EDR (Endpoint Detection & Response)
Definition
EDR stands for Endpoint Detection and Response: security software that detects, investigates, and automatically responds to threats on endpoints (laptops, servers, smartphones). EDR goes beyond traditional antivirus software.
EDR solutions continuously monitor endpoint behavior and store events in a central database. On suspicious behavior, EDR can automatically take action: stopping a process, quarantining a file, or isolating an endpoint.
Well-known EDR solutions include CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, and Carbon Black.