teams face multiple challenges when attempting to detect and fully expose the extent of an advanced attack including manual searches through large and disparate data sources, lack of visibility into critical control points, alert fatigue from false positives, and difficulty identifying and fixing impacted endpoints.\r\nSymantec EDR exposes advanced attacks with precision machine learning and global threat intelligence minimizing false positives and helps ensure high levels of productivity for security teams. Symantec EDR capabilities allow incident responders to quickly search, identify and contain all impacted endpoints while investigating threats using a choice of on-premises and cloud-based sandboxing. Also, Symantec EDR enhances investigator productivity with automated investigation playbooks and user behavior analytics that brings the skills and best practices of the most experienced security analysts to any organization, resulting in significantly lower costs.\r\nIn addition, continuous and on-demand recording of system activity supports full endpoint visibility. Symantec EDR utilizes advanced attack detections at the endpoint and cloud-based analytics to detect targeted attacks such as breach detection, command and control beaconing, lateral movement and suspicious power shell executions.\r\n<span style=\"font-weight: bold;\"><span style=\"text-decoration: underline;\">Capabilities:</span></span>\r\n<span style=\"font-weight: bold;\">Detect and Expose – Reduce time to breach discovery and quickly expose the scope</span>\r\n<ul> <li>Apply Machine Learning and Behavioral Analytics to expose suspicious activity, detect and prioritize incidents</li> <li>Automatically identify and create incidents for suspicious scripts and memory exploits</li> <li>Expose memory-based attacks with analysis of process memory</li> </ul>\r\n<span style=\"font-weight: bold;\">Resolve – Rapidly fix endpoints and ensure the threat does not return</span>\r\n<ul> <li>Delete malicious files and associated artifacts on all impacted endpoints</li> <li>Blacklist and whitelist files at the endpoint</li> <li>Enhanced reporting allows any table to be exported for incident resolution reports</li> </ul>\r\n<span style=\"font-weight: bold;\">Investigate and Contain – Increase incident responder productivity and ensure threat containment</span>\r\n<ul> <li>Ensure complete incident playback with continuous recording of endpoint activity, view specific endpoint processes</li> <li>Hunt for threats by searching for indicators of compromise across all endpoints in real-time</li> <li>Contain potentially compromised endpoints during an investigation with endpoint quarantine</li> </ul>\r\n<span style=\"font-weight: bold;\">Integrate and Automate – Unify investigator views, orchestrate data and workflows</span>\r\n<ul> <li>Easily integrate incident data and actions into existing SOC infrastructure including Splunk and ServiceNow</li> <li>Replicate the best practices and analysis of skilled investigators with automated incident playbook rules</li> <li>Gain in-depth visibility into endpoint activity with automated artifact collection</li> </ul>","shortDescription":"Symantec EDR - speed threat hunting and response with deep visibility, precision analytics, and workflow automation.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":20,"sellingCount":17,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Symantec Endpoint Detection and Response","keywords":"","description":"Enterprises are increasingly under threat from sophisticated attacks. In fact, research has found that threats dwell in a customer’s environment an average of 190 days.&nbsp; These Advanced Persistent Threats use stealthy techniques to evade detection and bypa","og:title":"Symantec Endpoint Detection and Response","og:description":"Enterprises are increasingly under threat from sophisticated attacks. In fact, research has found that threats dwell in a customer’s environment an average of 190 days.&nbsp; These Advanced Persistent Threats use stealthy techniques to evade detection and bypa","og:image":"https://old.roi4cio.com/fileadmin/user_upload/symantec_logo.png"},"eventUrl":"","translationId":3580,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10953,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10954,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10955,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10956,"characteristicId":1935,"templateId":107,"value":true},"1937":{"id":10957,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10958,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10959,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":10960,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":10961,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10962,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":10963,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":10964,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10965,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10966,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":10967,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}},{"id":3585,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/Trend_Micro.png","logo":true,"scheme":false,"title":"Trend Micro Detection and Response","vendorVerified":0,"rating":"1.70","implementationsCount":0,"suppliersCount":0,"alias":"trend-micro-detection-and-response","companyTypes":[],"description":"<p>Today&rsquo;s advanced threats are designed to bypass traditional cybersecurity defenses and compromise sensitive corporate data by exfiltrating or encrypting it for ransom.