15 years helping Israeli businesses
choose better software

15 years helping Israeli businesses
choose better software

Endpoint Detection and Response Software

Endpoint Detection And Response (EDR) software helps organizations protect their networks from malicious software that can enter the system via endpoint devices.

Sponsored Highest Rated
Sorting details

Related Categories

Israel Show local products

141 results

Heimdal Endpoint Detection and Response (EDR)

Heimdal Endpoint Detection and Response (EDR)

(0)
Visit Website
An endpoint detection & response suite that takes threat hunting, prevention and remediation to the next level. 1 agent, 6 solutions. Learn more about Heimdal Endpoint Detection and Response (EDR)
A seamless EDR solution that consists of six top-of-the-line products working in unison to hunt, prevent, and remediate any cybersecurity incidents that might come your way. The products in question are Heimdal Threat Prevention (DNS-based security), Patch & Asset Management, Ransomware Encryption Protection, Next-Gen Antivirus, Privileged Access Management, and Application Control. The suite can be further enhanced with any available Heimdal module. One agent, up to 9 unified solutions. Learn more about Heimdal Endpoint Detection and Response (EDR)

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Heimdal eXtended Detection and Response (XDR)

Heimdal eXtended Detection and Response (XDR)

5.0 (4)
Visit Website
A complete XDR solution with timely incident alerts, environment monitoring, and expert input that supports full compliance. Learn more about Heimdal eXtended Detection and Response (XDR)
The Heimdal XDR brings together 10 essential tools and security expertise to provide you with the ultimate protection you need. You can eliminate the complexity of managing multiple security solutions and gain a comprehensive, integrated approach to cybersecurity. Keep your endpoints, networks, emails, data and everything in between safe from cyber threats. The platform comes equipped with an Action Center, which allows for seamless and efficient one-click automated and assisted actioning. Learn more about Heimdal eXtended Detection and Response (XDR)

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Seqrite Endpoint Security

Seqrite Endpoint Security

(0)
Visit Website
Endpoint security solution that allows businesses to monitor, track, and manage access to applications, automate IoC search, and more. Learn more about Seqrite Endpoint Security
Endpoint security solution that allows businesses to monitor, track, and manage access to applications, automate IoC search, and more. Learn more about Seqrite Endpoint Security

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Malwarebytes for Business

Malwarebytes for Business

4.7 (2,385)
View Profile
Cloud-based Endpoint Detection and Response (EDR) with 72-hour ransomware recovery for Windows PCs, Windows servers and Linux servers.
Cloud-based Endpoint Detection and Response (EDR) with 72-hour ransomware recovery for Windows PCs, Windows servers and Linux servers. Rated #1 for ease-of-use to help businesses identify, analyze, and remediate threats on a unified platform. Learn more about Malwarebytes for Business

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ESET Endpoint Security

ESET Endpoint Security

4.7 (1,136)
View Profile
Cybersecurity application for IT administrators to prevent data breaches, covering a suite of devices, networks, and applications.
ESET Endpoint Security software is a cloud-based and on-premises application for internet security and malware protection. It has a global user base that comprises businesses of every size. Cloud sandbox technology enables users to protect their mobile devices, laptops, and desktops against ransomware, zero-day attacks, and data breaches. It features file, bot, and mail protection, along with remote device management, virtualization security, firewall set-up, and web control. Learn more about ESET Endpoint Security

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ManageEngine Endpoint Central

ManageEngine Endpoint Central

4.5 (706)
View Profile
On-prem & cloud-based unified endpoint management and security tool that helps manage organization endpoints from single console.
Endpoint Central is a unified endpoint management solution that helps in managing servers, laptops, desktops, smartphones, & tablets from a central location. Using either an on-premise or a cloud-based UEM allows you to automate regular endpoint management routines like installing patches, deploying software, imaging & deploying OS, manage mobiles & BYOD devices, remote troubleshooting, modern management & much more! It also has a mobile app that allows you to manage endpoints anywhere, anytime! Learn more about ManageEngine Endpoint Central

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
WebTitan

WebTitan

4.5 (258)
View Profile
DNS web content & security filter for business that blocks malware, ransomware and phishing + provides advanced web content control.
WebTitan is a DNS Based Web content filter and Web security layer that blocks cyber attacks, malware, ransomware and malicious phishing as well as providing granular web content control. WebTitan DNS filtering filters over 2 billion DNS requests every day and identifies 300,000 malware iterations a day. Our intelligent AI driven real time content categorization engine combines industry leading anti-virus and cloud based architecture. Try a free Trial of WebTitan today, full support included. Learn more about WebTitan

