https://www.channelfutures.com/wp-content/themes/channelfutures_child/assets/images/logo/footer-new-logo.png
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
Channel Futures
  • NEWSLETTER
  • Home
  • Technologies
    • Back
    • SDN/SD-WAN
    • Cloud
    • RMM/PSA
    • Security
    • Telephony/UC/Collaboration
    • Cable
    • Mobility & Wireless
    • Fiber/Ethernet
    • Data Centers
    • Backup & Disaster Recovery
    • IoT
    • Desktop
    • Artificial Intelligence
    • Analytics
  • Strategy
    • Back
    • Mergers and Acquisitions
    • Channel Research
    • Business Models
    • Distribution
    • Master Agents
    • Sales & Marketing
    • Best Practices
    • Vertical Markets
    • Regulation & Compliance
    • Diversity & Inclusion
  • MSSP Insider
  • MSP 501
    • Back
    • Apply Now
    • 2020 MSP 501 Rankings
    • 2020 Hot 101 Rankings
    • 2020 MSP 501 Report
  • Intelligence
    • Back
    • Galleries
    • Podcasts
    • Videos
    • From the Industry
    • Reports/Digital Issues
    • Webinars
    • White Papers
    • Channel Educational Series
  • EMEA
  • Channel Chatter
    • Back
    • People on the Move
    • New/Changing Channel Programs
    • New Products & Services
    • Industry Honors
    • Channel Convergence
  • Resources
    • Back
    • Advisory Boards
    • Industry Organizations
    • Our Sponsors
    • Content Resources
  • Awards
    • Back
    • 2021 MSP 501
    • Circle of Excellence
    • Excellence in Digital Services
    • Top Gun 51
  • Events
    • Back
    • CP Conference & Expo
    • Channel Evolution Europe
    • Channel Partners Event Coverage
    • Webinars
    • Industry Events
  • DE&I
    • Newsletter
  • REGISTER
  • MSPs
  • VARs / SIs
  • Agents
  • Cloud Service Providers
  • Channel Partners Events
 Channel Futures

From the Industry


Getty Images

Sponsor Content

EDR

5 Things MSPs Should Consider When Evaluating EDR

  • Written by Carbonite Guest Blogger
  • March 15, 2021
MSPs should evaluate the needs EDR will satisfy, the level of effort it takes to implement, and how EDR fits into their overall service offering.

Buzzwords and acronyms abound in the MSP industry, an unfortunate byproduct of marketing years in the making. Cybersecurity is a hot watercooler topic at any business. Well, now probably more likely a virtual happy hour than a watercooler, but, nevertheless, cybersecurity remains top of mind.

To sleep at night, MSPs feel they must enhance or expand their security offerings beyond the standard layers, like firewalls, firewall filtering, Active Directory protocols, DNS filtering and antivirus/malware detection. One of the ways many MSPs feel they can satiate their cybersecurity concerns involves buzzword-y new acronyms floating around involving “EDR” or endpoint detection and response. But what is EDR really, and what can it do for MSPs and their clients?

But, first, besides EDR, there’s also ADR, MDR, xDR … The industry can surely expect newer blank-DR acronyms to come in the next few years. What are all these acronyms, and how do they help MSPs protect their clients? Here are a few definitions:

  • EDR (endpoint detection and response): Technically, every security agent sitting on an endpoint is an EDR solution. The information the agents feed back to administrators determines what action to take and when.
  • ADR (automatic detection and response): Newer technology allows the agent to automatically make a decision without human intervention. Ideally, ADR automatically remediates a situation and reports to the administrators on action taken.
  • xDR: This newer acronym refers to agents across a network communicating to make a remediation decision or report decisions across multiple endpoints.
  • MDR (managed detection and response): A best-of-breed solution using EDR, ADR and possibly xDR tools in various combinations, MDR allows a human team to make decisions and respond to situations. While more complex and administration- heavy, MDR closes the gap that arises when suspicious applications are being monitored and observed, but not reacted to by an ADR or xDR solution. Human-driven MDR ferrets out the suspicious and reacts.

Here are five things MSPs should consider when evaluating EDR solutions.

1. All security tools with an endpoint agent are basically EDR.

Their job is to detect malicious code, applications, scripts or other malicious files and make a status determination on the fly. Most security agents use various methods like physically scanning file hashes, scanning file content, watching behaviors, looking at scripts and detecting known attack surfaces to try to ascertain if a newly encountered file is good or bad.

How the security agent reports its activity depends on the EDR tool. So, while many security tools claim they offer an “EDR” solution, the key is to determine the level of threat, suspicions, and action taken in reporting or alerting that adds value for MSPs.

2. The “R,” or response, is key to a successful EDR solution.

While many security tools report and alert, the level of response is the most important aspect of any security practice. If the security agent provides minimal information for decision making, it’s of limited use to the technical personnel responsible for intervening.

On the other hand, technicians can take advantage of security tools with consoles that display alerts, reports and visibility into whether an agent responded, how the agent responded and the agent’s current status. Too often, tools don’t provide necessary insight for reviewing or comparing threat data or approaches–like the MITRE attack framework or other sites with relevant threat information.

Solutions with a more comprehensive APIs are advantageous for custom review, integration into more dedicated threat review tools, or for alerting through a log gathering and reporting tool. APIs are valuable for providing added information from which human technicians can make decisions.

