What You Need to Know Before Implementing an EDR Solution>
Heimdal Security Blog – Alina Georgiana Petcu
#1 Risk Mitigation The first thing you should look for in an EDR solution is that of risk mitigation, particularly through incident prevention. This is where the notion of EPDR comes in. #2 Artificial Intelligence DNS filtering goes hand in hand with machine learning, which is why you should aim for your EDR solution to be artificial intelligence-driven. #3 Application Control No EDR solution is complete without application control, which is the way to go in terms of the aforementioned whitelisting and blacklisting features that you should expect #4 Privileged Access Management Privileged access management is the user-level counterpart to application control. #5 Mobile Device Management An MDM tool not only stores information about said mobile devices but also outlines a list of apps that can be installed on them along with corresponding policies. #6 Vulnerability Management the EDR solution you implement must have proper vulnerability management tools that are complete with automated patching software. #7 Optimized Performance you must look for an EDR solution that has an optimized system performance. #8 Cross-Compatibility One final thing to consider when looking at an EDR solution is cross-compatibility. Do the aforementioned prevention, detection, and response components interact with each other, or are they static?
Link: https://heimdalsecurity.com/blog/edr-solution/