EDR (Endpoint Detection and Response)
GPTKB entity
Statements (48)
Predicate | Object |
---|---|
gptkbp:instanceOf |
cybersecurity technology
|
gptkbp:abbreviation |
gptkb:Endpoint_Detection_and_Response
|
gptkbp:category |
information security
incident response threat detection endpoint protection |
gptkbp:coinedBy |
Anton Chuvakin
|
gptkbp:component |
endpoint security
|
gptkbp:detects |
malware
insider threats fileless attacks suspicious behavior |
gptkbp:enables |
automated response
threat hunting manual response |
https://www.w3.org/2000/01/rdf-schema#label |
EDR (Endpoint Detection and Response)
|
gptkbp:introducedIn |
2013
|
gptkbp:mainVendors |
gptkb:CrowdStrike
gptkb:Bitdefender gptkb:Symantec gptkb:McAfee gptkb:Trend_Micro gptkb:SentinelOne gptkb:Sophos gptkb:Microsoft_Defender_for_Endpoint |
gptkbp:monitors |
endpoint devices
|
gptkbp:notableCollection |
network activity
event logs telemetry data process information file activity |
gptkbp:provides |
forensic analysis
incident response real-time monitoring threat detection |
gptkbp:purpose |
detect and respond to cyber threats on endpoints
|
gptkbp:relatedTo |
gptkb:XDR_(Extended_Detection_and_Response)
gptkb:security SIEM (Security Information and Event Management) |
gptkbp:requires |
centralized management console
endpoint agent |
gptkbp:supports |
gptkb:Windows
gptkb:macOS gptkb:Linux mobile devices |
gptkbp:usedBy |
security teams
|
gptkbp:bfsParent |
gptkb:Bitdefender_GravityZone
|
gptkbp:bfsLayer |
7
|