73 results
Filter Results (73)
Pricing Options
Deployment
On Demand By-the-Hour Forensic Analysis & Remote Remediation
Companies need digital tools to help detect and respond to a cyber incident. Many traditional solutions are simply too expensive. Even worse, traditional solutions often have restrictive tool architectures that prevent investigators from moving quickly when an attack happens. With worldwide availability and by-the-hour pricing, CyFIR Investigator is an endpoint detection and response solution that is affordable and scalable so companies can get the best protection and only pay for what they need
Companies need digital tools to help detect and respond to a cyber incident. Many traditional solutions are simply too expensive. Even worse, traditional solutions often have restrictive tool...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Automatically detect threats across all attack surfaces.
Automatically detect threats across all attack surfaces.
Automatically detect threats across all attack surfaces.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Endpoint threat detection, investigation, and responsesimplified.
Endpoint threat detection, investigation, and responsesimplified.
Endpoint threat detection, investigation, and responsesimplified.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
zIPS
(0)
zIPS secures BYOD and corporate-owned mobile devices while protecting user privacy so that employees can safely access enterprise data.
Zimperium zIPS is a Mobile Threat Defense (MTD) platform that helps enterprises ensure that mobile devices and mobile apps accessing their data and systems are safe and secure.
It provides comprehensive protection against Devices, Networks, Applications, and Phishing vectors.
It provides visibility into and protection against vulnerabilities, threats, and attacks on mobile devices.
KEY PARTNERS: Google, Microsoft, Oracle, McAfee, MobileIron, Samsung, Motorola, VMWare, Blackberry.
Zimperium zIPS is a Mobile Threat Defense (MTD) platform that helps enterprises ensure that mobile devices and mobile apps accessing their data and systems are safe and secure.
It provides...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Prevent misaddressed emails.
VIPRE SafeSend is a simple Microsoft Outlook add-on that is used to prevent misaddressed email or inadvertent autocomplete email mistakes by requiring the sender to confirm external recipients and file attachments before their email can be sent. SafeSend also scans attachments for sensitive data and allows companies to build their own DLP rules. VIPRE SafeSend is very scalable, easily deployed and doesn't require a server.
VIPRE SafeSend is a simple Microsoft Outlook add-on that is used to prevent misaddressed email or inadvertent autocomplete email mistakes by requiring the sender to confirm external recipients and...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Capsule8
(0)
Helps businesses protect their Linux infrastructure.
Helps businesses protect their Linux infrastructure.
Helps businesses protect their Linux infrastructure.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
USB and endpoint security solution!
With Security.Desk you can define exactly which users are allowed to transfer which files from and to removable media and which file types are not allowed. All file movements can be logged. > Enabling and blocking of specific interfaces > Storage media and file types > Shadowing / logging of data and file transfers > Active Directory integration > Rights management at all levels > Central control station > Bad-USB protection and much more.
With Security.Desk you can define exactly which users are allowed to transfer which files from and to removable media and which file types are not allowed. All file movements can be logged. >...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
24/7 SOC-as-a-Service capabilities in a turnkey approach.
CipherBox is an end-to-end solution that uses Ciphers state-of-the-art technologies, processes and people to secure the environment of any operation in a rapid, yet comprehensive way. Organizations can in a matter of hours add 24/7 dedicated threat monitoring, detection and incident response capabilities.
CipherBox is an end-to-end solution that uses Ciphers state-of-the-art technologies, processes and people to secure the environment of any operation in a rapid, yet comprehensive way. Organizations...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
eSentire
(0)
Endpoint detection and response solution that helps businesses identify and counter threats across networks and hybrid environments.
Endpoint detection and response solution that helps businesses identify and counter threats across networks and hybrid environments.
Endpoint detection and response solution that helps businesses identify and counter threats across networks and hybrid environments.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Endpoint detection and response management solution that helps businesses detect and block threats to prevent data breach.
Endpoint detection and response management solution that helps businesses detect and block threats to prevent data breach.
Endpoint detection and response management solution that helps businesses detect and block threats to prevent data breach.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Endpoint detection and response solution that helps businesses with automated patch management and media protection.
Endpoint detection and response solution that helps businesses with automated patch management and media protection.
Endpoint detection and response solution that helps businesses with automated patch management and media protection.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
It is a cybersecurity solution that helps businesses conduct behavioral analysis, manage bots, scan for malware, and more.