3. What can be done with the EDR information? Is it actionable?

Once a tool has been selected, what should be done with the information it provides? Answering this is key to

  • Page 1
  • Page 2
Tags: MSPs Best Practices From the Industry Intelligence Security Strategy Carbonite Sponsor Content

Related


  • Exercising Your Organization’s Data Loss Recovery Abilities
    The ability to recover from data loss is a measure of cyber fitness.
  • Disaster Recovery
    Disaster Recovery Planning Includes Ensuring That Data Can Be Recovered
    Here’s how to ensure that your disaster recovery solution will work when it matters.
  • data migration
    The Right Data Migration Tool Helps Schools Move to Cloud During COVID Crisis
    Effective data migration tools enable schools to move to a secure cloud environment, making applications and content easier to access, as well as mitigating the risk of data loss.
  • Cloud migration
    Cloud Migration Hurdles—and How to Overcome Them
    Cloud migration is hardly a seamless affair, but organizations can effectively leverage the cloud with the right planning and tools.

Leave a comment Cancel reply

-or-

Log in with your Channel Futures account

Alternatively, post a comment by completing the form below:

Your email address will not be published. Required fields are marked *

Related Content

  • The Roots and Future of Ransomware
  • Data Loss Disasters Come in Many Forms
  • Why Partner with Carbonite?
  • 3 Secrets to Data Encryption

Galleries

View all

AT&T, Comcast, Cisco, Microsoft, 8×8 Unveil New Products, Services

April 15, 2021

Industry Perspectives

View all

How Tech Is Transforming Public Safety–and the Implications for Channel Partners

April 15, 2021

Exercising Your Organization’s Data Loss Recovery Abilities

April 13, 2021

Why MSPs Need to Shift from Cyber Security to Cyber Resilience

April 13, 2021

Webinars

View all

What to Look For: 2021 Threat Report

April 22, 2021

Health Care and SD-WAN: A Seller’s Guide

April 27, 2021

How MSPs Can Leverage SOCaaS to Improve Security & Grow Revenue

May 4, 2021

White Papers

View all

Carbonite Data Protection and Cyber Resilience

April 15, 2021

Top Tips: How Resellers Can Leverage Rackspace to Enhance Customer’s Cyber Security Protection with Microsoft 365 Security

March 30, 2021

Top Tips: Optimize Your Microsoft 365 Investment with Rackspace Technology

March 30, 2021

Upcoming Events

View all

MSP Summit

November 1, 2021 - November 2, 2021

Channel Partners Conference & Expo

November 1, 2021 - November 4, 2021

Channel Evolution Europe

November 30, 2021 - December 1, 2021

Videos and Fastchats

View all

5 Reasons Diversity, Equity and Inclusion Is Important

Five9 Shares Insights on Implementing a DE&I Strategy

April 13, 2021

FASTCHAT: How Fortinet Reduces Complexity Through Networking, Security

March 31, 2021

Strong Customer Experience Needs Strong Partner Experience

December 22, 2020

Twitter

ChannelFutures

RT @alysfitz: 67% of respondents reported burning out since the COVID-19 pandemic hit. We need to do better to support #WomenInTech, especi…

April 16, 2021
ChannelFutures

RT @AllianceofCW: #ACW members Mayka Rosales-Peterson and Raquel Wiley were elected to @ChannelFutures' #Diversity, #Equity, & #Inclusion B…

April 16, 2021
ChannelFutures

.@ZiplyFiber rolls out agent #partnerprogram. #networking dlvr.it/RxmM4K

April 16, 2021
ChannelFutures

New #Microsoft #SurfaceLaptop4 is an incremental update with an improved CPUs webcam, speakers and dual mics.… twitter.com/i/web/status/1…

April 16, 2021
ChannelFutures

.@okta hires @InsightEnt vet as global channel chief. #cybersecurity dlvr.it/RxmM20 https://t.co/ImWRZp2qHt

April 16, 2021
ChannelFutures

These technology trends are transforming #public safety @GetWirelessLLC #firstresponders #cloud #connectivity #IoT… twitter.com/i/web/status/1…

April 15, 2021
ChannelFutures

.@intel has appointed 24-year Intel veteran Dawn Jones as chief diversity and inclusion officer (CDIO) and vice pre… twitter.com/i/web/status/1…

April 15, 2021
ChannelFutures

.@Allied_MR: @F5, @FireEye, @IBM among leaders in rapidly expanding global #cybersecurity market.… twitter.com/i/web/status/1…

April 15, 2021

MSSP Insider

Business advice for MSSPs and news from the broader security channel.

Newsletters and Updates

Sign up for The Channel Report, Channel Futures Update, MSP 501 Newsletter and more.

Live Channel Events

Get the latest information on the next industry-leading Channel Partners event.

Galleries

Educational slide shows and images from live events.

Media Kit And Advertising

Want to reach our audience? Access our media kit.

DISCOVER MORE FROM INFORMA TECH

  • Channel Partners Events
  • Telecoms.com
  • MSP 501
  • Black Hat
  • IoT World Today
  • Omdia

WORKING WITH US

  • Contact
  • About Us
  • Advertise
  • Newsletter

FOLLOW Channel Futures ON SOCIAL

  • Privacy
  • CCPA: “Do Not Sell My Data”
  • Cookie Policy
  • Terms
Copyright © 2021 Informa PLC. Informa PLC is registered in England and Wales with company number 8860726 whose registered and Head office is 5 Howick Place, London, SW1P 1WG.
This website uses cookies, including third party ones, to allow for analysis of how people use our website in order to improve your experience and our services. By continuing to use our website, you agree to the use of such cookies. Click here for more information on our Cookie Policy and Privacy Policy.
X