EDR (Endpoint Detection and Response)
GPTKB entity
Statements (48)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity technology
|
| gptkbp:abbreviation |
gptkb:Endpoint_Detection_and_Response
|
| gptkbp:category |
information security
incident response threat detection endpoint protection |
| gptkbp:coinedBy |
Anton Chuvakin
|
| gptkbp:component |
endpoint security
|
| gptkbp:detects |
malware
insider threats fileless attacks suspicious behavior |
| gptkbp:enables |
automated response
threat hunting manual response |
| https://www.w3.org/2000/01/rdf-schema#label |
EDR (Endpoint Detection and Response)
|
| gptkbp:introducedIn |
2013
|
| gptkbp:mainVendors |
gptkb:CrowdStrike
gptkb:Bitdefender gptkb:Symantec gptkb:McAfee gptkb:Trend_Micro gptkb:SentinelOne gptkb:Sophos gptkb:Microsoft_Defender_for_Endpoint |
| gptkbp:monitors |
endpoint devices
|
| gptkbp:notableCollection |
network activity
event logs telemetry data process information file activity |
| gptkbp:provides |
forensic analysis
incident response real-time monitoring threat detection |
| gptkbp:purpose |
detect and respond to cyber threats on endpoints
|
| gptkbp:relatedTo |
gptkb:XDR_(Extended_Detection_and_Response)
gptkb:security SIEM (Security Information and Event Management) |
| gptkbp:requires |
centralized management console
endpoint agent |
| gptkbp:supports |
gptkb:Windows
gptkb:macOS gptkb:Linux mobile devices |
| gptkbp:usedBy |
security teams
|
| gptkbp:bfsParent |
gptkb:Bitdefender_GravityZone
|
| gptkbp:bfsLayer |
7
|