{"id":2419,"date":"2019-01-29T11:22:26","date_gmt":"2019-01-29T15:22:26","guid":{"rendered":"https:\/\/solutionsreview.com\/security-information-event-management\/?p=2419"},"modified":"2019-06-24T14:04:32","modified_gmt":"2019-06-24T18:04:32","slug":"why-you-need-edr-in-your-siem-solution-with-alienvault","status":"publish","type":"post","link":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/","title":{"rendered":"Why You Need EDR in Your SIEM Solution (With AlienVault)"},"content":{"rendered":"<p><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-2122\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg\" alt=\"Why You Need EDR in Your SIEM Solution (With AlienVault)\" width=\"800\" height=\"400\" srcset=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg 800w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup-300x150.jpg 300w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup-768x384.jpg 768w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup-540x270.jpg 540w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup-162x81.jpg 162w, https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup-360x180.jpg 360w\" sizes=\"(max-width: 800px) 100vw, 800px\" \/><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">When we talk about cybersecurity and best practices, we tend to segregate the different branches as if they belong in separate conversations. Endpoint security offers firewalls, port controls, and EDR, as just one example. As another, SIEM provides threat detection, log management, and compliance reporting. The solutions offer separate functions and capabilities and may seem quite unrelated to one another.<\/span><\/p>\n<p style=\"text-align: justify\"><div class=\"widget\"><div class=\"aside-card\">\t\t\t<div class=\"textwidget\"><p><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/security-information-event-management-vendor-map\/\" target=\"_blank\" rel=\"noopener\"><img loading=\"lazy\" decoding=\"async\" class=\"alignleft size-full wp-image-1682\" src=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2020\/02\/SIEM_VM_SB.jpg\" alt=\"Download Link to SIEM Vendor Map\" width=\"800\" height=\"100\" \/><\/a><\/p>\n<\/div>\n\t\t<\/div><\/div><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">However, the distinctions between the two blur their common purpose and obscure the importance of a holistic cybersecurity platform in the enterprise network. Cybersecurity solutions perform optimally when they integrate effectively with each other and utilize their different capabilities. To illustrate, SIEM works best when it incorporates or outright provides endpoint detection and response (EDR), a function typically provided by endpoint security solutions. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? How does EDR supplement threat detection? To gain some insight, \u00a0we read through the \u201c<\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-five-endpoint-attacks-your-antivirus-wont-catch\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">Five Endpoint Attacks Your Antivirus Won\u2019t Catch: A Guide to Endpoint Detection and Response<\/span><\/a><span style=\"font-weight: 400\">\u201d white paper by SIEM solution provider AlienVault. You can download the white paper for yourself <\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-five-endpoint-attacks-your-antivirus-wont-catch\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">here<\/span><\/a><span style=\"font-weight: 400\">. <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>EDR and Threat Detection Begins at the Endpoint <\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">For the uninitiated, endpoint security and SIEM solutions use EDR as a threat detection tool on the endpoint. You can think of it as a safety net; it monitors the endpoint and creates security alerts if a digital threat penetrates the initial preventive security perimeter. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">AlienVault notes threats begin at the endpoint, and for good reason; endpoints constitute the primary point of entry into the network, giving hackers a base from which to launch their attacks. EDR helps to secure these endpoints so they don\u2019t give threat actors an advantage in their efforts. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">So threat detection can\u2019t begin at the network level. It needs to start at the endpoint. That\u2019s where EDR comes in. But why can\u2019t traditional endpoint security adequately protect against modern threats? <\/span><\/p>\n<h3 style=\"text-align: justify\"><b>EDR Steps Up Where Traditional EPP Fails<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">AlienVault cites the Ponemon Institute\u2019s finding that 77% of all reported endpoint compromises in 2017 began with a fileless malware attack. Fileless malware utilizes endpoints\u2019 natural processes rather than downloading a file to perform their malicious functions. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Traditional endpoint security solutions\u00a0don\u2019t possess the preventative or detection capabilities to handle fileless malware attacks. The same applies to other popular and dangerous modern threats such as cryptojacking malware and remote session jacking attacks; they just do not have the capabilities to recognize these threats and remediate them. Without EDR, modern threats will penetrate and infiltrate your network with relative impunity. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Furthermore, hackers have become more subtle in their attacks and have designed their malware to evade detection. Tactics like lateral movement conceal the threats from traditional endpoint prevention and detection and allow hackers broader access into your network and endpoints.<\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">Endpoint detection and response, on the other hand, can monitor for, detect, and remediate threats like fileless malware and cryptojacking. It can also see through evasive tactics and recognize concealed threats in real time. \u00a0\u00a0\u00a0\u00a0<\/span><\/p>\n<h3 style=\"text-align: justify\"><b>EDR in SIEM<\/b><\/h3>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">EDR should be considered a critical part of your SIEM solution\u2019s threat detection capabilities; you need the extra layer of threat detection on your corporate endpoints to keep them secure and functioning optimally. <\/span><\/p>\n<p style=\"text-align: justify\"><span style=\"font-weight: 400\">To learn more about EDR in SIEM, you can download the \u201c<\/span><a href=\"https:\/\/solutionsreview.com\/security-information-event-management\/alienvault-five-endpoint-attacks-your-antivirus-wont-catch\/\" target=\"_blank\" rel=\"noopener noreferrer\"><span style=\"font-weight: 400\">Five Endpoint Attacks Your Antivirus Won\u2019t Catch: A Guide to Endpoint Detection and Response<\/span><\/a><span style=\"font-weight: 400\">\u201d white paper by SIEM solution provider AlienVault.