OpenText Core EDR is an endpoint detection and response platform that combines endpoint protection, SIEM, and SOAR capabilities in a single solution. The platform is designed for managed service providers (MSPs) and IT teams managing multiple client environments. The solution deploys through a single lightweight agent with pre-configured policies. It correlates events across endpoints, network, and identity data to provide threat visibility. The built-in SIEM component aggregates and analyzes security events in real-time, while the integrated SOAR functionality automates containment, remediation, and investigation through pre-built and customizable playbooks. Core capabilities include vulnerability assessment using CVE standards to detect risks from unpatched software and exposed endpoints, real-time monitoring with continuously updated threat intelligence, and alert prioritization with incident summaries and guided response steps. The platform supports multi-tenant management through a cloud-native console, allowing administrators to monitor and configure multiple client environments from a single interface. It provides syslog and API integrations for connecting with IT, security, network, cloud, and PSA tools. The solution includes logging and incident response capabilities designed to support compliance requirements for standards including NIS2, HIPAA, PCI-DSS, and ISO 27001. For existing OpenText Core Endpoint Protection users, the EDR module can be added without redeployment or configuration changes.