Myra Web Application Security is a cybersecurity solution that helps protect content and applications across websites of businesses in finance, insurance, and healthcare, and eCommerce sectors. The platform enables administrators to optimize the security for companies responsible for social systems or essential food delivery. To complete such tasks, the company uses certain technology to prevent malicious code from being injected into systems, among other things.
Myra Web Application Security is a cybersecurity solution that helps protect content and applications across websites of businesses in finance, insurance, and healthcare, and eCommerce sectors. The...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Cloud-based threat detection and response management solution that helps organizations secure networks, access, applications, and more.
Cloud-based threat detection and response management solution that helps organizations secure networks, access, applications, and more.
Cloud-based threat detection and response management solution that helps organizations secure networks, access, applications, and more.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
S.O.A.R
(0)
The future of Cyber Defense warfare.
Easy to use localized console with toolkit for new and expert users.
S.O.A.R (SIEM Orchestration Automation Response)
PURVEYOR (SasS) The Cyber Defense Console and Toolkit. Supported by Counterveils Managed and Unmanaged XDR Platform offers limitless potential.
Payment schedules are flexible.
S.O.A.R (SIEM Orchestration Automation Response)
PURVEYOR (SasS) The Cyber Defense Console and Toolkit. Supported by Counterveils Managed and Unmanaged XDR Platform offers limitless...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Triage
(0)
Endpoint detection and response solution that helps businesses detect malware across devices and systems.
Triage is an endpoint detection and response solution that includes a sandbox, allowing managers to detect and analyze malware. It can be used on macOS, Windows, Linux, and Android systems. The application has a graphic design and presents only the user-relevant data in overviews. A comprehensive REST API is available to gain insights across data generated during analysis on a unified interface.
Triage is an endpoint detection and response solution that includes a sandbox, allowing managers to detect and analyze malware. It can be used on macOS, Windows, Linux, and Android systems. The...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Microsoft 365 Defender enables businesses to stop attacks with automated, cross-domain security and built-in AI.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed. Microsoft 365 Defender, part of Microsofts XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed....
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
It is an endpoint detection and response solution that helps businesses receive alerts, detect threats, generate analysis, and more.
It is an endpoint detection and response solution that helps businesses receive alerts, detect threats, generate analysis, and more.
It is an endpoint detection and response solution that helps businesses receive alerts, detect threats, generate analysis, and more.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Cloud-based software that helps businesses manage tracking, detection, and remediation operations for cyberthreats across endpoints.
Cloud-based software that helps businesses manage tracking, detection, and remediation operations for cyberthreats, incidents, and other online threats across endpoints and systems.
Cloud-based software that helps businesses manage tracking, detection, and remediation operations for cyberthreats, incidents, and other online threats across endpoints and systems.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
The ultimate next-generation antivirus powered by market-leading threat intelligence, forensics, and firewall integration.
Heimdal Next-Gen Endpoint Antivirus is an NGAV solution designed to provide market-leading endpoint detection and response through local signature-based file scanning, sandbox and backdoor analysis, process and behavior-based examination, and real-time cloud inspection. It is the detection-oriented counterpart to our threat prevention offering, Heimdal Threat Prevention. Besides its EDR features, Heimdal NGAV comes with complete firewall integration, which will further secure your workstations.
Heimdal Next-Gen Endpoint Antivirus is an NGAV solution designed to provide market-leading endpoint detection and response through local signature-based file scanning, sandbox and backdoor analysis,...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
A revolutionary, 100% signature-free component that provides market-leading detection and remediation of ransomware attacks.
Heimdal Ransomware Encryption Protection is an innovative and signature-free cybersecurity module with market-leading detection and remediation capacities that prevent any type of ransomware. This includes both fileless and file-based strains for complete, round-the-clock safety. It can detect any encryption attempt, even those that have no signatures or behavioral patterns. Our solution was built to be universally compatible with any antivirus, be it Heimdal’s own NGAV or something else.
Heimdal Ransomware Encryption Protection is an innovative and signature-free cybersecurity module with market-leading detection and remediation capacities that prevent any type of ransomware. This...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
DIARIO
(0)
DIARIO is a malware detection software that scans attachments without compromising privacy or sharing content
DIARIO is a document malware detection tool that analyzes and scans documents for malware. It accepts all types of different documents, from Microsoft Word to Adobe Acrobat and more. For users that do not want to upload entire documents, they are given the choice to use the special client feature which would allow them to only upload certain parts.
