What are the Limits of EDR for the Enterprise?

What are the Limits of EDR for the Enterprise?

Endpoint detection and response (EDR) has become one of the critical capabilities in modern endpoint protection platforms. No less an authority than research firm Gartner has stated as much.

Why has endpoint detection and response become such a vital capability in endpoint protection? The cybersecurity paradigm is shifting from a prevention-based model to a detection-based model. Endpoint security, which previously focused on preventive capabilities, is evolving to keep up with changing enterprise priorities. EDR represents essential threat detection for an era of more porous and expansive enterprise IT perimeters.

Yet in this threat landscape, does EDR have its limitations?

The IoT: The Risks Inherent

The benefits of the Internet of Things (IoT) in the workplace can seem innumerable: greater connectivity, more productivity, greater efficiency, etc.        

However, the risk of the IoT can be just as overwhelming. IoT devices can remain hidden from endpoint detection and response capabilities and from the network at large. As these connected devices are usually designed without any regard for cybersecurity, this is more than a slight concern. They can become a convenient security hole for digital threat actors into your network and databases.  

The IoT devices in your network fall under the umbrella of corporate endpoints. Can your EDR capabilities handle IoT devices? The answer to this question may determine your enterprise’s safety.

EDR Beyond the Endpoint

The modern corporate network is more than endpoints. It also includes the cloud, network data, and log data. According to some experts, endpoint detection and response focuses on the endpoint to the detriment of other digital security event locations. However, not all experts believe this or believe it is necessary for EDR to offer threat detection in these areas. EDR functions best when paired with other detection solutions like SIEM or security analytics.

A comprehensive cybersecurity platform involves both endpoint protection and threat detection. It is essential to ensure the latter meets expectations.  

Other Resources: 

You Need to Hire More Female Cybersecurity Professionals

In Focus: The Desperate Shortage of Women in Cyber Security

Gartner’s 2018 Magic Quadrant for Endpoint Protection Platforms (EPP): What’s Changed?

4 Tips For Endpoint Security Solutions (That Everyone Forgets)

Comparing the Top Endpoint Security Vendors — Solutions Review

Answering the Top 4 Enterprise Endpoint Security Questions

What Can We Expect for the Future of Endpoint Security?

Six Endpoint Security Vendors to Watch in 2018

The 25 Best Endpoint Security Platforms and Tools of 2018

Ben Canner
Follow me

Leave a Reply

Your email address will not be published.