82 results
Why Capterra is free
An integrated feature in N-able RMM, helps MSPs prevent, detect, and respond to ever-changing threats. Learn more about Endpoint Detection and Response
N-able™ Endpoint Detection and Response (EDR), an integrated feature in N-able RMM, helps MSPs prevent, detect, and respond to ever-changing threats—and recover quickly when ransomware or other exploits strike. Remediation and rollback help reverse the effects of an attack and restore endpoints to their pre-attack healthy state to minimize customer downtime. Gain full monitoring and management of your endpoint security, all from a single dashboard. Learn more about Endpoint Detection and Response
N-able™ Endpoint Detection and Response (EDR), an integrated feature in N-able RMM, helps MSPs prevent, detect, and respond to ever-changing threats—and recover quickly when ransomware or other...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DataDome provides state-of-the-art protection against online fraud and bot attacks for mobile apps, websites and APIs. Learn more about DataDome
DataDome protects mobile apps, websites and APIs from online fraud and bot attacks, including scraping, scalping, credential stuffing and account takeover, Layer 7 DDoS attacks and carding fraud. Our AI-powered bot detection engine processes more than a TRILLION pieces of data every day, from 25 worldwide points of presence, to protect the largest global e-commerce businesses in real time. Learn more about DataDome
DataDome protects mobile apps, websites and APIs from online fraud and bot attacks, including scraping, scalping, credential stuffing and account takeover, Layer 7 DDoS attacks and carding fraud....