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Splunk Enterprise

Splunk Enterprise

4.6 (219)
View Profile
Search, analyze, and visualize data from your entire data ecosystem. Monitor, alert, and report on your operations to drive resilience.
Are you ready to take control of your data? Splunk is a customizable data analytics platform that empowers you to investigate, monitor, analyze and act in real-time. With Splunk, you can predict and prevent IT problems, streamline your entire security stack, minimize unplanned downtime, and explore and visualize business processes for increased transparency. Make your organization more resilient with the all-in-one unified security and observability platform. Learn more about Splunk Enterprise

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Webroot Business Endpoint Protection

Webroot Business Endpoint Protection

4.5 (212)
View Profile
Multi-vector protection against viruses and malware offering full protection against all of today's sophisticated malware threats.
Multi-vector protection against viruses and malware offering full protection against all of today's sophisticated malware threats including Trojans, keyloggers, phishing, spyware, back-doors, rootkits, zero-day and advanced persistent threats. Built in Identity & Privacy Shield stops data being stolen or captured when using the Internet and the outbound firewall also stops malware stealing data. No need to worry about or run updates, cloud-driven security means endpoints are always up to date. Learn more about Webroot Business Endpoint Protection

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Bitdefender GravityZone

Bitdefender GravityZone

4.6 (208)
View Profile
Cybersecurity solution that provides with licensing options to fit the protection needs of businesses, datacenters, and public cloud.
GravityZone is built from the ground up for virtualization and cloud to deliver business security services to physical endpoints, mobile devices, virtual machines in private, public cloud and Exchange mail servers. GravityZone Enterprise Security provides flexible licensing options to fit the protection needs of your offices, datacenters and public cloud. All security services are delivered from one virtual appliance to install on premise covering all endpoints across your environment. Learn more about Bitdefender GravityZone

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
JumpCloud Directory Platform

JumpCloud Directory Platform

4.7 (206)
View Profile
The JumpCloud Directory Platform reimagines the directory as a complete platform for identity, access, and device management.
JumpCloud is an open directory platform for secure, frictionless access from any device to any resource, anywhere. JumpClouds mission is to Make Work Happen, providing simple, secure access to corporate technology resources from any device, or any location. The JumpCloud Directory Platform gives IT, MSPs, VARs/Distributors, security operations, and DevOps a single, cloud-based solution to control and manage employee identities, their devices, and apply Zero Trust principles. Learn more about JumpCloud Directory Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Safetica

Safetica

4.7 (128)
View Profile
Safetica protects endpoints against data leaks. The solution responds to security incidents based on your security policies.
Safetica provides easy-to-use on-prem and cloud-native data loss prevention and insider threat protection solutions that help organizations secure their data and ensure regulatory compliance. Safetica is a European software company founded in 2007, serving its customers in 120 countries globally, and provides data loss prevention and insider threat protection solutions. Safetica NXT (cloud-native) Safetica ONE (on-prem) Learn more about Safetica

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Ivanti Connect Secure

Ivanti Connect Secure

4.5 (87)
View Profile
Cloud-based and on-premise platform that allows businesses to secure critical data with multi-factor authentication.
Enterprise access has been redefined by BYOD, mobility, and cloud services. Todays workers demand secure connectivity regardless of location their desk can be in a car, a hotel room, at home, or at a caf. Pulse Connect Secure is the result of 15 years of innovation and refinement which had led to the most reliable and feature-rich VPN built for the next generation. Learn more about Ivanti Connect Secure

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Teramind

Teramind

4.6 (86)
View Profile
Teramind tracks employee behavior, detects threats, and optimizes your business for productivity with advanced employee monitoring.
Discover Teramind - the ultimate tool for businesses looking to optimize productivity, streamline workflows, and protect assets. Our customizable platform ensures regulatory compliance, detects and prevents insider threats, and monitors remote employees. Automated actions keep your business secure and efficient, while real-time alerts and logs provide all-around security. Experience the power of machine-learned behavior analytics to secure your company data. Ready to revolutionize your business? Learn more about Teramind

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
WatchGuard Endpoint Security

