Endpoint Detection and Response Tools
Endpoint Detection and Response (EDR) solutions for real-time endpoint monitoring, threat detection, incident investigation, and automated response on endpoints.
Browse 80 endpoint detection and response tools
FEATURED
USE CASES
AI-based on-device endpoint agent for DLP, insider threat, and AI security.
Enterprise endpoint security platform with EDR, XDR, and risk analytics.
Behavior-based detection with proactive remediation capabilities for endpoints
A tool to locally check for signs of a rootkit with various checks and tests.
Agentless Linux EDR platform for threat detection and incident response.
Runtime enforcement platform with 22 modules on one SIGMA engine, offline-capable.
AI-powered ransomware detection & response agent with pre-execution blocking.
Endpoint agent detecting in-memory malicious code execution on Windows.
Endpoint utility for EDR/XDR alert validation and user phishing reporting.
Kernel-level runtime integrity verification using NSA-licensed technology.
European EPP+EDR+ASM platform with IKARUS malware engine in a single agent.
Unified endpoint control plane combining EDR, EPP, and XDR with NAC/ZTNA enforcement.
On-premises/hybrid EDR with local threat detection, response, and NAC integration.
eBPF-based, AI-driven EDR for edge, containers, and critical infra.
Managed EPP, EDR, and patch management service for business endpoints.
Cross-platform EDR sensor for endpoint threat detection and telemetry.
AI-powered EDR detecting zero-day threats & APTs via behavioral analysis
Ransomware-specific detection tool for rapid identification of extortion attacks
AI-driven endpoint protection platform for threat detection and response
Endpoint security agent with ZTNA, EDR, and secure remote access capabilities
Policy-based EDR solution monitoring endpoints for IoCs with automated responses
EDR platform with integrated SIEM and SOAR for unified threat detection
EDR platform for APT threat hunting and ransomware prevention with MDR
Real-time endpoint threat investigation and incident response platform
Endpoint Detection and Response Tools FAQ
Common questions about Endpoint Detection and Response tools, selection guides, pricing, and comparisons.
A good EDR should collect: process creation and termination events, file system modifications, registry changes (Windows), network connections, DNS queries, loaded modules and libraries, user authentication events, command-line arguments, and script execution details. This telemetry enables threat hunting, incident investigation, and behavioral detection of attacks like living-off-the-land techniques.