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DNS web content & security filter for business that blocks malware, ransomware and phishing + provides advanced web content control. Learn more about WebTitan
DNS Based Web content filter and Web security layer that blocks cyber attacks, malware, ransomware and malicious phishing as well as providing granular web content control. WebTitan dns filtering filters over 2 billion DNS requests every day, identifies 300,000 malware iterations a day and has over 7,500 customers. Try a free Trial of WebTitan today, full support included. Great monthly pricing available starting at less than $1 per user per month. Hosted locally, no latency. Learn more about WebTitan
DNS Based Web content filter and Web security layer that blocks cyber attacks, malware, ransomware and malicious phishing as well as providing granular web content control. WebTitan dns filtering...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Multilayered technology, machine learning, and human expertise combined with automated security management. Learn more about ESET Endpoint Security
Endpoint security software that eliminates various types of threats, including viruses, malware, ransomware, rootkits, worms and spyware using anti-spyware, anti-phishing, web control, anti-spam, and botnet protection with remote management capability. Keep your endpoints secure from ransomware and zeroday threats with an easy-to-use cloud-based console. ESET PROTECT Advanced bundle includes Endpoint Protection, File Server Security, Cloud Sandbox and Full Disk Encryption. Learn more about ESET Endpoint Security
Endpoint security software that eliminates various types of threats, including viruses, malware, ransomware, rootkits, worms and spyware using anti-spyware, anti-phishing, web control, anti-spam, and...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
ReaQta-Hive is an Autonomous Detection & Response platform that protects endpoints against threats. Learn more about ReaQta-Hive
ReaQta is Europe’s top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts & AI/ML researchers. ReaQta allows organizations to eliminate the most advanced endpoint threats in real-time. Equipped with proprietary NanoOS technology, ReaQta-Hive delivers unprecedented visibility into processes and applications running on endpoints and is tamper-free to malware & attackers. ReaQta was named a 2020 Gartner Cool Vendor in Endpoint Security. Learn more about ReaQta-Hive
ReaQta is Europe’s top-tiered AI Autonomous Detection & Response platform, built by an elite group of cyber security experts & AI/ML researchers. ReaQta allows organizations to eliminate the most...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Trusted by 92 of the fortune 100, Splunk helps you investigate, monitor, analyze, and act on all of your organizations data. Learn more about Splunk Enterprise
Trusted by 92 of the fortune 100, Splunk is a customizable data analytics platform that empowers you to investigate, monitor, analyze and act. From IT to security to business operations, Splunk is the data-to-everything platform that enables you to take action in real-time. With Splunk, you can predict and prevent IT problems, streamline your entire security stack, minimize unplanned downtime, and explore and visualize business processes for increased transparency all in one platform. Learn more about Splunk Enterprise
Trusted by 92 of the fortune 100, Splunk is a customizable data analytics platform that empowers you to investigate, monitor, analyze and act. From IT to security to business operations, Splunk is...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Identify and resolve APTs, fileless malware and zero-day attacks across all your assets, 100% remotely deployed and managed MDR option. Learn more about Infocyte
Ideally suited for mid-market to enterprise organizations and MSP/MSSPs whose cybersecurity teams manage networks with hundreds, thousands, and hundreds of thousands of nodes/endpoints. Over 50% of breaches are missed by existing cyber defense tools. Infocyte offers agentless install; you get identification, investigation and response to sophisticated fileless, in-live memory cyber attacks in minutes, so you can contain, remediate and recover quicker. Learn more about Infocyte
Ideally suited for mid-market to enterprise organizations and MSP/MSSPs whose cybersecurity teams manage networks with hundreds, thousands, and hundreds of thousands of nodes/endpoints. Over 50% of...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Enterprise-class threat detection, isolation, and remediation. Learn more about Malwarebytes Endpoint Detection and Response
Enterprise-class threat detection, isolation, and remediation. Learn more about Malwarebytes Endpoint Detection and Response
Enterprise-class threat detection, isolation, and remediation.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Complete threat protection and remediation solution, centrally managed from the cloud for organizations of all sizes.
Malwarebytes Endpoint Protection provides complete malware protection and remediation with precise threat detection, proactive threat blocking, and thorough remediation, driven from the cloud and easy to use for organizations of all sizes.