WatchGuard Endpoint Security

4.4 (82)
View Profile
WatchGuard EDR responds to known and unknown threats by providing visibility and controlling applications running on the network.
WatchGuard Endpoint Security delivers the technologies required to stop advanced cyberattacks on endpoints, including next-gen antivirus, EDR, ThreatSync (XDR), and DNS filtering solutions. WatchGuard EDR provides powerful endpoint detection and response protection from zero-day attacks, ransomware, cryptojacking, and other advanced targeted attacks using new and emerging machine-learning and deep-learning AI models. Learn more about WatchGuard Endpoint Security

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
SentinelOne

SentinelOne

4.8 (78)
View Profile
Cybersecurity with AI-powered prevention, detection, response and hunting in a single autonomous XDR platform.
At SentinelOne, we are redefining cybersecurity by pushing the boundaries of autonomous technology. Our Singularity ️XDR Platform encompasses AI-powered prevention, detection, response, and threat hunting across user endpoints, containers, cloud workloads, and IoT devices. Empowering modern enterprises to defend faster, at greater scale, and with higher accuracy across their entire attack surface. Learn more about SentinelOne

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Kandji

Kandji

4.9 (75)
View Profile
Kandji EDR is purpose-built to detect and stop threats on Mac computers and is deployed alongside MDM in a unified agent.
Kandji Endpoint Detection & Response (EDR) is purpose-built to detect and stop threats on Mac computers. Armed with hundreds of millions of malware definitions, data from the world’s leading threat feeds, and a team of threat researchers feeding the detection engine, our threat intelligence for Mac is among the world’s most comprehensive. Kandji EDR is deployed alongside MDM in a unified agent and monitors all files and applications on the Mac. Learn more about Kandji

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Automox

Automox

4.8 (71)
View Profile
Maintain complete endpoint visibility and inventory of all software with Automox's cloud-based platform.
Automox allows you to maintain complete visibility into the endpoints and software used in your organization's day-to-day operations, while also providing the information needed to manage patching, risk mitigation, and endpoint hardening decisions. With Automox, you'll have the ability to see all endpoints and applications from a single console which enables administrators to identify misconfigured systems, missing patches, or compliance issues. Learn more about Automox

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
SUPERAntiSpyware

SUPERAntiSpyware

4.4 (56)
View Profile
Multi-dimensional scanning and process interrogation technology that detects and removes spyware through consistent scans.
Multi-dimensional scanning and process interrogation technology that detects and removes spyware, malware and more through consistent scans and automated database updates. Learn more about SUPERAntiSpyware

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Orca Security

Orca Security

4.8 (56)
View Profile
Orca Security is the pioneer of agentless cloud security that spans AWS, Azure, Google Cloud and Kubernetes.
Orca Security is the pioneer of agentless cloud security that is trusted by hundreds of enterprises globally. Orca makes cloud security possible for enterprises moving to and scaling in the cloud with its patented SideScanning™ technology and Unified Data Model. The Orca Cloud Security Platform delivers the world's most comprehensive coverage and visibility of risks across AWS, Azure, Google Cloud and Kubernetes. Learn more about Orca Security

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Microsoft 365 Defender

Microsoft 365 Defender

4.5 (56)
View Profile
Microsoft 365 Defender enables businesses to stop attacks with automated, cross-domain security and built-in AI.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed. Microsoft 365 Defender, part of Microsofts XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats. Learn more about Microsoft 365 Defender

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Israel Local product
Guardio

Guardio

4.5 (45) Israel Local product
View Profile
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment.
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment. Learn more about Guardio

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ConnectWise SIEM

ConnectWise SIEM

4.6 (44)
View Profile
Threat detection and response backed by an in-house 24/7 SOC, no annual contract required.
ConnectWise SIEM (formerly Perch) offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, ConnectWise SIEM helps you keep clients safe with the best threat intel on the market. Learn more about ConnectWise SIEM

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Zero Threat Advanced

Zero Threat Advanced

4.4 (37)
View Profile
ZeroThreat Advanced combines the benefits of ZeroThreat Essentials with Advanced Endpoint Security.
ZeroThreat Advanced combines the benefits of ZeroThreat Essentials with Advanced Endpoint Security (AV/NGAV), endpoint detection and response (EDR), endpoint management capabilities, and 5 mobile device management (MDM) licenses to deliver exploit prevention, enhanced reporting, and endpoint management from a centralized SaaS platform. Licensed by number of endpoints. Learn more about Zero Threat Advanced