</p>\r\n<p>Effective detection and response solutions seek out these advanced threats and eliminate them before they compromise data.</p>\r\n<p>Trend Micro has integrated layered advanced detection and response techniques into its <span style=\"font-weight: bold;\">Endpoint Protection Platform</span> to leverage its automation and response capabilities. Machine learning (both pre-execution and run-time), vulnerability protection, behavioral analysis, application control, and other advanced techniques are designed to work seamlessly with your endpoint protection.</p>\r\n<p>To fully understand how an advanced attack penetrated security defenses and how it morphed and spread to manifest itself into an enterprise, security researchers need to be able to build a Root Cause Analysis. The analysis is done by recording system events and behaviors and investigating the data. To that end, we offer two options:</p>\r\n<p><span style=\"font-weight: bold;\">Trend Micro Endpoint Sensor</span></p>\r\n<p>An optional component for Trend&rsquo;s endpoint protection platform. Endpoint Sensor records system events and behaviors on endpoints, allowing threat investigators to search user telemetry for advanced threats using IOCs (Indicators of Compromise) or potential attacks using IOAs (Indicators of Attack).</p>\r\n<p>Understand the entry, spread, and depth of attacks. The sensor can generate a root cause analysis and create a remediation plan.</p>\r\n<p><span style=\"font-weight: bold;\">Trend Micro Managed Detection and Response</span></p>\r\n<p>Provides 24/7 alert monitoring, alert prioritization, investigation, and threat hunting services to Trend Micro customers as a managed servicer.</p>\r\n<p>The MDR service collects data from endpoints, network security, and server security to correlate and prioritize alerts and system information and determine a full root cause analysis. Our threat investigators investigate on behalf of you and provide a full remediation plan.</p>","shortDescription":"Endpoint Protection Platform - discover and respond to targeted attacks with advanced detection techniques.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":4,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"Trend Micro Detection and Response","keywords":"","description":"<p>Today&rsquo;s advanced threats are designed to bypass traditional cybersecurity defenses and compromise sensitive corporate data by exfiltrating or encrypting it for ransom.</p>\r\n<p>Effective detection and response solutions seek out these advanced threats ","og:title":"Trend Micro Detection and Response","og:description":"<p>Today&rsquo;s advanced threats are designed to bypass traditional cybersecurity defenses and compromise sensitive corporate data by exfiltrating or encrypting it for ransom.</p>\r\n<p>Effective detection and response solutions seek out these advanced threats ","og:image":"https://old.roi4cio.com/fileadmin/user_upload/Trend_Micro.png"},"eventUrl":"","translationId":3586,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":10792,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":10793,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":10794,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":10795,"characteristicId":1935,"templateId":107,"value":true},"1937":{"id":10796,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":10797,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":10798,"characteristicId":1941,"templateId":107,"value":"N/A"},"1943":{"id":10799,"characteristicId":1943,"templateId":107,"value":"N/A"},"1945":{"id":10800,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":10801,"characteristicId":1947,"templateId":107,"value":"N/A"},"1949":{"id":10802,"characteristicId":1949,"templateId":107,"value":"N/A"},"1951":{"id":10803,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":10804,"characteristicId":1953,"templateId":107,"value":"N/A"},"1955":{"id":10805,"characteristicId":1955,"templateId":107,"value":"N/A"},"1957":{"id":10806,"characteristicId":1957,"templateId":107,"value":"macOS, Windows"}}}},{"id":5739,"logoURL":"https://old.roi4cio.com/fileadmin/user_upload/VMWARE_CARBON_BLACK_CLOUD_ENTERPRISE_EDR.png","logo":true,"schemeURL":"https://old.roi4cio.com/fileadmin/user_upload/Enterprise_EDR.PNG","scheme":true,"title":"VMware Carbon Black Cloud Enterprise EDR","vendorVerified":1,"rating":"1.70","implementationsCount":3,"suppliersCount":0,"alias":"vmware-carbon-black-cloud-enterprise-edr","companyTypes":[],"description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive deeper into the data to make their own judgments.\r\nVMware Carbon Black Enterprise EDR is an advanced threat hunting and incident response solution delivering continuous visibility for top security operations centers (SOCs) and incident response (IR) teams. Enterprise EDR is delivered through the VMware Carbon Black Cloud, a next-generation endpoint protection platform that consolidates security in the cloud using a single agent, console and dataset.