Defenses have been evolving over time to keep pace with and get ahead of pervasive, sophisticated cyber attacks that target endpoints. One rapidly growing area of endpoint protection is endpoint detection and response (EDR) solutions.
The main purpose of EDR solutions is to increase visibility into endpoint status and events to improve threat detection and response times. EDR solutions have recently added features to actively block threats, enable machine-learning algorithms to detect threats and malicious activity, monitor privileged accounts for suspect behavior, and much more.
The Market Guide for Endpoint Detection and Response Solutions published by Gartner gives you the latest available information on EDR solutions, including:
- Their four essential capabilities: Detecting security incidents, containing the incident at the endpoint, investigating security incidents, and remediating endpoints to a preinfection state.
- Types of organizations that should be adopting them.
- Typical and expected costs over time.
- Improvements in 2016 and anticipated capabilities.
FireEye Endpoint Security (HX series), which includes detection and response capabilities, seamlessly extends the threat intelligence capabilities of other FireEye products to the endpoint. If a FireEye product detects an attack anywhere in the network, endpoints are automatically updated and can be inspected for IOCs.
FireEye HX can be deployed on premise for endpoints inside and outside the corporate network. It helps your security team detect, contain and understand the nature and purpose of known and unknown threats using features such as:
- Triage Viewer and Audit Viewer to inspect and analyze threat indicators.
- Enterprise Security Search to rapidly scan for, find and contain threats.
- Data Acquisition for in-depth endpoint inspection and analysis.
- Exploit Guard detect and alert on endpoint exploit processes.
Learn more about FireEye Endpoint Security, detection and response capabilities, and about how FireEye can protect your endpoint.
Gartner does not endorse any vendor, product or service depicted in its research publications, and does not advise technology users to select only those vendors with the highest ratings or other designation. Gartner research publications consist of the opinions of Gartner's research organization and should not be construed as statements of fact. Gartner disclaims all warranties, expressed or implied, with respect to this research, including any warranties of merchantability or fitness for a particular purpose.