DIARIO is a document malware detection tool that analyzes and scans documents for malware. It accepts all types of different documents, from Microsoft Word to Adobe Acrobat and more. For users that...
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Enterprise-class threat detection, isolation, and remediation.
Enterprise-class threat detection, isolation, and remediation.
Enterprise-class threat detection, isolation, and remediation.
Features
- Anomaly/Malware Detection
- Remediation Management
- Prioritization
- Whitelisting/Blacklisting
- Continuous Monitoring
Endpoint Detection and Response Software Buyers Guide
Table of Contents
What is endpoint detection and response (EDR) software?
Endpoint detection and response (EDR) software helps organizations continuously monitor, investigate, and respond to active threats that target network endpoints.
An effective EDR system should include the following capabilities:
- Incident data search and investigation
- Alert triage or suspicious activity validation
- Suspicious activity detection
- Threat hunting or data exploration
- Stopping malicious activity
EDR software is closely related to endpoint protection software , cybersecurity software , network security software , and vulnerability management software .
The benefits of EDR software
Network breaches are becoming more prevalent and most of the breaches are initiated via endpoints such as desktops, mobile devices, or servers. A well-implemented EDR strategy offers tremendous benefits, such as:
- Real-time protection against new threats: AV-Test, an IT security company, registers over 350,000 new malware and potentially unwanted applications every day. EDR software collects endpoint data that offer granular visibility around patterns, behavior, and other clues to identify and highlight potentially harmful applications and new malware in real time. Availability of real-time information can help IT teams safeguard networks from both existing and new threats.
- Proactive cyber defense using data analytics: EDR solutions are not just restricted to securing endpoints and networks—they also help in investigating threats. EDR solutions continuously monitor online and offline endpoints, and collect data on historical events that can be used to map out guidelines to prevent future incidents. These solutions also provide intelligent feeds to IT security teams that can help them avoid critical damage before it’s too late.
Typical features of EDR software
- Alerts/notifications: Send alerts and notify critical stakeholders whenever the solution discovers a threat or anomaly in the network.
- Anomaly/malware detection: Scan and detect potentially dangerous and harmful software that can disrupt or damage an endpoint or gain unauthorized access to a network.
- Reporting/analytics: View and track metrics related to network security.
- Remediation management: Identify and implement steps to restore systems to optimal conditions.
- Behavioral analytics: Continuously track the behavior of the systems connected to a network to check for anomalies.
- Continuous monitoring: Continuously assess and monitor system health and application usage.
Considerations when purchasing endpoint detection and response software
- Basic vs. high-end EDR solution: EDR software typically begins by collecting, storing, and analyzing large amounts of data which it uses to offer security insights to IT teams. Basic solutions may simply collect data and present the information on the screen; the decision to quarantine or delete infected files depends on the in-house security experts. Advanced solutions, on the other hand, may analyze the scan results and then self-clean the system.
- Cloud vs. on-premise: Cloud deployment of the software offers benefits such as a lower upfront cost, faster service delivery, and remote management. But it stores your data on third-party servers, which limits your control over your data. If you’re willing to share your business and security data with a third-party service provider, opt for cloud-based option; otherwise, go with on-premise deployment.
Relevant EDR software trends
- EDR market to grow: The EDR market is expected to grow at almost 50% annually through 2020 , and most large enterprises will have EDR capabilities by 2025.The growth will be driven by the fact that current EDR implementation spans only 40 million endpoints; there are over 711 million desktops, laptops and other devices that can still utilize this software.
- EPP and EDR to consolidate: Endpoint protection platforms (EPP) will consolidate with EDR in the near future, triggered by businesses no longer solely relying on protection solutions; they need more advanced solutions that can detect and respond to live threats while constantly protecting the networks. Approximately 40% of EDR deployments are using both EDR and EPP from the same vendor. Going forward, vendors will bundle their EPP and EDR offerings into one consolidated application.
- Machine learning and AI : EDR applications collect huge amount of data every minute. It’s not possible for humans to manage and analyze such volume of data. That's why vendors are now adding AI capabilities to their solutions to speed up the scanning process and proactively detect threats. Machine learning helps identify new practices of attacks and update the application based on ever-changing user and endpoint behavior.