Malwarebytes Endpoint Protection provides complete malware protection and remediation with precise threat detection, proactive threat blocking, and thorough remediation, driven from the cloud and...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cybersecurity solution that provides with licensing options to fit the protection needs of businesses, datacenters, and public cloud.
GravityZone is built from the ground up for virtualization and cloud to deliver business security services to physical endpoints, mobile devices, virtual machines in private, public cloud and Exchange mail servers. GravityZone Enterprise Security provides flexible licensing options to fit the protection needs of your offices, datacenters and public cloud. All security services are delivered from one virtual appliance to install on premise covering all endpoints across your environment.
GravityZone is built from the ground up for virtualization and cloud to deliver business security services to physical endpoints, mobile devices, virtual machines in private, public cloud and...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-based and on-premise platform that allows businesses to secure critical data with multi-factor authentication.
Enterprise access has been redefined by BYOD, mobility, and cloud services. Todays workers demand secure connectivity regardless of location their desk can be in a car, a hotel room, at home, or at a caf. Pulse Connect Secure is the result of 15 years of innovation and refinement which had led to the most reliable and feature-rich VPN built for the next generation.
Enterprise access has been redefined by BYOD, mobility, and cloud services. Todays workers demand secure connectivity regardless of location their desk can be in a car, a hotel room, at home, or at...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Maintain complete endpoint visibility and inventory of all software with Automox's cloud-based platform.
Automox allows you to maintain complete visibility into the endpoints and software used in your organization's day-to-day operations, while also providing the information needed to manage patching, risk mitigation, and endpoint hardening decisions. With Automox, you'll have the ability to see all endpoints and applications from a single console which enables administrators to identify misconfigured systems, missing patches, or compliance issues.
Automox allows you to maintain complete visibility into the endpoints and software used in your organization's day-to-day operations, while also providing the information needed to manage patching,...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Multi-dimensional scanning and process interrogation technology that detects and removes spyware through consistent scans.
Multi-dimensional scanning and process interrogation technology that detects and removes spyware, malware and more through consistent scans and automated database updates.
Multi-dimensional scanning and process interrogation technology that detects and removes spyware, malware and more through consistent scans and automated database updates.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Threat detection and response backed by an in-house 24/7 SOC, no annual contract required.
Perch Security, a ConnectWise solution, offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and see beyond your network traffic. Our team of threat analysts does all the tedium for you, eliminating the noise and sending only identified and verified treats to action on. Built with multi-tenancy, Perch helps you keep clients safe with the best threat intel on the market.
Perch Security, a ConnectWise solution, offers threat detection and response backed by an in-house Security Operations Center (SOC). Defend against business email compromise, account takeovers, and...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment.
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment.
Chrome extension that protects from phishing, malware, removes pop-ups, and creates a safe browsing environment.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Blackpoint Cyber continues to work hard to deliver an end-to-end, effective cybersecurity ecosystem to the MSP community.
Blackpoint Cyber offers the only world-class, nation state-grade cybersecurity ecosystem serving the MSP community. Headquartered in Maryland, USA, the company was established by former US Department of Defense and Intelligence cybersecurity experts. Blackpoint's True 24/7 Managed Detection and Response (MDR) service not only detects breaches earlier than any other solution on the market, but also provides an actual response rather than just an alert to keep your and your clients’ networks safe!
Blackpoint Cyber offers the only world-class, nation state-grade cybersecurity ecosystem serving the MSP community. Headquartered in Maryland, USA, the company was established by former US Department...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Gain deep visibility across all your endpoints, automate threat prioritization, investigation, and response.
Gain deep visibility across all your endpoints, automate threat prioritization, investigation, and response.
Gain deep visibility across all your endpoints, automate threat prioritization, investigation, and response.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Provides the necessary synergy between people, process, and technology to truly deliver world-class cybersecurity today.
