Endpoint detection and response (EDR)

EDR is a solution designed to detect and remove malicious activities from a network. EDR solutions will typically include the following four capabilities:

• Detecting threats with the continuous monitoring of endpoints
• Collecting and investigating logs and comparing and correlating them with historical events from each endpoint's activity
• Responding to the dangerous attempts of resources and removing them from the network
• Killing unauthorized processes to put the endpoint in a normal state