<\/span><\/p>\n<p style=\"text-align: justify\"><br \/>Widget not in any sidebars<br \/><\/p>\n","protected":false},"excerpt":{"rendered":"<p>When we talk about cybersecurity and best practices, we tend to segregate the different branches as if they belong in separate conversations. Endpoint security offers firewalls, port controls, and EDR, as just one example. As another, SIEM provides threat detection, log management, and compliance reporting. The solutions offer separate functions and capabilities and may seem [&hellip;]<\/p>\n","protected":false},"author":41,"featured_media":2122,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"inline_featured_image":false,"footnotes":""},"categories":[551],"tags":[175,353,95,145,403,270,112,86,21,57,22],"acf":[],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v23.5 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>Why You Need EDR in Your SIEM Solution (With AlienVault)<\/title>\n<meta name=\"description\" content=\"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault&#039;s research to learn more.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Why You Need EDR in Your SIEM Solution (With AlienVault)\" \/>\n<meta property=\"og:description\" content=\"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault&#039;s research to learn more.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/\" \/>\n<meta property=\"og:site_name\" content=\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\" \/>\n<meta property=\"article:published_time\" content=\"2019-01-29T15:22:26+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2019-06-24T18:04:32+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"800\" \/>\n\t<meta property=\"og:image:height\" content=\"400\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Ben Canner\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Ben Canner\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"3 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/\",\"name\":\"Why You Need EDR in Your SIEM Solution (With AlienVault)\",\"isPartOf\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage\"},\"image\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage\"},\"thumbnailUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg\",\"datePublished\":\"2019-01-29T15:22:26+00:00\",\"dateModified\":\"2019-06-24T18:04:32+00:00\",\"author\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\"},\"description\":\"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault's research to learn more.\",\"breadcrumb\":{\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg\",\"contentUrl\":\"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg\",\"width\":800,\"height\":400,\"caption\":\"AI in SIEM: The Benefits for Enterprises of All Sizes\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Why You Need EDR in Your SIEM Solution (With AlienVault)\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#website\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/\",\"name\":\"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors\",\"description\":\"Buyer&#039;s Guide and Best Practices\",\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541\",\"name\":\"Ben Canner\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g\",\"caption\":\"Ben Canner\"},\"description\":\"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.\",\"url\":\"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/\"}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"Why You Need EDR in Your SIEM Solution (With AlienVault)","description":"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault's research to learn more.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/","og_locale":"en_US","og_type":"article","og_title":"Why You Need EDR in Your SIEM Solution (With AlienVault)","og_description":"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault's research to learn more.","og_url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/","og_site_name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","article_published_time":"2019-01-29T15:22:26+00:00","article_modified_time":"2019-06-24T18:04:32+00:00","og_image":[{"width":800,"height":400,"url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg","type":"image\/jpeg"}],"author":"Ben Canner","twitter_misc":{"Written by":"Ben Canner","Est. reading time":"3 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/","url":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/","name":"Why You Need EDR in Your SIEM Solution (With AlienVault)","isPartOf":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website"},"primaryImageOfPage":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage"},"image":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage"},"thumbnailUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg","datePublished":"2019-01-29T15:22:26+00:00","dateModified":"2019-06-24T18:04:32+00:00","author":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541"},"description":"Why should SIEM incorporate EDR? What kinds of threats can EDR help prevent or mitigate? We read AlienVault's research to learn more.","breadcrumb":{"@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#primaryimage","url":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg","contentUrl":"https:\/\/solutionsreview.com\/security-information-event-management\/files\/2018\/08\/Backup.jpg","width":800,"height":400,"caption":"AI in SIEM: The Benefits for Enterprises of All Sizes"},{"@type":"BreadcrumbList","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/why-you-need-edr-in-your-siem-solution-with-alienvault\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/solutionsreview.com\/security-information-event-management\/"},{"@type":"ListItem","position":2,"name":"Why You Need EDR in Your SIEM Solution (With AlienVault)"}]},{"@type":"WebSite","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#website","url":"https:\/\/solutionsreview.com\/security-information-event-management\/","name":"Best Information Security SIEM Tools, Software, Solutions &amp; Vendors","description":"Buyer&#039;s Guide and Best Practices","potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/solutionsreview.com\/security-information-event-management\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Person","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/357f925262827fcf840b4341920a1541","name":"Ben Canner","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/solutionsreview.com\/security-information-event-management\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/63f68345052a446ce0cc9c802dd3f373?s=96&d=mm&r=g","caption":"Ben Canner"},"description":"Ben Canner is an enterprise technology writer and analyst covering Identity Management, SIEM, Endpoint Protection, and Cybersecurity writ large. He holds a Bachelor of Arts Degree in English from Clark University in Worcester, MA. He previously worked as a corporate blogger and ghost writer. You can reach him via Twitter and LinkedIn.","url":"https:\/\/solutionsreview.com\/security-information-event-management\/author\/bcanner\/"}]}},"_links":{"self":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2419"}],"collection":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/users\/41"}],"replies":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/comments?post=2419"}],"version-history":[{"count":0,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/posts\/2419\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media\/2122"}],"wp:attachment":[{"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/media?parent=2419"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/categories?post=2419"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/solutionsreview.com\/security-information-event-management\/wp-json\/wp\/v2\/tags?post=2419"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}