Protect your devices 24/7 because work-from-home is now work anytime, anywhere, and the cloud is always on. KARE Vigilance 24/7 EDR works around the clock to keep you safe.

EDR is effectively next-generation antivirus.  Endpoint Detection and Response includes advanced analytics, machine learning and AI to help identify risks which may not yet identified.

Antivirus deals with the known, looking for threats that it understands and blocking them. EDR solutions include traditional antivirus capabilities but add to that advanced analytics making use of cloud computing to identity patterns and anomalies.

EDR solutions are generally considered to provide more comprehensive network security than traditional managed antivirus solutions. They’re more effective than antivirus tools at combating advanced threats to endpoints—which is increasingly important as our modern workplaces grapple with more and more endpoints every day.

EDR brings a lot to the table, including a range of capabilities that many managed antivirus software programs don’t offer. For example, EDR doesn’t use traditional signatures. Instead, it collects data on numerous activities across an endpoint and performs analysis to identify and remediate threats. EDR uses machine learning and artificial intelligence to track potential threats and act on your behalf to remediate and even roll devices back to their pre-attack state—delivering results with both speed and accuracy.

Weaponised documents provide a good example of how an EDR solution works. If an individual makes the mistake of downloading an attachment from a phishing email, the malicious document will attempt to exert control over the device by launching a script so it can download a ransomware payload. An EDR tool will log and monitor this behaviour and, if it has alerting functionality and is configured to do so, it will send you an alert. An advanced EDR solution will even quarantine the ransomware and rollback the endpoint to a known safe state. Some, like KARE EDR, even allow you to disconnect* the infected device from the network—minimising the risk of other devices becoming infected.

Endpoint protection tools can better defend against internal attacks. Internal attacks are especially prevalent among corporate networks, where sharing between devices is common. When an EDR solution identifies suspicious activity, it will block its source and help prevent a potential attack from infiltrating your wider network. One of the great benefits of EDR is it can use AI to act autonomously, delivering a rapid and reasonable response to malicious activity before infection spreads.

The benefits of an EDR solution is recognised by many insurance companies.  “Do you have a EDR solution deployed to all devices” is a common question on Cyber insurance risk assessments.

Kinetics KARE Security Plus includes a powerful EDR solution

*Automatic disconnection is not configured in by default in Plus.   This can be enabled if requested but is recommended only for high sensitivity networks.