Endpoint Detection and Response (EDR)

Endpoint Detection and Response (EDR) is advanced security software that runs on individual computers and servers (endpoints) to continuously monitor for suspicious activity, detect threats that bypass traditional antivirus, and provide tools for investigating and responding to security incidents.

EDR goes far beyond traditional antivirus — it records detailed activity on each endpoint, uses behavioral analysis to detect novel threats, and provides security teams with the ability to investigate incidents, isolate compromised machines, and remediate threats remotely. Think of it as having a security camera and alarm system on every computer in your organization.