Endpoint Detection and Response Tools
Endpoint Detection and Response (EDR) solutions for real-time endpoint monitoring, threat detection, incident investigation, and automated response on endpoints.
Browse 86 endpoint detection and response tools
FEATURED
USE CASES
AI-based on-device endpoint agent for DLP, insider threat, and AI security.
Enterprise endpoint security platform with EDR, XDR, and risk analytics.
Behavior-based detection with proactive remediation capabilities for endpoints
A tool to locally check for signs of a rootkit with various checks and tests.
AI-powered ransomware detection & response agent with pre-execution blocking.
Endpoint agent detecting in-memory malicious code execution on Windows.
User-mode Windows agent detecting in-memory & out-of-context code execution.
Endpoint utility for EDR/XDR alert validation and user phishing reporting.
Continuously verifies OS kernel runtime integrity using NSA-licensed technology.
Kernel-level runtime integrity verification using NSA-licensed technology.
European EPP+EDR+ASM platform with IKARUS malware engine in a single agent.
Unified endpoint control plane combining EDR, EPP, and XDR with NAC/ZTNA enforcement.
On-premises/hybrid EDR with local threat detection, response, and NAC integration.
eBPF-based, AI-driven EDR for edge, containers, and critical infra.
Managed EPP, EDR, and patch management service for business endpoints.
Cross-platform EDR sensor for endpoint threat detection and telemetry.
AI-powered EDR for fileless malware detection and automated threat analysis
AI-powered EDR detecting zero-day threats & APTs via behavioral analysis
Ransomware-specific detection tool for rapid identification of extortion attacks
AI-driven endpoint protection platform for threat detection and response
Endpoint security agent with ZTNA, EDR, and secure remote access capabilities
Policy-based EDR solution monitoring endpoints for IoCs with automated responses
EDR platform with integrated SIEM and SOAR for unified threat detection
EDR platform for APT threat hunting and ransomware prevention with MDR
Endpoint Detection and Response Tools FAQ
Common questions about Endpoint Detection and Response tools, selection guides, pricing, and comparisons.
A good EDR should collect: process creation and termination events, file system modifications, registry changes (Windows), network connections, DNS queries, loaded modules and libraries, user authentication events, command-line arguments, and script execution details. This telemetry enables threat hunting, incident investigation, and behavioral detection of attacks like living-off-the-land techniques.
