Gartner Blog Network

Category: 'etdr' Blog Posts

from the Gartner Blog Network

Our "Comparison of Endpoint Detection and Response Technologies and Solutions" Paper Publishes

by Anton Chuvakin  |  June 20, 2016

Our 2nd EDR paper has published: enjoy the “Comparison of Endpoint Detection and Response (EDR) Technologies and Solutions” [Gartner GTP access required]. The summary states that “Endpoint detection and response...

Read more »

Comments: 2

Our Paper "Endpoint Detection and Response Tool Architecture and Operations Practices" Publishes

by Anton Chuvakin  |  May 26, 2016

OK, I am being very late here, but the 1st of 2 of our 2016 EDR papers titled “Endpoint Detection and Response Tool Architecture and Operations Practices” has published. Augusto...

Read more »

Comments: 2

One More Time On EDR Use Cases

by Anton Chuvakin  |  May 3, 2016

Our first EDR paper is about to be published, but I wanted to draw your attention to my favorite topic – the use cases. We touched on the EDR (back...

Read more »

Comments: 2

EDR Tool Wins - Only For The Enlightened?

by Anton Chuvakin  |  April 25, 2016

We are nearing the end of our Endpoint Detection and Response (EDR) research project; we just pushed our first paper – on EDR operational practices – into review and are...

Read more »

Comments: 5

EDR Mud Fight: Kernel or Userland?

by Anton Chuvakin  |  March 18, 2016

I am feeling adventurous, so let’s have an EDR mud fight [pillow fight?] – kernel or userland agent? Top Pros Top Cons Kernel mode EDR agent Better resilience vs the...

Read more »

Comments: 15

Using EDR For Remediation?

by Anton Chuvakin  |  March 11, 2016

“Do you believe in bible? - Totally, man, I’ve seen one!” OK, do you believe in APT automatic remediation? In fact, have you seen one done successfully? BTW, here we...

Read more »

Comments: 11

EDR Research Commencing: Call To Action!

by Anton Chuvakin  |  January 27, 2016

As we mentioned in this post, we are about the visit the land of EDR (formerly: ETDR) in order to update Gartner GTP EDR coverage and to create one new...

Read more »

Comments: 6

A Quick Update on Our Research

by Anton Chuvakin  |  December 29, 2015

Since some of you are asking, here is what is cooking…. Just done: vulnerability assessment and vulnerability management (finished Nov 2015) “How to Implement Enterprise Vulnerability Assessment” “A Guidance Framework...

Read more »

Where Does EDR End and "NG AV" Begin?

by Anton Chuvakin  |  December 3, 2015

What is the difference between Endpoint Detection and Response (EDR, previously named ETDR) and “NG anti-virus” (“NG AV” is not an official term)? Specifically, where EDR ends and AV begins?...

Read more »

Comments: 4

Your SOC Nuclear Triad

by Anton Chuvakin  |  August 4, 2015

Let’s talk modern SOC tools. The analogy I’d like to use is that of a “Nuclear Triad” – a key cold war concept. The triad consisted of strategic bombers, ICBMs...

Read more »

Comments: 12