Advanced malware detection
They are resources to combat advanced threats and respond to incidents at network endpoints. These products combine features such as behavior analysis, behavior blocking, application control and application whitelisting, network monitoring, and incident response.
Why is it important
EDRs work by monitoring endpoint and network events. The recorded information is taken to a central database where analysis, detection, investigation, reporting and alerting are performed. That is, not only events can be detected in the moment, but also through the analysis of the already recorded data.