Endpoint Detection and Response Tools
Endpoint Detection and Response (EDR) solutions for real-time endpoint monitoring, threat detection, incident investigation, and automated response on endpoints.
Browse 80 endpoint detection and response tools
FEATURED
USE CASES
EDR platform detecting and remediating endpoint threats with ML-based analysis
EDR solution for endpoint threat detection and response capabilities
AI-powered endpoint protection with integrated EPP and EDR capabilities
EDR solution for endpoint threat detection and response capabilities
EDR platform with automated cross-endpoint correlation and prevention-first approach
Next-gen antivirus & EDR with pattern/behavior detection engines
AI-driven EDR for threat detection, response, and investigation on endpoints
EDR solution with ransomware recovery, threat detection, and access control
EDR solution with behavioral analytics and MITRE ATT&CK mapping
EDR solution with Zero Trust architecture and AI-based malware detection
AI-powered EDR solution for endpoint threat detection and automated response
Autonomous EDR preventing data theft, ransomware & identity theft attacks
Cutting-edge technology for developing security applications within the Linux kernel.
Do Not Disturb is a free open-source macOS security tool that detects unauthorized physical access to laptops.
Comprehensive cybersecurity platform for hybrid and multi-cloud environments
Multiplatform endpoint security with detection and response capabilities
AI-powered endpoint protection, detection, and response platform
Open-source tool for monitoring macOS hosts with detailed system activity insights.
A Unix-based tool that scans for rootkits and other malware on a system, providing a detailed report of the scan results.
An Event Hub to gather, process, and monitor system events and link them to an inventory.
An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.
A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.
Monitor WMI consumers and processes for potential malicious activity
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
Endpoint Detection and Response Tools FAQ
Common questions about Endpoint Detection and Response tools, selection guides, pricing, and comparisons.
A good EDR should collect: process creation and termination events, file system modifications, registry changes (Windows), network connections, DNS queries, loaded modules and libraries, user authentication events, command-line arguments, and script execution details. This telemetry enables threat hunting, incident investigation, and behavioral detection of attacks like living-off-the-land techniques.
Yes. Out of 24 endpoint detection and response tools listed on CybersecTools, 10 are free and 14 are commercial. Free tools work well for small teams, testing, and budget-conscious organizations. Commercial tools typically add enterprise features, dedicated support, and SLA guarantees.
