An endpoint detection and respons platform (EDR) is a solution deployed on endpoint devices to harden endpoints, prevent malware and malicious attacks, and to provide the investigation and remediation capabilities needed to dynamically respond to security incidents when they evade protection controls.
Endpoint security has evolved from traditional antivirus software to providing comprehensive protection from sophisticated malware and evolving zero-day threats.
Traditional EDR solutions have been delivered via a client agent managed by an on-premises management server.
More modern solutions utilize a cloud-native architecture that shifts the management and some of the analysis and detection workload to the cloud.
Typically, endpoint security software will include these key components: