What is EDR

 EDR (Endpoint Detection and Response) are tools built on end-user devices, based on increasing information security and reducing data breaches. In addition to antivirus elements, EDR tools increase the visibility of threats and facilitate forensic analysis with features such as real-time anomaly detection, warning, tracking and recording of processes running on endpoints. EDR logs every file execution and modification, registry change, network connection and miscellaneous operations, increasing the visibility of threats. In summary, EDR systems have been developed for end-user devices to detect and respond to sophisticated malware and cyber attacks. For example, the black-box on airplanes records a lot of information such as altitude, speed, fuel and altitude, and this information can be analyzed after an accident and used to prevent future accidents. Likewise, EDR systems help to prevent a possible cyber attack with both the detection of the attack and the data collected before/after