Endpoint Detection and Response (EDR)
GPTKB entity
Statements (48)
| Predicate | Object |
|---|---|
| gptkbp:instanceOf |
cybersecurity technology
|
| gptkbp:abbreviation |
gptkb:Endpoint_Detection_and_Response
|
| gptkbp:alsoKnownAs |
gptkb:EDR
|
| gptkbp:analyzes |
suspicious activities
|
| gptkbp:category |
information security
endpoint security |
| gptkbp:coinedBy |
2013
Anton Chuvakin |
| gptkbp:complement |
preventive security controls
|
| gptkbp:component |
endpoint security
|
| gptkbp:detects |
malware
data exfiltration insider threats zero-day exploits lateral movement command and control activity fileless attacks |
| gptkbp:enables |
real-time monitoring
automated response threat hunting data retention for forensics |
| gptkbp:focusesOn |
gptkb:investigation
response automation threat containment post-compromise detection |
| https://www.w3.org/2000/01/rdf-schema#label |
Endpoint Detection and Response (EDR)
|
| gptkbp:marketedAs |
gptkb:CrowdStrike
gptkb:Symantec gptkb:Trend_Micro gptkb:SentinelOne gptkb:Sophos gptkb:Microsoft_Defender_for_Endpoint VMware Carbon Black |
| gptkbp:monitors |
endpoints
|
| gptkbp:notableCollection |
endpoint activity data
|
| gptkbp:provides |
forensics
incident response threat detection alerting remediation tools |
| gptkbp:purpose |
detect and respond to cyber threats on endpoints
|
| gptkbp:relatedTo |
gptkb:security
endpoint protection platform (EPP) |
| gptkbp:supports |
compliance requirements
|
| gptkbp:usedBy |
security operations centers
IT security teams |
| gptkbp:bfsParent |
gptkb:Cybereason
|
| gptkbp:bfsLayer |
6
|