사이버 보안의 언어
Endpoint detection and response (EDR) solutions detect and investigate suspicious activities and other problems on network hosts and endpoints. Offering an additional layer of protection above that of traditional anti-virus software, EDR is meant to counter hackers seeking to install malware used to steal passwords, record keystrokes, encrypt files and hold them for ransom, or perform other malicious activity. EDR gathers and analyzes information on possible security threats from computer workstations and other endpoints, and alerts IT staff to potential and active attacks.
Breaking It Down: Endpoint, Detection and Response
Endpoint. An endpoint is any device that people or software use to connect to a network. An endpoint’s operating system and applications may allow users to connect to the internet, send and receive email, process financial transactions or perform many other activities. Some common endpoints include:
- Desktop and laptop computers
- Smartphones and tablets
- Servers
- Workstations
- Internet-of-things (IoT) devices
Related resources
[1] Michael Hill, “70% of Orgs Facing New Security Challenges Due to #COVID19 Pandemic,” Infosecurity Magazine, March 1, 2021.