Continuously predict, prevent, detect, and respond to advanced threats efficiently and effectively by combining deep learning-enabled technology and a team of cybersecurity experts providing 24/7 monitoring, analysis, and incident response. Our managed platform approach to cybersecurity simplifies operations and reduces security gaps caused by standalone point products.​
Continuously predict, prevent, detect, and respond to advanced threats efficiently and effectively by combining deep learning-enabled technology and a team of cybersecurity experts providing 24/7...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Apex One is an endpoint detection and response software designed to help businesses investigate threats and protect the system.
Apex One is an endpoint detection and response software designed to help businesses detect and investigate threats and protect the system against fileless and ransomware attacks. The platform offers a host-based intrusion prevention system (HIPS), which enables administrators to virtually patch vulnerabilities. Managers can detect the indicators and intent of attackers in real-time and manage threat responses on a unified interface. Apex One allows teams to identify and analyze the impact as we
Apex One is an endpoint detection and response software designed to help businesses detect and investigate threats and protect the system against fileless and ransomware attacks. The platform offers...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Automated proximity-based 2FA authentication into computers and websites. Passwordless login and auto-lock PCs, Macs, and websites.
Touchless, automated proximity-based authentication into computers, websites, and software. Passwordless login and auto-lock PCs with a token. Authenticate with your presence and log in instantly with password autofill. No more locked out accounts. When the token moves out of range, GateKeeper automatically locks the computer. Be preventative against expensive and disruptive data breaches. Your password caddie for a password-free experience. Never go back to memorizing and typing passwords.
Touchless, automated proximity-based authentication into computers, websites, and software. Passwordless login and auto-lock PCs with a token. Authenticate with your presence and log in instantly...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Prevent macOS malware, detect from Mac-specific threats, and monitor endpoints for compliance with Jamf Protect.
Jamf Protect provides a complete endpoint protection solution to maintain macOS compliance, prevent macOS malware, detect and remediate Mac specific threats with minimal impact to the enduser experience. With known customizable prevention, intuitive dashboards, real-time alerts, and extensive reporting all of which is designed only for Macs, you can be certain that your Mac fleet is well secured and you always have full visibility into your Apple computers.
Jamf Protect provides a complete endpoint protection solution to maintain macOS compliance, prevent macOS malware, detect and remediate Mac specific threats with minimal impact to the enduser...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Qualys Multi-Vector EDR - A new approach to EDR that shortens response times and reduces costs.
Traditional EDR solutions focus only on endpoint activity to detect attacks. Qualys brings a new multi-vector approach and the power of its Cloud Platform to protect the entire attack chain, from attack and breach prevention, to detection and response — all in a single, cloud-based app.
Traditional EDR solutions focus only on endpoint activity to detect attacks. Qualys brings a new multi-vector approach and the power of its Cloud Platform to protect the entire attack chain, from...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics.
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation antivirus, endpoint detection and response (EDR), & a 24/7 managed hunting service all delivered via a single lightweight agent. Falcon Insight delivers continuous, comprehensive endpoint visibility that spans detection, response and forensics to ensure nothing is missed and to stop breaches.
CrowdStrike is the leader in cloud-delivered next-generation endpoint protection. CrowdStrike has revolutionized endpoint protection by being the first and only company to unify next-generation...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.
Protects PCs from all internet threats. It uses a four-layer prevention dual-engine to fight viruses and malware.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
INKY is powered by computer vision, and machine learning making it the most effective solution in the fight against phishing.
INKY is powered by unique computer vision, artificial intelligence, and machine learning, making it the most effective solution in the fight against phishing. INKY uses advanced detection techniques and a unique banner technology to identify and block sophisticated phishing emails that legacy email systems cannot detect. INKY works with Microsoft O365, Exchange, and Google Workspace and on all mobile devices.
INKY is powered by unique computer vision, artificial intelligence, and machine learning, making it the most effective solution in the fight against phishing. INKY uses advanced detection techniques...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
GorillaStack helps to automate real-time security remediation, managing backup lifecycles, and optimize cloud bills.