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Jamf Protect

Jamf Protect

4.5 (33)
View Profile
Prevent macOS malware, detect from Mac-specific threats, and monitor endpoints for compliance with Jamf Protect.
Jamf Protect provides a complete endpoint protection solution to maintain macOS compliance, prevent macOS malware, detect and remediate Mac specific threats with minimal impact to the enduser experience. With known customizable prevention, intuitive dashboards, real-time alerts, and extensive reporting all of which is designed only for Macs, you can be certain that your Mac fleet is well secured and you always have full visibility into your Apple computers. Learn more about Jamf Protect

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Blackpoint MDR

Blackpoint MDR

4.8 (33)
View Profile
Blackpoint Cyber continues to work hard to deliver an end-to-end, effective cybersecurity ecosystem to the MSP community.
Blackpoint Cyber offers the only world-class, nation state-grade cybersecurity ecosystem serving the MSP community. Headquartered in Maryland, USA, the company was established by former US Department of Defense and Intelligence cybersecurity experts. Blackpoint's True 24/7 Managed Detection and Response (MDR) service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe! Learn more about Blackpoint MDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ESET Home Office Security Pack

ESET Home Office Security Pack

4.8 (30)
View Profile
Protect your equipment from digital threats. Complete security for small and medium businesses.
This cybersecurity solution includes: Online identity protection, antivirus and antispyware, antispam, protection against public networks, remote administration, web access control, USB device control, corporate mobile management and more. It allows combining protection from 5 to 25 computers + 5 smartphones + 1 or 2 file servers; all options include the remote administration tool. Learn more about ESET Home Office Security Pack

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Falcon

Falcon

4.7 (29)
View Profile
Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics.
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), & a 24/7 managed hunting service all delivered via a single lightweight agent. Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics to ensure nothing is missed and to stop breaches. Learn more about Falcon

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Qualys Cloud Platform

Qualys Cloud Platform

3.9 (27)
View Profile
Qualys Multi-Vector EDR - A new approach to EDR that shortens response times and reduces costs.
Traditional EDR solutions focus only on endpoint activity to detect attacks. Qualys brings a new multi-vector approach and the power of its Cloud Platform to protect the entire attack chain, from attack and breach prevention, to detection and response — all in a single, cloud-based app. Learn more about Qualys Cloud Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Apex One

Apex One

4.4 (25)
View Profile
Apex One is an endpoint detection and response software designed to help businesses investigate threats and protect the system.
Apex One is an endpoint detection and response software designed to help businesses detect and investigate threats and protect the system against fileless and ransomware attacks. The platform offers a host-based intrusion prevention system (HIPS), which enables administrators to virtually patch vulnerabilities. Managers can detect the indicators and intent of attackers in real-time and manage threat responses on a unified interface. Apex One allows teams to identify and analyze the impact as we Learn more about Apex One

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
GateKeeper Enterprise

GateKeeper Enterprise

5.0 (25)
View Profile
Automated proximity-based 2FA authentication into computers and websites. Passwordless login and auto-lock PCs, Macs, and websites.
Touchless, automated proximity-based authentication into computers, websites, and software. Password-free login and auto-lock PCs with a token. Authenticate with your presence and log in instantly with password autofill. No more locked out accounts. When the token moves out of range, GateKeeper automatically locks the computer. Be preventative against expensive and disruptive data breaches. Your password caddie for a password-free experience. Never go back to memorizing and typing passwords. Learn more about GateKeeper Enterprise

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
KACE

KACE

4.0 (24)
View Profile
KACE Unified Endpoint Manager unites traditional endpoint management with modern management in a shared intuitive interface.
KACE® by Quest supports your unified endpoint management (UEM) strategy by helping you discover and track every device in your environment, automate administrative tasks, keep compliance requirements up-to-date and secure your network from a range of cyberthreats. Discover, manage and secure all your endpoints from one console as you co-manage your traditional and modern endpoints, including Windows, Mac, Linux, ChromeOS, and iOS and Android devices. Learn more about KACE

