Profile picture
Hamzah 'Lateef
@password_ng
, 23 tweets, 7 min read Read on Twitter
Endpoint Detection & Response (EDR): The New Way To Go
Antivirus was once the main way to protect endpoints (laptops, servers, workstations). They are designed to detect malicious programs, block them and offer an easy way of removing them.
But the threat landscape today have grown more advanced and malware are no longer the only threat vector the attackers can use. This drastically change the effectiveness of Antivirus to protect businesses and organizations data.
Today, fileless malware, zero day exploits and APT are leading in the attack campaign been launched at organization. These set of new threat don't use signatures which is the bases on which your Antivirus can work to protect you.
At this point the world need a solution that can protect them, and researchers started working out a new strategy to replace Antivirus, which gave birth to the Next Generation Antivirus (NGAV).
NGAV is the term coined to replace the new way Antivirus is working, handling detection by looking for a specific characteristics and don't account for human ingenuity or attacker behavior. How can we move beyond this point. Researchers keep on working.
Where we are today is the EDR, which combines elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and mitigate any suspicious activities and issues on hosts and endpoints.
One of the beauty of the EDR is that they can be used as a complement to a larger security systems such as Security Information and Event Management (SIEM) , Vulnerability management and IR tools.
Essential elements of every EDR solution range from detection, effective cleanup and remediation, observing endpoint activity without interference, cross-correlation of data across the whole environment (using feeds and IOCs), to empowering IR and forensics investigation.
So most of what your Antivirus and NGAV will missed will be detected by the EDR platform.
There are many companies that offer EDR tools and we are going to list them out in this thread.
#1. @symantec Endpoint Protection
visit to read more on this vendor
symantec.com/products/endpo…
#2 @Webroot Endpoint Protection.

Visit to read more about this vendor
webroot.com/us/en/business…
#3 @Fortinet
visit to read more about this vendor

fortinet.com/products/endpo…
#4 @Sophos Intercept X: Next Gen Endpoint.

Visit to read more about this vendor

sophos.com/en-us/products…
#5 @CarbonBlack_Inc Response and Defense Product.

Visit to read more about this vendor

carbonblack.com
#6 @kaspersky Endpoint Security.

visit to read more about this vendor

kaspersky.co.za/small-to-mediu…
#7 @cybereason EDR.

Visit to read more about this vendor

cybereason.com
#8 @PaloAltoNtwksUK Networks Traps

Visit to read more about this vendor

paloaltonetworks.com/products/secur…
#9 @FireEye Endpoint Security

Visit to read more about this vendor.

fireeye.com/solutions/hx-e…
#10. @cylanceinc Endpoint Security
Visit to read more about vendor.

cylance.com/en-us/platform…
If you're reading this thread and you have work with product from any of these vendors, please leave comment to help guides those planning to invest in EDR.

Thank you.
@threadreaderapp unroll
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Hamzah 'Lateef
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

More from @password_ng see all

Profile picture
Hamzah 'Lateef
@password_ng
Threat Hunting In #CyberSecurity : Waiting for an alert can be too dangerous.
Threat hunting means to proactively search for malware or attackers that are hiding in your network — and may have been there for some time.
Most time, the goals of these malware or attackers can be to quietly siphoning off data, patiently listening in for confidential information, or working their way through the network looking for credentials powerful enough to steal key information.
Read 19 tweets
Profile picture
Hamzah 'Lateef
@password_ng
In the celebration of #WorkersDay2019, We are going to be learning how to convert our non smart TV to smart TV. For most home now have access to the Internet and they can decide to go smart with all their wide screen non smart TV.