GorillaStack helps DevOps to get real time alerts and automate remediation for security. With automation, you can achieve compliance and governance across AWS and Azure Cloud easily. GorillaStack can also help to reduce your cloud bills and manage backups reliably.
GorillaStack helps DevOps to get real time alerts and automate remediation for security. With automation, you can achieve compliance and governance across AWS and Azure Cloud easily. GorillaStack can...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
United Kingdom Local product
Machine learning & policy engine provide threat detection & response. Also used for threat hunting & automated security training.
Optimal mix of UEBA, Insider threat detection and response with machine learning and a policy engine, DLP with content inspection and automated response actions.
Optimal mix of UEBA, Insider threat detection and response with machine learning and a policy engine, DLP with content inspection and automated response actions.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
For on-premises, SaaS, and cloud-native data, Metallic gives you data protection that perfectly matches your hybrid cloud strategy.
Metallic, from Commvault, offers award-winning data protection without the complexity. For small & medium-sized business, with fast-growing environments, looking to secure an enterprise-grade solution to protect their data. Built on Microsoft Azure, Metallic offers coverage across apps, endpoints, on-premise, & cloud environments - proven to safeguard critical business data from deletion, corruption, & attack. Stay secure, stay compliant, stay recoverable with Metallic backup & recovery.
Metallic, from Commvault, offers award-winning data protection without the complexity. For small & medium-sized business, with fast-growing environments, looking to secure an enterprise-grade...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Axonius is a cybersecurity asset management platform used to strengthen security, IT operations, and risk management.
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security coverage gaps, and automatically validates and enforces security policies. By seamlessly integrating with hundreds of security, management, and IT solutions, Axonius deploys in hours (not weeks) to improve security and IT operations, threat and vulnerability management, incident response, and security posture assessment.
Axonius is the cybersecurity asset management platform that gives organizations a comprehensive asset inventory, uncovers security coverage gaps, and automatically validates and enforces security...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation.
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation to streamline your cyber security activities.
Cloud-based solution that provides deep endpoint visibility deep, AI-driven analytics, and workflow automation to streamline your cyber security activities.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
BeyondDLP Enables A Safe Data Experience A unique & proactive Data Loss & Leakage Prevention solution to protect your data - anywhere.
ITsMine provides safety and protection to your shared and distributed work environment, along with regulatory compliance. ITsMine’s technology overcomes the major challenges and complexities of current data security solutions by automatically constructing “Safe Zones." ITsMine is agentless, API-based, and can be deployed in approximately 30 minutes. Proactively protecting against internal and external threats; while covering data at rest, in motion, and in use. Inside and beyond the company.
ITsMine provides safety and protection to your shared and distributed work environment, along with regulatory compliance. ITsMine’s technology overcomes the major challenges and complexities of...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
SOC Prime TDM is a SaaS community delivering threat detection content that can be used across various SIEM formats and EDR solutions.
SOC Prime Threat Detection Marketplace® (TDM) is a SaaS content platform that allows security professionals to detect and respond to cyber threats, as well as increase ROI for the majority of their SIEM, EDR, NSM and SOAR tools in use. TDM aggregates over 65,000 SIEM & EDR rules, parsers and search queries, and other content mapped directly to the MITRE ATT&CK® framework and compatible with your EDR solution in use, including Microsoft Defender ATP, Carbon Black, CrowdStrike, and Qualys.
SOC Prime Threat Detection Marketplace® (TDM) is a SaaS content platform that allows security professionals to detect and respond to cyber threats, as well as increase ROI for the majority of their...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Microsoft 365 Defender enables businesses to stop attacks with automated, cross-domain security and built-in AI.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed. Microsoft 365 Defender, part of Microsofts XDR solution, leverages the Microsoft 365 security portfolio to automatically analyze threat data across domains, building a complete picture of each attack in a single dashboard. With this breadth and depth of clarity defenders can now focus on critical threats.
Microsoft 365 Defender stops attacks with automated, cross-domain security and built-in AI. As threats become more complex and persistent, alerts increase, and security teams are overwhelmed....