\r\nUsing data continuously collected and sent to the VMware Carbon Black Cloud, Enterprise EDR provides immediate access to the most complete picture of an attack at all times, reducing lengthy investigations from days to minutes. This empowers teams to proactively hunt for threats, uncover suspicious behavior, disrupt active attacks and address gaps in defenses before attackers can.\r\nAlong with continuous visibility, Enterprise EDR gives you the power to respond and remediate in real time, stopping active attacks and repairing damage quickly.<br /><br /><span style=\"font-weight: bold;\">Key Capabilities</span>\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Complete Endpoint Protection Platform</span></span>\r\nBuilt on the VMware Carbon Black Cloud, Enterprise EDR provides advanced threat hunting and incident response functionality from the same agent and console as our NGAV, EDR and real-time query solutions, allowing your team to consolidate multiple point products with a converged platform.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Continuous &amp; Centralized Recording</span></span>\r\nCentralized access to continuously collected data means that security professionals have all the information they need to hunt threats in real time as well as conduct in-depth investigations after a breach has occurred.\r\n<span style=\"font-weight: bold;\"><span style=\"font-style: italic;\">Attack Chain Visualization &amp; Search</span></span>\r\nEnterprise EDR provides intuitive attack chain visualization to make identifying root cause fast and easy. Analysts can quickly jump through each stage of an attack to gain insight into the attacker’s behavior, close security gaps, and learn from every new attack technique to avoid falling victim to the same attack twice.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Live Response for Remote Remediation</span></span><br />With Live Response, incident responders can create a secure connection to infected hosts to pull or push files, kill processes, perform memory dumps and quickly remediate from anywhere in the world.\r\n<span style=\"font-style: italic;\"><span style=\"font-weight: bold;\">Automation via Integrations &amp; Open APIs</span></span>\r\nCarbon Black boasts a robust partner ecosystem and open platform that allows security teams to integrate products like Enterprise EDR into their existing security stack.<br /><br /><span style=\"font-weight: bold;\">BENEFITS</span>\r\n\r\n<ul><li>Reduced complexity for more efficient endpoint security</li></ul>\r\n<ul><li>Easy deployment,automated updates, and elastic scalability</li></ul>\r\n<ul><li>Accelerated investigations with continuous endpoint visibility</li></ul>\r\n<ul><li>Complete understanding of root cause to close existing gaps</li></ul>\r\n<ul><li>Secure remote access for investigations</li></ul>\r\n<ul><li>Greatly reduced dwell time and average time to resolution</li></ul>\r\n<br /><span style=\"font-weight: bold;\">FEATURES</span>\r\n<ul><li>Lightweight sensor deployed and managed from the cloud</li></ul>\r\n<ul><li>Process and binary search of centralized, unfiltered data</li></ul>\r\n<ul><li>Out-of-the-box and customizable behavioral detection</li></ul>\r\n<ul><li>Proprietary and third-party threat intel feeds</li></ul>\r\n<ul><li>Automated watchlist store-run queries</li></ul>\r\n<ul><li>Interactive and expandable attack chain visualization</li></ul>\r\n<ul><li>Secure remote shell for rapid remediation</li></ul>\r\n<ul><li>Open APIs</li></ul>\r\n<span style=\"font-weight: bold;\"><br />PLATFORMS</span>\r\n<ul><li>Windows</li></ul>\r\n<ul><li>macOS</li></ul>\r\n<ul><li>Red Hat</li></ul>\r\n<ul><li>CentOS</li></ul>","shortDescription":"Cloud-based threat hunting and incident response (IR) solution delivering continuous visibility for top security operations centers (SOC) and IR teams.","type":null,"isRoiCalculatorAvaliable":false,"isConfiguratorAvaliable":false,"bonus":100,"usingCount":15,"sellingCount":9,"discontinued":0,"rebateForPoc":0,"rebate":0,"seo":{"title":"VMware Carbon Black Cloud Enterprise EDR","keywords":"","description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de","og:title":"VMware Carbon Black Cloud Enterprise EDR","og:description":"Enterprise security teams struggle to get their hands on the endpoint data they need to investigate and proactively hunt for abnormal behavior. Security and IT professionals currently lack the ability to see beyond suspicious activity and need a way to dive de","og:image":"https://old.roi4cio.com/fileadmin/user_upload/VMWARE_CARBON_BLACK_CLOUD_ENTERPRISE_EDR.png"},"eventUrl":"","translationId":5740,"dealDetails":null,"roi":null,"price":null,"bonusForReference":null,"templateData":[],"testingArea":"","categories":[{"id":838,"title":"Endpoint Detection and Response","alias":"endpoint-detection-and-response","description":"Endpoint Detection and Response (EDR) is a cybersecurity technology that addresses the need for continuous monitoring and response to advanced threats. It is a subset of endpoint security technology and a critical piece of an optimal security posture. EDR differs from other endpoint protection platforms (EPP) such as antivirus (AV) and anti-malware in that its primary focus isn't to automatically stop threats in the pre-execution phase on an endpoint. Rather, EDR is focused on providing the right endpoint visibility with the right insights to help security analysts discover, investigate and respond to very advanced threats and broader attack campaigns stretching across multiple endpoints. Many EDR tools, however, combine EDR and EPP.