EDR (Endpoint Detection and Response)

GPTKB entity

Statements (48)
Predicate Object
gptkbp:instanceOf cybersecurity technology
gptkbp:abbreviation gptkb:Endpoint_Detection_and_Response
gptkbp:category information security
incident response
threat detection
endpoint protection
gptkbp:coinedBy Anton Chuvakin
gptkbp:component endpoint security
gptkbp:detects malware
insider threats
fileless attacks
suspicious behavior
gptkbp:enables automated response
threat hunting
manual response
https://www.w3.org/2000/01/rdf-schema#label EDR (Endpoint Detection and Response)
gptkbp:introducedIn 2013
gptkbp:mainVendors gptkb:CrowdStrike
gptkb:Bitdefender
gptkb:Symantec
gptkb:McAfee
gptkb:Trend_Micro
gptkb:SentinelOne
gptkb:Sophos
gptkb:Microsoft_Defender_for_Endpoint
gptkbp:monitors endpoint devices
gptkbp:notableCollection network activity
event logs
telemetry data
process information
file activity
gptkbp:provides forensic analysis
incident response
real-time monitoring
threat detection
gptkbp:purpose detect and respond to cyber threats on endpoints
gptkbp:relatedTo gptkb:XDR_(Extended_Detection_and_Response)
gptkb:security
SIEM (Security Information and Event Management)
gptkbp:requires centralized management console
endpoint agent
gptkbp:supports gptkb:Windows
gptkb:macOS
gptkb:Linux
mobile devices
gptkbp:usedBy security teams
gptkbp:bfsParent gptkb:Bitdefender_GravityZone
gptkbp:bfsLayer 7