What is EndPoint Detection and Response or EDR and how does it differ from Anti-Virus Software?
top of page
  • Luke Werner
    • Apr 26, 2023
    • 2 min read

What is EndPoint Detection and Response or EDR and how does it differ from Anti-Virus Software?

First off lets explain what EDR is, EDR is software that is installed on either your Apple or PC workstations and integrates advancements in technology, like AI and automated rollbacks, to replace older technologies that rely on daily or weekly scans, like traditional antivirus and malware software.


Traditional AV software is reactive, meaning that it has to talk with a virus signature database in order to be told what a virus is and then after being updated it can then know what to look for. This could mean that there will be gaps in coverage since each AV software company updates their database at different times.


EDR proactively monitors your computer and keeps it safe by monitoring, detecting and fixing or rolling back to a safe state. It uses integrated machine learning and artificial intelligence to identify suspicious behaviors and address them. For example, it will establish a baseline of behavior for your computer and from here it will discover if it veers from that baseline. If it does detect a threat that deviates from the baseline then it will give options to kill, quarantine, remediate, and roll back. Where as traditional AV would only have a list of known issues to go by from the last time it updated.


With the landscape of how and where we work changing from in office work to work from home or even having a mobile team the EDR solution will help with cyber attacks whether they are viruses, malware or ransomware. With the average cyber attack taking approximately 287 days to identify and contain this tells you how invasive these attacks can be. Malware alone jumped by 59% in 2020 or ransomware attacks have increased globally by 151% year over year has become big business for cybercriminals.


Because of advancements in technology from cybercriminals and how they manage to get into networks and workstations along with how the methods are always evolving. We will be implementing EDR into our Protect Me software in order to thwart their efforts over the next few weeks.


We are always looking for ways to protect our clients from cybercriminals in this evolving cyber world



20 views0 comments
bottom of page