\r\nWhile small and mid-market organizations are increasingly turning to EDR technology for more advanced endpoint protection, many lack the resources to maximize the benefits of the technology. Utilizing advanced EDR features such as forensic analysis, behavioral monitoring and artificial intelligence (AI) is labor and resource intensive, requiring the attention of dedicated security professionals.\r\nA managed endpoint security service combines the latest technology, an around-the-clock team of certified CSOC experts and up-to-the-minute industry intelligence for a cost-effective monthly subscription. Managed services can help reduce the day-to-day burden of monitoring and responding to alerts, enhance security orchestration and automation (SOAR) and improve threat hunting and incident response.","materialsDescription":"<span style=\"font-weight: bold; \">What is Endpoint detection and response (EDR)?</span>\r\nEndpoint detection and response is an emerging technology that addresses the need for continuous monitoring and response to advanced threats. One could even make the argument that endpoint detection and response is a form of advanced threat protection.\r\n<span style=\"font-weight: bold;\">What are the Key Aspects of EDR Security?</span>\r\nAccording to Gartner, effective EDR must include the following capabilities:\r\n<ul><li>Incident data search and investigation</li><li>Alert triage or suspicious activity validation</li><li>Suspicious activity detection</li><li>Threat hunting or data exploration</li><li>Stopping malicious activity</li></ul>\r\n<span style=\"font-weight: bold;\">What to look for in an EDR Solution?</span>\r\nUnderstanding the key aspects of EDR and why they are important will help you better discern what to look for in a solution. It’s important to find EDR software that can provide the highest level of protection while requiring the least amount of effort and investment — adding value to your security team without draining resources. Here are the six key aspects of EDR you should look for:\r\n<span style=\"font-weight: bold;\">1. Visibility:</span> Real-time visibility across all your endpoints allows you to view adversary activities, even as they attempt to breach your environment and stop them immediately.\r\n<span style=\"font-weight: bold;\">2. Threat Database:</span> Effective EDR requires massive amounts of telemetry collected from endpoints and enriched with context so it can be mined for signs of attack with a variety of analytic techniques.\r\n<span style=\"font-weight: bold;\">3. Behavioral Protection:</span> Relying solely on signature-based methods or indicators of compromise (IOCs) lead to the “silent failure” that allows data breaches to occur. Effective endpoint detection and response requires behavioral approaches that search for indicators of attack (IOAs), so you are alerted of suspicious activities before a compromise can occur.\r\n<span style=\"font-weight: bold;\">4. Insight and Intelligence:</span> An endpoint detection and response solution that integrates threat intelligence can provide context, including details on the attributed adversary that is attacking you or other information about the attack.\r\n<span style=\"font-weight: bold;\">5. Fast Response:</span> EDR that enables a fast and accurate response to incidents can stop an attack before it becomes a breach and allow your organization to get back to business quickly.\r\n<span style=\"font-weight: bold;\">6. Cloud-based Solution:</span> Having a cloud-based endpoint detection and response solution is the only way to ensure zero impact on endpoints while making sure capabilities such as search, analysis and investigation can be done accurately and in real time."}],"characteristics":[],"concurentProducts":[],"jobRoles":[],"organizationalFeatures":[],"complementaryCategories":[],"solutions":[],"materials":[],"useCases":[],"best_practices":[],"values":[],"implementations":[],"valuesByTemplateId":{"107":{"1929":{"id":12472,"characteristicId":1929,"templateId":107,"value":true},"1931":{"id":12473,"characteristicId":1931,"templateId":107,"value":true},"1933":{"id":12474,"characteristicId":1933,"templateId":107,"value":"N/A"},"1935":{"id":12475,"characteristicId":1935,"templateId":107,"value":true},"1937":{"id":12476,"characteristicId":1937,"templateId":107,"value":true},"1939":{"id":12477,"characteristicId":1939,"templateId":107,"value":true},"1941":{"id":12478,"characteristicId":1941,"templateId":107,"value":true},"1943":{"id":12479,"characteristicId":1943,"templateId":107,"value":true},"1945":{"id":12480,"characteristicId":1945,"templateId":107,"value":true},"1947":{"id":12481,"characteristicId":1947,"templateId":107,"value":true},"1949":{"id":12482,"characteristicId":1949,"templateId":107,"value":true},"1951":{"id":12483,"characteristicId":1951,"templateId":107,"value":true},"1953":{"id":12484,"characteristicId":1953,"templateId":107,"value":true},"1955":{"id":12485,"characteristicId":1955,"templateId":107,"value":true},"1957":{"id":12486,"characteristicId":1957,"templateId":107,"value":"Linux, macOS, Windows"}}}}],"selectedTemplateId":107},"presentation":{"type":null,"company":{},"products":[],"partners":[],"formData":{},"dataLoading":false,"dataError":false,"loading":false,"error":false},"catalogsGlobal":{"subMenuItemTitle":""}}