Gartner Blog Network

Category: 'endpoint' Blog Posts

from the Gartner Blog Network

Our 2018 Update for "Endpoint Detection and Response Architecture and Operations Practices" Publishes

by Anton Chuvakin  |  December 14, 2018

Our main EDR document (“Endpoint Detection and Response Architecture and Operations Practices”) was just updated by Jon Amato, and it looks much better now. The abstract states “’Increasing complexity and...

Read more »

Is SIEM The Best Threat Detection Technology, Ever?

by Anton Chuvakin  |  August 7, 2017

That’d be a “NO” – those of my readers who are “anti-SIEM” can calm down now :–) Well…. let me explain and perhaps you will see that the answer evolves...

Read more »

Comments: 21

Our "Comparison of Endpoint Detection and Response Technologies and Solutions" Paper Publishes

by Anton Chuvakin  |  June 20, 2016

Our 2nd EDR paper has published: enjoy the “Comparison of Endpoint Detection and Response (EDR) Technologies and Solutions” [Gartner GTP access required]. The summary states that “Endpoint detection and response...

Read more »

Comments: 2

EDR Tool Wins - Only For The Enlightened?

by Anton Chuvakin  |  April 25, 2016

We are nearing the end of our Endpoint Detection and Response (EDR) research project; we just pushed our first paper – on EDR operational practices – into review and are...

Read more »

Comments: 5

EDR Mud Fight: Kernel or Userland?

by Anton Chuvakin  |  March 18, 2016

I am feeling adventurous, so let’s have an EDR mud fight [pillow fight?] – kernel or userland agent? Top Pros Top Cons Kernel mode EDR agent Better resilience vs the...

Read more »

Comments: 15

EDR Research Commencing: Call To Action!

by Anton Chuvakin  |  January 27, 2016

As we mentioned in this post, we are about the visit the land of EDR (formerly: ETDR) in order to update Gartner GTP EDR coverage and to create one new...

Read more »

Comments: 6

Where Does EDR End and "NG AV" Begin?

by Anton Chuvakin  |  December 3, 2015

What is the difference between Endpoint Detection and Response (EDR, previously named ETDR) and “NG anti-virus” (“NG AV” is not an official term)? Specifically, where EDR ends and AV begins?...

Read more »

Comments: 4

Reality Check on EDR / ETDR

by Anton Chuvakin  |  July 23, 2015

How exciting is Endpoint Detection and Response (EDR) technology? -- Sorry to piss on your parade, but for many organizations it is NOT exciting at all. Look, it is hard...

Read more »

Comments: 8

My Paper on Endpoint Tools Publishes

by Anton Chuvakin  |  September 26, 2013

My paper on endpoint threat detection and response tools and practices (“Endpoint Threat Detection and Response Tools and Practices”) just published [Gartner GTP subscription required] Summary: Increased complexity and frequency...

Read more »

Comments: 5

Endpoint Threat Detection & Response Deployment Architecture

by Anton Chuvakin  |  August 5, 2013

Now that we have a name [ETDR], let’s talk deployment strategies. On what systems in your organization do you want to deploy the tools that simplify your security incident response...

Read more »