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Netsurion

Netsurion

3.6 (23)
View Profile
Provides the necessary synergy between people, process, and technology to truly deliver world-class cybersecurity today.
Continuously predict, prevent, detect, and respond to advanced threats efficiently and effectively by combining deep learning-enabled technology and a team of cybersecurity experts providing 24/7 monitoring, analysis, and incident response. Our managed platform approach to cybersecurity simplifies operations and reduces security gaps caused by standalone point products.? Learn more about Netsurion

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DataDome

DataDome

4.5 (17)
View Profile
DataDome’s award-winning bot and online fraud protection detects and mitigates attacks with unparalleled accuracy and zero compromise.
DataDome’s bot and online fraud protection detects and mitigates attacks with unparalleled accuracy and zero compromise. Our machine learning solution analyzes 3 trillion signals per day to adapt to new threats in real time. Our 24/7 SOC experts protect hundreds of high-profile brands worldwide, including Reddit, Patreon, and Angelist. A force multiplier for IT and security teams, DataDome is fully transparent, easy to deploy, and frictionless for consumers. Learn more about DataDome

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Huntress

Huntress

4.9 (16)
View Profile
Huntress’ Process Insights feature provides Managed Endpoint Detection & Response (EDR) capabilities backed by 24/7 threat hunters.
Huntress’ Process Insights feature provides Managed Endpoint Detection & Response (EDR) capabilities supported by 24/7 threat hunters. Process Insights provides additional visibility into endpoint activity and strengthens the EDR functionality within the Huntress Managed Security Platform. By monitoring for malicious processes, Process Insights builds an extensive view of cyber threats as they occur. And when a threat is detected, Threat Operations shares an report to help you take action. Learn more about Huntress

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Microsoft Defender for Endpoint

Microsoft Defender for Endpoint

4.7 (15)
View Profile
Microsoft Defender for Endpoint is a complete endpoint security solution.
Microsoft Defender for Endpoint is a complete endpoint security solution that delivers preventative protection, post-breach detection, automated investigation, and response. With Defender for Endpoint, you have: -Agentless, cloud powered - No additional deployment or infrastructure. No delays or update compatibility issues. Always up to date. -Unparalleled optics - Built on the industry’s deepest insight into Windows threats and shared signals across devices, identities, and information. Learn more about Microsoft Defender for Endpoint

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ESET PROTECT MDR

ESET PROTECT MDR

4.8 (15)
View Profile
Continuous protection for your evolving IT environment, multiplatform cyber risk management and 24/7 ESET expertise on call.
ESET's MDR service represents the most densely multilayered and effective cybersecurity approach in the world. The MDR service takes ESET's cutting-edge technology and augments it with hands-on expertise, delivered 24/7/365, ensuring antimalware technology and strategy are perfectly aligned. With full XDR capabilities thanks to ESET Inspect, the XDR-enabling component, this is the optimal approach to securing your enterprise. Learn more about ESET PROTECT MDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
INLYSE Malware.AI

INLYSE Malware.AI

5.0 (14)
View Profile
INLYSE Malware.AI is an AI-based security platform that quickly detects malware and cyber-attacks.
INLYSE Malware.AI is a visual AI-based malware detection solution that uses cutting-edge technology to convert files into graphical representations and detect even unknown malware before it can harm your device. Our self-learning algorithms and deep neural networks are capable of recognizing even the most advanced malware, cyber-attacks, zero-day exploits, and APT attacks within seconds. We offer a range of plugins to suit your specific needs, all starting at $2.50 per user per month. Learn more about INLYSE Malware.AI

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cisco Secure Endpoint

Cisco Secure Endpoint

4.7 (13)
View Profile
Advanced malware protection solution that helps businesses secure endpoints, emails and web traffic across multiple platforms with cont
Advanced malware protection solution that helps businesses secure endpoints, emails and web traffic across multiple platforms with continuous tracking, malware prevention, sandboxing and more. Learn more about Cisco Secure Endpoint

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Microsoft Defender for Business

Microsoft Defender for Business

4.5 (13)
View Profile
Comprehensive endpoint security solution for Windows clients, Windows servers, and MacOS devices, providing enterprise-grade security.
Comprehensive endpoint security solution for Windows clients, Windows servers, and MacOS devices, providing enterprise-grade security for small and mid-size businesses. Microsoft Defender for Business includes automated device onboarding, endpoint detection and response, threat and vulnerability management, automated investigation and response, attack surface reduction, and more. Learn more about Microsoft Defender for Business

