Senior Consultant at a tech services company with 11-50 employees
Real User
Jan 28, 2022
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
Works at a tech services company with 11-50 employees
Real User
Jan 28, 2022
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in Endpoint Protection Platform (EPP). Updated: December 2025.
Endpoint Detection and Response (EDR) is a cybersecurity solution that focuses on detecting, investigating, and mitigating advanced cyber threats at the endpoint level. Organizations use EDR solutions to enhance their threat detection capabilities and respond effectively to security incidents.
EDR solutions combine real-time continuous monitoring and collection of endpoint data with rule-based automated response and analysis capabilities. This enables organizations to rapidly identify and...
EDR (Endpoint Detection and Response) can be viewed as the next generation of EPP.
While in EPP you already have detection/investigation of security incidents and protection, these are more integrated into EDR.
You can thus consider EDR to be more behavior-based (acting on the malware actions) than signature-based (acting on the malware name) in remediating endpoints to pre-infection state.
All cybersecurity companies have EDR .. e.g., Fortinet, Symantec, Cisco, etc.
@Chetan Woodun Thanks for your views.
IMHO, the EDR is a good tool for IT to do such a job as forensics.
The generic (old-fashioned) EPP is like HIPS. EDR compares with EPP. EDR is able to show you the context and the topology such as a diagram for an incident.
@Alan, Thanks for your response.
Any suggestions on the tools/solutions that you have used?