Get in Touch Close Menu

Endpoint Detection & Response (EDR)

The Sapphire managed service provides 24×7 visibility of attempted malicious endpoint incursions. By combining automated detection and analysis with industry-leading threat intelligence feeds and remote remediation, security teams can operate safely in the knowledge that devices are secure.

Alert: Enterprise-wide visibility on all endpoint devices using advanced behavioural techniques combined with granular interrogation allows for dynamic mapping of attacks in each organisation’s environment.

Responsive: Friction-free isolation of infected systems, black-listing malicious files, and forensics collection for further analysis and mitigation.

Managed: 24 x 7 endpoint detection management frees up the security team to focus on core competencies, allowing them to address long-term security strategy and report to senior stakeholders.

FREQUENTLY ASKED QUESTIONS (FAQS)

1. What is Endpoint Detection and Response (EDR)?

Endpoint detection and response (EDR) is a security solution that combines endpoint data collection and real-time monitoring for threats with analysis capabilities and automatic remediation.

2. How does Endpoint Detection and Response work?

Endpoint Detection and Response provides comprehensive real-time endpoint visibility to understand malicious activity. An agent monitors events for malicious behaviours using machine learning and ‘known bad’ signatures. EDR solutions are also essential for threat hunting.

3. Does SIEM replace EDR?

EDR and SIEM complement each other. A SIEM will consume data from EDR and feed it into an aggregated single-view of risk, acting as a centralised point of management.

4. Why is Endpoint Security important?

Endpoint security is vital because end-user devices such as laptops, desktops, and mobile devices are often a landing point for an attacker looking to steal data or move laterally.

5. What is an endpoint agent?

An endpoint agent is installed on a device to monitor and alert on potentially malicious actions.

6. What is the difference between an EDR and XDR?

An Extended Detection and Response (XDR) solution takes a broader view than EDR, monitoring malicious actions into the email, cloud, etc.