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Datto EDR

Datto EDR

4.3 (13)
View Profile
Datto EDR is an easy-to-use, advanced endpoint detection and response solution that enables timely cyberthreat response and remediation
Datto EDR is an easy-to-use, advanced endpoint detection and response solution that detects evasive cyberthreats quickly, enabling timely response and remediation before damage is done. Learn more about Datto EDR

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Aruba ClearPass

Aruba ClearPass

4.6 (12)
View Profile
Provides built-in context-based policy engine, device profiling and comprehensive posture assessment, and guest access options.
Provides built-in context-based policy engine, device profiling and comprehensive posture assessment, and guest access options. Learn more about Aruba ClearPass

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Heimdal Next-Gen Endpoint Antivirus

Heimdal Next-Gen Endpoint Antivirus

4.8 (12)
View Profile
The ultimate next-generation antivirus powered by market-leading threat intelligence, forensics, and firewall integration.
Heimdal Next-Gen Endpoint Antivirus is an NGAV solution designed to provide market-leading endpoint detection and response through local signature-based file scanning, sandbox and backdoor analysis, process and behavior-based examination, and real-time cloud inspection. It is the detection-oriented counterpart to our threat prevention offering, Heimdal Threat Prevention. Besides its EDR features, Heimdal NGAV comes with complete firewall integration, which will further secure your workstations. Learn more about Heimdal Next-Gen Endpoint Antivirus

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Emsisoft Anti-Malware

Emsisoft Anti-Malware

4.7 (11)
View Profile
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware. Learn more about Emsisoft Anti-Malware

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Metallic SaaS Backup & Recovery

Metallic SaaS Backup & Recovery

4.0 (9)
View Profile
Protect, defend, recover. Stay two steps ahead with Metallic data protection as a service. Simple to adopt, to use, & to scale.
Secure, defend, recover. Stay two steps ahead with Metallic data protection as a service. Simple to adopt, simple to use, & simple to scale. From the minds of Commvault— 12 time Leader in the Gartner Magic Quadrant—Metallic is SaaS-delivered backup and recovery for businesses of all sizes, designed to safeguard your data from deletion, corruption, and malicious attack. No matter where your data lives (on-premise, cloud, or SaaS), Metallic offers enterprise-grade protection and proven security. Learn more about Metallic SaaS Backup & Recovery

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Flowmon

Flowmon

4.4 (9)
View Profile
Network performance monitoring and diagnostics tool that enables NetOps to analyse network traffic and troubleshoot network problems.
Progress Flowmon is a professional tool for effective network troubleshooting, performance monitoring, capacity planning, encrypted traffic analysis and cloud monitoring. Instead of just the red/green infrastructure status, it helps NetOps teams to understand user experience while keeping the amount of data noise and analytical work to a minimum. The Flowmon solution is a part of the Kemp product portfolio. Learn more about Flowmon

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Jazz Platform

Jazz Platform

5.0 (6)
View Profile
Machine learning & policy engine provide threat detection & response. Also used for threat hunting & automated security training.
Optimal mix of UEBA, Insider threat detection and response with machine learning and a policy engine, DLP with content inspection and automated response actions. Learn more about Jazz Platform

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Uptycs

Uptycs

4.7 (6)
View Profile
Uptycs unified CNAPP and XDR secures your enterprise from endpoint through cloud, eliminating tool, team, and infrastructure silos.
The Uptycs unified CNAPP and XDR platform helps businesses looking to enhance their cybersecurity across cloud and on-prem environments. One solution provides you with asset inventory, audit, compliance, vulnerability scanning, and threat detection and response. Eliminate tool, team, and infrastructure silos to reduce response times to breaches and attacks. Uptycs helps you make better risk decisions about vulnerabilities and threats. Shift your cybersecurity up with Uptycs. Learn more about Uptycs

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Inky

Inky

4.2 (5)
View Profile
INKY is powered by computer vision, and machine learning making it the most effective solution in the fight against phishing.
INKY is powered by unique computer vision, artificial intelligence, and machine learning, making it the most effective solution in the fight against phishing. INKY uses advanced detection techniques and a unique banner technology to identify and block sophisticated phishing emails that legacy email systems cannot detect. INKY works with Microsoft O365, Exchange, and Google Workspace and on all mobile devices. Learn more about Inky

