34 results
Why Capterra is free
Endpoint security tool that eliminates various types of threats, including viruses, malware, ransomware, rootkits, worms and spyware using anti-spyware, anti-phishing, web control, anti-spam, and botnet protection with remote management capability. Endpoint security tool that eliminates various types of threats, including viruses, malware, ransomware, rootkits, worms and spyware.
Trusted by 92 of the fortune 100, Splunk is a customizable data analytics platform that empowers you to investigate, monitor, analyze and act. From IT to security to business operations, Splunk is the data-to-everything platform that enables you to take action in real-time. With Splunk, you can predict and prevent IT problems, streamline your entire security stack, minimize unplanned downtime, and explore and visualize business processes for increased transparency all in one platform. Trusted by 92 of the fortune 100, Splunk helps you investigate, monitor, analyze, and act on all of your organizations data.

by Trend Micro

(72 reviews)
View Profile
Trend Micro Apex One uses a blend of advanced threat protection techniques to eliminate security gaps across any user activity and any endpoint. It constantly learns, adapts, and automatically shares threat intelligence across your environment. This blend of protection is delivered via an architecture that uses endpoint resources more effectively and ultimately outperforms the competition on CPU and network utilization. Automatic, insightful, all-in-one endpoint security from the trusted leader.
View Profile
Cloud-based and globally available, Automox enforces OS & third-party patch management, security configurations, and custom scripting across Windows, Mac, and Linux from a single intuitive console. IT and SecOps can quickly gain control and share visibility of on-prem, remote and virtual endpoints without the need to deploy costly infrastructure. Automox is a cloud-based patch management platform - modern cyber hygiene to raise the world's security confidence.
View Profile
Netsurion empowers organizations to successfully predict, prevent, detect, and respond to cybersecurity threats. Our SIEM platform, EventTracker, unifies machine learning, behavior analytics, and security orchestration. Our managed security service, EventTracker SIEMphonic, delivers a Co-Managed SIEM service driven by our 24/7 SOC. EventTracker EDR also protects critical endpoints from zero-day attacks and mutating malware. By providing SIEM, EDR and a 24/7 SOC, we quickly and efficiently deliver advanced threat protection and security orchestration.

by CrowdStrike

(7 reviews)
View Profile
Next-generation endpoint protection software that detects, prevents, and responds to attacks. Next-generation endpoint protection software that detects, prevents, and responds to attacks.

by Kaspersky Lab

(7 reviews)
View Profile
Gain deep visibility across all your endpoints, automate threat prioritization, investigation, and response. Gain deep visibility across all your endpoints, automate threat prioritization, investigation, and response.
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware. Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.

by Jazz Networks

(4 reviews)
View Profile
Optimal mix of UEBA, Insider threat detection and response with machine learning and a policy engine, DLP with content inspection and automated response actions. Machine learning & policy engine provide threat detection & response. Also used for threat hunting & automated security training.

by Great Bay Software

(1 review)
View Profile
Great Bay Software is helping organizations gain back complete control over their corporate networks. Our technology, the Beacon product suite, solves the lack of endpoint visibility and control that keeps enterprises from fully securing their corporate network. We can help you with: Asset discovery and management, Identity monitoring and threat avoidance, Incident response, Regulatory compliance, Network capacity planning and Device authentication. Suite of solutions designed to secure corporate networks, ensure compliance, and enhance endpoint visibility.
View Profile
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches: phishing, malware, and the use of stolen passwords. InsightIDR natively collects data from your endpoints, security logs, & cloud services. Apply user and attacker behavior analytics to your data to find intruder activity at each step of the attack chain. Unify your security data. Detect before things get critical. Respond 20x faster with visual investigations & automation. InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches.
View Profile
Cynet 360 is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield. Cynet 360 is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield.
Prevent cyber attacks against your endpoints with the use of multi-engine agent, machine learning, and behavioral analytics. Prevent cyber attacks against your endpoints with the use of multi-engine agent, machine learning, and behavioral analytics.
View Profile
EDR solution that enables your to monitor and record activity across your endpoints to accelerate incident response and investigations. EDR solution that enables your to monitor and record activity across your endpoints to accelerate incident response and investigations.
View Profile
DataSecurity Plus is a data visibility and security solution that offers data discovery, file storage analysis, and real-time Windows file server auditing, alerting & reporting. Furthermore, it monitors file integrity; streamlines compliance requirements; generates instant, user-defined email alerts; finds sensitive personal data (PII/ePHI) stored in files, folders, or shares; and automatically executes predefined responses when security threats such as ransomware attacks occur. DataSecurity Plus offers data discovery and real-time server auditing, alerting, and reporting.