A. Non Smart TV
B. Smart TV
What is a smart TV?
A smart TV is a traditional set with integrated Internet and interactive "Web 2.0". It uses your home network to provide streaming videos and services on your TV, and smart TVs use wired Ethernet and built in Wi-Fi to stay connected.
A non smart TV cannot do any of this, you can only use it with your popular audio in video in, HDMI
Read 18 tweets

Related threads

Profile picture
Lisa Mei Crowley
@LisaMei62
New Q (3 Mar): Was Papadopoulos plant placed into Trump campaign to serve as FISA justification to spy on them via FVEY? As DNI, Clapper would know about FISA tgts. Does he STILL have clearances to receive clsfd rpts fm FVEY partners e.g. AUS? Is Papa-D working to save himself?
2. Public rpts show how fake dossier was primary justification for illegal FISAs. What hasn't been reported publicly is how FVEY worked w/Hussein admin to push fake decoy mtgs w/Russians via plants inserted into Trump campaign (Papa-D tried to set up mtg?). UK/AUS helped set up.
3. SPY OP started w/Hussein 3 Natl Sec Orders (POTUS Trump can declas). UK fed intel to Brennan's C_A. No Name fed leaks fm Clapper & Brennan to media. FBI, DOJ, DNI, C_A coordinated w/HRC & DNC. LL - BC tarmac mtg, SC seat offered to make HRC email "matter" go away.
Read 42 tweets
Profile picture
Tim MalcomVetter
@malcomvetter
For the newcomers out there...

I’ve been doing InfoSec stuff for ~20 years now, & every 3-5 years I discover a better understanding of the subject. Just when I think I’ve got it figured out, I get a little closer still.

This is for your edification to stick with it 1/
20 years ago, I thought “perfect computer security” was possible if you just figured out the correct “recipe” of stuff for the technical problem you were trying to solve.

Didn’t take long to shatter that misconception.
13 years ago or so, @cigitalgem convinced me that “network security” is really “software security” since “appliances” (that was our “cloud” back then) were just CPUs, RAM, and IO with a software stack. That was eye opening for me and still affects the way I think today.
Read 22 tweets
Profile picture
Jason Danner
@jpdanner
Ready for #Kiwicon Day 2!

This will be an interesting angle... I blame @rafaelmagu

@kiwicon
I have JUST discovered that the #Kiwicon screens are rear projection.

@kiwicon
Now @Metlstorm is (finally) thanking the sponsors.

Starting with @InternetNZ!

#Kiwicon
Read 370 tweets
Profile picture
F-Secure
@FSecure
Introducing...

THE HUNT: A Cyber Attack in the Process Industry

#cybersecurity #thehunt

blog.f-secure.com/cyber-security…
In manufacturing...

• 86% of cyber attacks are targeted

• 66% feature hacking

• Only 34% involve malware
In manufacturing, almost half – 47 percent – of breaches involve the theft of intellectual property to gain competitive advantage.

#cybersecurity #thehunt
Read 89 tweets
Profile picture
Kelly Shortridge
@swagitda_
Super pumped for this panel about detecting attacks at scale w/ @jessfraz @argvee @mhil1 @BradMaio
SecOps hierarchy of needs was created in the 1970s, as pointed out by @argvee, & we’re constantly rethinking how to do detection. She thinks we’re in the early days of this current 5 year detection cycle — this time, catalyst is the cloud
“In 2050 when data centers are running on Mars (😂), we’ll have data readily available to make decisions, & humans won’t be needed to make those decisions — the systems will defend themselves” - @argvee
Read 21 tweets
Profile picture
MURTALA 🇳🇬
@MurtalaIbin
Abuja - Kaduna highway, alongside other routes Linking Kaduna have become dangerous, due to activities of deadly Bandits, who have take advantage of the vegetation cover, to kill, rob or kidnap passengers

Thread on viable solution to the crisis.
Multidimensional measures are required to end activities of bandits
-Aggressive ops
- improve policing strategy (crime deterrent, crime response, surveillance)
- border security
- proper security n use of Forest areas
Number 1& 2 are within the mandate of @GovKaduna
KDSG should swiftly adopt LASG modelled RRS, collaborate with Jaji for Advance weapons handling & tactical training, First aid training from RedCross for Police officers under the unit, logistics support through delivery of Pro force LAV, armoured Hilux & remoteeye UAV
Read 7 tweets

Trending hashtags

#Earned #FreeIran2018 #CONSPIRACY #InternetBillofRights #edutwitter #TarmacMeeting #GladioB #DeepState #AMP #KAG #NWO #YeniZalanda #PatriotsFight #Trump #BOOM #geopolitical #FridayFeeling #TRIGGERED #New #potus #MAGA #ampconf #Qanon8chan #Profit #Pakistan
Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!