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring
GorillaStack

GorillaStack

5.0 (5)
View Profile
GorillaStack helps to automate real-time security remediation, managing backup lifecycles, and optimize cloud bills.
GorillaStack helps DevOps to get real time alerts and automate remediation for security. With automation, you can achieve compliance and governance across AWS and Azure Cloud easily. GorillaStack can also help to reduce your cloud bills and manage backups reliably. Learn more about GorillaStack

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritization
  • Whitelisting/Blacklisting
  • Continuous Monitoring

Endpoint Detection and Response Software Buyers Guide

Table of Contents

  1. What is endpoint detection and response (EDR) software?
  2. The benefits of EDR software
  3. Typical features of EDR software
  4. Considerations when purchasing endpoint detection and response software
  5. Relevant EDR software trends

What is endpoint detection and response (EDR) software?

Endpoint detection and response (EDR) software helps organizations continuously monitor, investigate, and respond to active threats that target network endpoints.

An effective EDR system should include the following capabilities:

  • Incident data search and investigation
  • Alert triage or suspicious activity validation
  • Suspicious activity detection
  • Threat hunting or data exploration
  • Stopping malicious activity

EDR software is closely related to endpoint protection software , cybersecurity software , network security software , and vulnerability management software .

The benefits of EDR software

Network breaches are becoming more prevalent and most of the breaches are initiated via endpoints such as desktops, mobile devices, or servers. A well-implemented EDR strategy offers tremendous benefits, such as: 

  • Real-time protection against new threats: AV-Test, an IT security company, registers over 350,000 new malware and potentially unwanted applications every day. EDR software collects endpoint data that offer granular visibility around patterns, behavior, and other clues to identify and highlight potentially harmful applications and new malware in real time. Availability of real-time information can help IT teams safeguard networks from both existing and new threats.
  • Proactive cyber defense using data analytics: EDR solutions are not just restricted to securing endpoints and networks—they also help in investigating threats. EDR solutions continuously monitor online and offline endpoints, and collect data on historical events that can be used to map out guidelines to prevent future incidents. These solutions also provide intelligent feeds to IT security teams that can help them avoid critical damage before it’s too late.

Typical features of EDR software

  • Alerts/notifications: Send alerts and notify critical stakeholders whenever the solution discovers a threat or anomaly in the network.
  • Anomaly/malware detection: Scan and detect potentially dangerous and harmful software that can disrupt or damage an endpoint or gain unauthorized access to a network.
  • Reporting/analytics: View and track metrics related to network security. 
  • Remediation management: Identify and implement steps to restore systems to optimal conditions.
  • Behavioral analytics: Continuously track the behavior of the systems connected to a network to check for anomalies.
  • Continuous monitoring: Continuously assess and monitor system health and application usage.

Considerations when purchasing endpoint detection and response software

  • Basic vs. high-end EDR solution: EDR software typically begins by collecting, storing, and analyzing large amounts of data which it uses to offer security insights to IT teams. Basic solutions may simply collect data and present the information on the screen; the decision to quarantine or delete infected files depends on the in-house security experts. Advanced solutions, on the other hand, may analyze the scan results and then self-clean the system. 
  • Cloud vs. on-premise: Cloud deployment of the software offers benefits such as a lower upfront cost, faster service delivery, and remote management. But it stores your data on third-party servers, which limits your control over your data. If you’re willing to share your business and security data with a third-party service provider, opt for cloud-based option; otherwise, go with on-premise deployment.
  • EDR market to grow: The EDR market is expected to grow at almost 50% annually through 2020 , and most large enterprises will have EDR capabilities by 2025.The growth will be driven by the fact that current EDR implementation spans only 40 million endpoints; there are over 711 million desktops, laptops and other devices that can still utilize this software. 
  • EPP and EDR to consolidate: Endpoint protection platforms (EPP) will consolidate with EDR in the near future, triggered by businesses no longer solely relying on protection solutions; they need more advanced solutions that can detect and respond to live threats while constantly protecting the networks. Approximately 40% of EDR deployments are using both EDR and EPP from the same vendor. Going forward, vendors will bundle their EPP and EDR offerings into one consolidated application.
  • Machine learning and AI : EDR applications collect huge amount of data every minute. It’s not possible for humans to manage and analyze such volume of data. That's why vendors are now adding AI capabilities to their solutions to speed up the scanning process and proactively detect threats. Machine learning helps identify new practices of attacks and update the application based on ever-changing user and endpoint behavior.