EDR gives visibility form a threat in a single endpoint to the threat level of the entire organization by continuous monitoring. It does not matter how many endpoints you have, 100 or 100 Million, you will get a complete record of endpoint activity over time.
Falcon Insight automatically identifies threat activity and prevent them by continuously monitoring all endpoint activity and analysis data in real time.
Falcon Insight accelerates security operations, allowing users to minimize efforts spent handling alerts and quickly investigate and respond to attacks.
EDR simplifies operations with signatureless protection and software-as-a-service (SaaS) delivery. Customers can deploy the cloud-delivered Falcon agent to more than 100,000 endpoints globally in less than 24 hours.
How EDR Works?
EDR is installed and the system begins monitoring for threats.
Uses behavioral analysis to remember and connect activities.
Detects and reports any potential malicious activity.
Advanced algorithms compile a path backwards towards the most probable breach point.
The technology processes all data points into narrow categories for easier review.
Analysts and engineers review alerts and pass information on to clients.