by Plurilock Security Solutions

(0 reviews)
View Profile
Identifies actual people as they work, not just their logins and passwords, all day long. Identifies actual people as they work, not just their logins and passwords, all day long.

by Hypori

(0 reviews)
View Profile
Mobile virtualization: keeps all apps running in the datacenter, creating clean separation between enterprise and personal data. Mobile virtualization: keeps all apps running in the datacenter, creating clean separation between enterprise and personal data.

by Anakage

(0 reviews)
View Profile
An end user support platform to manage and reduce support tickets. An end user support platform to manage and reduce support tickets.

by Infocyte

(0 reviews)
View Profile
Infocyte helps security teams assess, detect, and respond to cyber threats--fast. Streamline your endpoint security (SIEM, SOAR, EDR, and more) from our easy-to-use cloud console. Managed security service providers leverage our platform to deliver cost-effective cybersecurity risk assessments, cyber incident response, and managed detection and response services. Reduce risk, maintain compliance, and streamline security operations with Infocyte --the platform for proactive cybersecurity. Reduce risk, maintain compliance, and streamline cybersecurity operations with Infocyte -- the platform for proactive cybersecurity.

by Ziften Technologies

(0 reviews)
View Profile
Unlike products with complex endpoint technologies that fail to stop attacks, and provide little to no investigation and response capabilities, Zenith delivers (1) best-in-class zero-day protection, (2) complete investigation, (3) the most flexible response, plus (4) security posture analysis. The result is simplified endpoint protection to easily stop cyber-attacks with the people and budget you already have. Cloud-delivered endpoint protection platform, simplifying your Endpoint Protection + Visibility.

by DigitalDefense

(0 reviews)
View Profile
Effective security starts at the Frontline. Digital Defenses Frontline.Cloud platform provides organizations with a robust, yet easy to deploy security solutions. Frontline.Cloud security Software as a Service (SaaS) platform supports multiple systems including Frontline Vulnerability Manager (Frontline VM), Frontline Pen Testing (Frontline Pen Test), Frontline Web Application Scanning (Frontline WAS) and Frontline Active Threat Sweep (Frontline ATS). Frontline.Cloud platform provides organization with robust, yet easy to deploy, SaaS Vulnerability Management and Threat Detection.

by IntSights

(0 reviews)
View Profile
IntSights is the leading external threat intelligence and protection platform, purposefully designed to neutralize threats outside the wire. IntSights solution suite equips cybersecurity teams worldwide to more effectively detect, prevent, and eliminate threats at their source. IntSights is the leading external threat intelligence and protection platform designed to neutralize threats outside the wire.

by Anomali

(0 reviews)
View Profile
Arm your security team with cyber threat intelligence to identify and prioritize threats. Arm your security team with cyber threat intelligence to identify and prioritize threats.

by Palo Alto Networks

(0 reviews)
View Profile
Cortex Data Lake enables AI-based innovations for cybersecurity Cortex Data Lake enables AI-based innovations for cybersecurity

by Cyberbit

(0 reviews)
View Profile
EDR platform that makes it possible to detect unknown, advanced and evasive threats in isolated environments. EDR platform that makes it possible to detect unknown, advanced and evasive threats in isolated environments.

by Cybereason

(0 reviews)
View Profile
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent. It delivers multi-layer endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Defend against tomorrows threats today. The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent.

by Tanium

(0 reviews)
View Profile
Threat detection and response solution that automates hunting, investigating, and remediating vulnerabilities and threats. Threat detection and response solution that automates hunting, investigating, and remediating vulnerabilities and threats.

by Symantec

(0 reviews)
View Profile
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation to streamline your cyber security activities. Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation.

by Fidelis Cybersecurity

(0 reviews)
View Profile
Advanced EDR security solution that streamlines threat hunting and detection and automates endpoint response. Advanced EDR security solution that streamlines threat hunting and detection and automates endpoint response.

by 1E

(0 reviews)
View Profile
Endpoint detection and response tool that assists users with guaranteed state of all endpoints, patching, real-time reporting, and more. Endpoint detection and response tool that assist users with guaranteed state of all endpoints, patching, real-time reporting, and more.

