-1.png?height=120&name=corp_logo_horz_on_dark_1200w%20(2)-1.png){kind=logo}
EDR is provided by a software package that is installed on the computers within your network that monitors each device for suspicious activity and works to mitigate an attack.
Why do I need EDR?
An EDR client, the software package installed on a device (like a laptop), behaves like a firewall, anti-virus, and remote management tool all wrapped into one.
Actual functionality may vary from vendor to vendor, but in general, the EDR client performs functions like:
- Regularly scanning the filesystem for suspicious or malicious files
- May include scanning for files containing non-public information (NPI), personal health information (PHI), payment information (PCI), or personally identifiable information (PII)
- Monitors system processes and network traffic for suspicious activity that may indicate infiltration
- Detects system configuration issues for remediation
- For example: not requiring login, unencrypted drives, connecting to unsecured WiFi networks, etc
How do I setup EDR?
A number of vendors have Endpoint Detection and Response solutions, and ComplyAuto Esquire has chosen to partner with industry leader Sophos.