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches.
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches: phishing, malware, and the use of stolen passwords. InsightIDR natively collects data from your endpoints, security logs, & cloud services. Apply user and attacker behavior analytics to your data to find intruder activity at each step of the attack chain. Unify your security data. Detect before things get critical. Respond 20x faster with visual investigations & automation.
InsightIDR is your threat detection & response solution. Find & respond to all of the top attack vectors behind breaches: phishing, malware, and the use of stolen passwords. InsightIDR natively...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent.
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent. It delivers multi-layer endpoint prevention by leveraging signature and signatureless techniques to prevent known and unknown threats in conjunction with behavioral and deception techniques to prevent ransomware and fileless attacks. Defend against tomorrows threats today.
The Cybereason Defense Platform combines managed endpoint prevention, detection, and response in one lightweight agent. It delivers multi-layer endpoint prevention by leveraging signature and...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Suite of solutions designed to secure corporate networks, ensure compliance, and enhance endpoint visibility.
Great Bay Software is helping organizations gain back complete control over their corporate networks. Our technology, the Beacon product suite, solves the lack of endpoint visibility and control that keeps enterprises from fully securing their corporate network. We can help you with: Asset discovery and management, Identity monitoring and threat avoidance, Incident response, Regulatory compliance, Network capacity planning and Device authentication.
Great Bay Software is helping organizations gain back complete control over their corporate networks. Our technology, the Beacon product suite, solves the lack of endpoint visibility and control that...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
EDR solution that enables your to monitor and record activity across your endpoints to accelerate incident response and investigations.
EDR solution that enables your to monitor and record activity across your endpoints to accelerate incident response and investigations.
EDR solution that enables your to monitor and record activity across your endpoints to accelerate incident response and investigations.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cynet 360 is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield.
Cynet 360 is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield.
Cynet 360 is a detection and response security platform specifically created for todays multi-faceted cyber-battlefield.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DataSecurity Plus offers data discovery and real-time server auditing, alerting, and reporting.
DataSecurity Plus is a data visibility and security solution that offers data discovery, file storage analysis, and real-time Windows file server auditing, alerting & reporting. Furthermore, it monitors file integrity; streamlines compliance requirements; generates instant, user-defined email alerts; finds sensitive personal data (PII/ePHI) stored in files, folders, or shares; and automatically executes predefined responses when security threats such as ransomware attacks occur.
DataSecurity Plus is a data visibility and security solution that offers data discovery, file storage analysis, and real-time Windows file server auditing, alerting & reporting. Furthermore, it...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.
A solution and team dedicated to monitoring and responding to cyberattacks before they make an impact.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
FortiEDR provides automated endpoint protection, detection, and response against advanced attacks.
FortiEDR provides automated endpoint protection, detection, and response against advanced attacks.
FortiEDR provides automated endpoint protection, detection, and response against advanced attacks.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
CybrHawk SIEM ZTR provides all the critical tools: IDS, machine learning, Multi Cloud, MDR, EDR, and Threat Hunting.
CybrHawk SIEM ZTR provides all the critical tools: IDS, intelligence risk, behavior, machine learning, cloud info, MDR, EDR, and Threat Hunting. The goal is to provide the entire enterprise with full and total control systems and is the only SIEM in the market that offers Memory Injection in its platform. On the first day, the organization inherits ready-to-use tracking software. Advanced Visibility.
CybrHawk SIEM ZTR provides all the critical tools: IDS, intelligence risk, behavior, machine learning, cloud info, MDR, EDR, and Threat Hunting. The goal is to provide the entire enterprise with full...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
All-in-one unified threat management platform that aims to simplify cybersecurity and reduce its cost.
UTMStack provides complete visibility over the entire organization from a centralized management dashboard. All solutions in the stack are fully integrated and report to a central database: Log Management (SIEM), Vulnerability Management, Access Rights Auditor, Incident Response, HIPS/NIPS, Endpoint Protection, and Dark Web Monitoring. You can monitor almost any cloud environment or SaaS application with ready to use Integrations. UTMStack is currently integrated with Azure, AWS, etc.
UTMStack provides complete visibility over the entire organization from a centralized management dashboard. All solutions in the stack are fully integrated and report to a central database: Log...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cybersecurity solution that helps businesses detect and investigate threats in real-time to prepare and execute action plans.
Cybersecurity solution that helps businesses detect and investigate threats in real-time to prepare and execute action plans.
Cybersecurity solution that helps businesses detect and investigate threats in real-time to prepare and execute action plans.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
DEFEND is a continuous authentication platform that confirms user identity or alerts security teams to detected in real time.
Plurilock DEFEND is an enterprise continuous authentication platform that confirms user identity or alerts security teams to detected intrusions in real time, as regular work is carried out, without otherwise inconveniencing or interrupting users. DEFEND confirms a user’s identity continuously, every 3-5 seconds, for the duration of open session work with no gaps or uncertainty. Preserve a full-day identity trail with the standard keyboards and pointing devices already used.
Plurilock DEFEND is an enterprise continuous authentication platform that confirms user identity or alerts security teams to detected intrusions in real time, as regular work is carried out, without...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Hypori is a highly secure virtual BYOD smartphone solution with 100% separation of personal and enterprise data and zero footprint.
Hypori Virtual Mobility is a highly secure virtual smartphone solution that lets users perform business tasks on their mobile devices while leaving zero footprint and guaranteeing 100% separation of personal and enterprise data. Hypori is centrally managed, cost-effective, and keeps all apps running in the data center. Hypori makes truly secure BYOD a reality.
Hypori Virtual Mobility is a highly secure virtual smartphone solution that lets users perform business tasks on their mobile devices while leaving zero footprint and guaranteeing 100% separation of...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
An end user support platform to manage and reduce support tickets.
An end user support platform to manage and reduce support tickets.
An end user support platform to manage and reduce support tickets.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Cloud-delivered endpoint protection platform, simplifying your Endpoint Protection + Visibility.
Unlike products with complex endpoint technologies that fail to stop attacks, and provide little to no investigation and response capabilities, Zenith delivers (1) best-in-class zero-day protection, (2) complete investigation, (3) the most flexible response, plus (4) security posture analysis. The result is simplified endpoint protection to easily stop cyber-attacks with the people and budget you already have.
Unlike products with complex endpoint technologies that fail to stop attacks, and provide little to no investigation and response capabilities, Zenith delivers (1) best-in-class zero-day protection,...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Frontline.Cloud platform provides organizations with robust, yet easy to deploy, SaaS Vulnerability Management and Threat Detection.
Effective security starts at the Frontline. Digital Defenses Frontline.Cloud platform provides organizations with a robust, yet easy to deploy security solutions. Frontline.Cloud security Software as a Service (SaaS) platform supports multiple systems including Frontline Vulnerability Manager (Frontline VM), Frontline Pen Testing (Frontline Pen Test), Frontline Web Application Scanning (Frontline WAS) and Frontline Active Threat Sweep (Frontline ATS).
Effective security starts at the Frontline. Digital Defenses Frontline.Cloud platform provides organizations with a robust, yet easy to deploy security solutions. Frontline.Cloud security Software as...