by CyFIR

(0 reviews)
View Profile
Companies need digital tools to help detect and respond to a cyber incident. Many traditional solutions are simply too expensive. Even worse, traditional solutions often have restrictive tool architectures that prevent investigators from moving quickly when an attack happens. With worldwide availability and by-the-hour pricing, CyFIR Investigator is an endpoint detection and response solution that is affordable and scalable so companies can get the best protection and only pay for what they need On Demand By-the-Hour Forensic Analysis & Remote Remediation

by Cyber Hunters

(0 reviews)
View Profile
Automatically detect threats across all attack surfaces. Automatically detect threats across all attack surfaces.

by Artic Wolf Networks

(0 reviews)
View Profile
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact. A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.

by McAfee

(0 reviews)
View Profile
Endpoint threat detection, investigation, and responsesimplified. Endpoint threat detection, investigation, and responsesimplified.

Endpoint Detection and Response Software Buyers Guide

What is endpoint detection and response (EDR) software?

Endpoint detection and response (EDR) software helps organizations continuously monitor, investigate, and respond to active threats that target network endpoints.

An effective EDR system should include the following capabilities:

  • Incident data search and investigation
  • Alert triage or suspicious activity validation
  • Suspicious activity detection
  • Threat hunting or data exploration
  • Stopping malicious activity

EDR software is closely related to endpoint protection software , cybersecurity software , network security software , and vulnerability management software .

The benefits of EDR software

Network breaches are becoming more prevalent and most of the breaches are initiated via endpoints such as desktops, mobile devices, or servers. A well-implemented EDR strategy offers tremendous benefits, such as: 

  • Real-time protection against new threats: AV-Test, an IT security company, registers over 350,000 new malware and potentially unwanted applications every day. EDR software collects endpoint data that offer granular visibility around patterns, behavior, and other clues to identify and highlight potentially harmful applications and new malware in real time. Availability of real-time information can help IT teams safeguard networks from both existing and new threats.
  • Proactive cyber defense using data analytics: EDR solutions are not just restricted to securing endpoints and networks—they also help in investigating threats. EDR solutions continuously monitor online and offline endpoints, and collect data on historical events that can be used to map out guidelines to prevent future incidents. These solutions also provide intelligent feeds to IT security teams that can help them avoid critical damage before it’s too late.

Typical features of EDR software

  • Alerts/notifications: Send alerts and notify critical stakeholders whenever the solution discovers a threat or anomaly in the network.
  • Anomaly/malware detection: Scan and detect potentially dangerous and harmful software that can disrupt or damage an endpoint or gain unauthorized access to a network.
  • Reporting/analytics: View and track metrics related to network security. 
  • Remediation management: Identify and implement steps to restore systems to optimal conditions.
  • Behavioral analytics: Continuously track the behavior of the systems connected to a network to check for anomalies.
  • Continuous monitoring: Continuously assess and monitor system health and application usage.

Considerations when purchasing endpoint detection and response software

  • Basic vs. high-end EDR solution: EDR software typically begins by collecting, storing, and analyzing large amounts of data which it uses to offer security insights to IT teams. Basic solutions may simply collect data and present the information on the screen; the decision to quarantine or delete infected files depends on the in-house security experts. Advanced solutions, on the other hand, may analyze the scan results and then self-clean the system. 
  • Cloud vs. on-premise: Cloud deployment of the software offers benefits such as a lower upfront cost, faster service delivery, and remote management. But it stores your data on third-party servers, which limits your control over your data. If you’re willing to share your business and security data with a third-party service provider, opt for cloud-based option; otherwise, go with on-premise deployment.
  • EDR market to grow: The EDR market is expected to grow at almost 50% annually through 2020 , and most large enterprises will have EDR capabilities by 2025.The growth will be driven by the fact that current EDR implementation spans only 40 million endpoints; there are over 711 million desktops, laptops and other devices that can still utilize this software. 
  • EPP and EDR to consolidate: Endpoint protection platforms (EPP) will consolidate with EDR in the near future, triggered by businesses no longer solely relying on protection solutions; they need more advanced solutions that can detect and respond to live threats while constantly protecting the networks. Approximately 40% of EDR deployments are using both EDR and EPP from the same vendor. Going forward, vendors will bundle their EPP and EDR offerings into one consolidated application.
  • Machine learning and AI : EDR applications collect huge amount of data every minute. It’s not possible for humans to manage and analyze such volume of data. That's why vendors are now adding AI capabilities to their solutions to speed up the scanning process and proactively detect threats. Machine learning helps identify new practices of attacks and update the application based on ever-changing user and endpoint behavior.