How do EDR solutions differ to endpoint protection products (EPP)?
Endpoint Detection and Response (EDR) solutions and endpoint protection products (EPP) serve different purposes in the threat landscape. EPP products can only identify and block known threats; for example, by scanning the endpoint for malware.
EDR solutions, on the other hand, are designed to detect abnormal activity on endpoints by installing sensors or agents, which then gather behavioral data to detect unknown malware vulnerabilities. This data is continually monitored, and most EDR solutions offer dashboard and report capabilities that alert you if a threat has been detected.
EPP products and EDR solutions will co-exist for some time going forward to ensure comprehensive protection for all eventualities.
For F-Secure's EDR solution, see F-Secure Rapid Detection and Response.