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring
Arm your security team with cyber threat intelligence to identify and prioritize threats.
Arm your security team with cyber threat intelligence to identify and prioritize threats.
Arm your security team with cyber threat intelligence to identify and prioritize threats.

Features

  • Anomaly/Malware Detection
  • Remediation Management
  • Prioritisation
  • Whitelisting/Blacklisting
  • Continuous Monitoring

Endpoint Detection and Response Software Buyers Guide

What is endpoint detection and response (EDR) software?

Endpoint detection and response (EDR) software helps organizations continuously monitor, investigate, and respond to active threats that target network endpoints.

An effective EDR system should include the following capabilities:

  • Incident data search and investigation
  • Alert triage or suspicious activity validation
  • Suspicious activity detection
  • Threat hunting or data exploration
  • Stopping malicious activity

EDR software is closely related to endpoint protection software , cybersecurity software , network security software , and vulnerability management software .

The benefits of EDR software

Network breaches are becoming more prevalent and most of the breaches are initiated via endpoints such as desktops, mobile devices, or servers. A well-implemented EDR strategy offers tremendous benefits, such as: 

  • Real-time protection against new threats: AV-Test, an IT security company, registers over 350,000 new malware and potentially unwanted applications every day. EDR software collects endpoint data that offer granular visibility around patterns, behavior, and other clues to identify and highlight potentially harmful applications and new malware in real time. Availability of real-time information can help IT teams safeguard networks from both existing and new threats.
  • Proactive cyber defense using data analytics: EDR solutions are not just restricted to securing endpoints and networks—they also help in investigating threats. EDR solutions continuously monitor online and offline endpoints, and collect data on historical events that can be used to map out guidelines to prevent future incidents. These solutions also provide intelligent feeds to IT security teams that can help them avoid critical damage before it’s too late.

Typical features of EDR software

  • Alerts/notifications: Send alerts and notify critical stakeholders whenever the solution discovers a threat or anomaly in the network.
  • Anomaly/malware detection: Scan and detect potentially dangerous and harmful software that can disrupt or damage an endpoint or gain unauthorized access to a network.
  • Reporting/analytics: View and track metrics related to network security. 
  • Remediation management: Identify and implement steps to restore systems to optimal conditions.
  • Behavioral analytics: Continuously track the behavior of the systems connected to a network to check for anomalies.
  • Continuous monitoring: Continuously assess and monitor system health and application usage.

Considerations when purchasing endpoint detection and response software

  • Basic vs. high-end EDR solution: EDR software typically begins by collecting, storing, and analyzing large amounts of data which it uses to offer security insights to IT teams. Basic solutions may simply collect data and present the information on the screen; the decision to quarantine or delete infected files depends on the in-house security experts. Advanced solutions, on the other hand, may analyze the scan results and then self-clean the system. 
  • Cloud vs. on-premise: Cloud deployment of the software offers benefits such as a lower upfront cost, faster service delivery, and remote management. But it stores your data on third-party servers, which limits your control over your data. If you’re willing to share your business and security data with a third-party service provider, opt for cloud-based option; otherwise, go with on-premise deployment.
  • EDR market to grow: The EDR market is expected to grow at almost 50% annually through 2020 , and most large enterprises will have EDR capabilities by 2025.The growth will be driven by the fact that current EDR implementation spans only 40 million endpoints; there are over 711 million desktops, laptops and other devices that can still utilize this software. 
  • EPP and EDR to consolidate: Endpoint protection platforms (EPP) will consolidate with EDR in the near future, triggered by businesses no longer solely relying on protection solutions; they need more advanced solutions that can detect and respond to live threats while constantly protecting the networks. Approximately 40% of EDR deployments are using both EDR and EPP from the same vendor. Going forward, vendors will bundle their EPP and EDR offerings into one consolidated application.
  • Machine learning and AI : EDR applications collect huge amount of data every minute. It’s not possible for humans to manage and analyze such volume of data. That's why vendors are now adding AI capabilities to their solutions to speed up the scanning process and proactively detect threats. Machine learning helps identify new practices of attacks and update the application based on ever-changing user and endpoint behavior.