Gartner Blog Network

Category: 'edr' Blog Posts

from the Gartner Blog Network

Our 2018 Update for "Endpoint Detection and Response Architecture and Operations Practices" Publishes

by Anton Chuvakin  |  December 14, 2018

Our main EDR document (“Endpoint Detection and Response Architecture and Operations Practices”) was just updated by Jon Amato, and it looks much better now. The abstract states “’Increasing complexity and...

Read more »

Let’s Go Fight IT for Logs? Agents? Taps?

by Anton Chuvakin  |  November 1, 2018

This is a depressing post about security in the real world (what … another one?) In any case, we are having those enlightened debates about log analysis (via SIEM/UEBA), network...

Read more »

All My Research Published in 2016

by Anton Chuvakin  |  December 22, 2016

To make it easy for my readers to find my research, here is the list of everything I published in 2016 [most co-authored with Augusto Barros]. Gartner GTP access is...

Read more »

Our "Comparison of Endpoint Detection and Response Technologies and Solutions" Paper Publishes

by Anton Chuvakin  |  June 20, 2016

Our 2nd EDR paper has published: enjoy the “Comparison of Endpoint Detection and Response (EDR) Technologies and Solutions” [Gartner GTP access required]. The summary states that “Endpoint detection and response...

Read more »

Our Paper "Endpoint Detection and Response Tool Architecture and Operations Practices" Publishes

by Anton Chuvakin  |  May 26, 2016

OK, I am being very late here, but the 1st of 2 of our 2016 EDR papers titled “Endpoint Detection and Response Tool Architecture and Operations Practices” has published. Augusto...

Read more »

One More Time On EDR Use Cases

by Anton Chuvakin  |  May 3, 2016

Our first EDR paper is about to be published, but I wanted to draw your attention to my favorite topic – the use cases. We touched on the EDR (back...

Read more »

EDR Tool Wins - Only For The Enlightened?

by Anton Chuvakin  |  April 25, 2016

We are nearing the end of our Endpoint Detection and Response (EDR) research project; we just pushed our first paper – on EDR operational practices – into review and are...

Read more »

EDR Mud Fight: Kernel or Userland?

by Anton Chuvakin  |  March 18, 2016

I am feeling adventurous, so let’s have an EDR mud fight [pillow fight?] – kernel or userland agent? Top Pros Top Cons Kernel mode EDR agent Better resilience vs the...

Read more »