Endpoint Detection & Response

Endpoint Detection and Response (EDR) has become a Gartner buzzword. We point you to the kind of solution that will enable you to deliver it – profitably!

EDR – Endpoint Detection and Response - is the acronym currently setting the security industry a-buzz.

Industry analyst Gartner - who came up with the first EDR-type concept back in 2013 - has recently concluded that a more proactive alternative to simply attempting to block attacks is now needed, providing early detection, but also minimising dwell time and damage if an attack does indeed find a foothold. This is what EDR delivers.

It can – in theory – help service providers, resellers and other IT companies to climb the value chain by adding a valuable new layer of protection to customers’ security infrastructure.

But this is only worthwhile if the EDR solution is rapid to deploy, easy to use and manage, and profitable.

EDR is certainly powerful – but is it viable?

EDR done better, made profitable

The challenge up until now has been that EDR solutions are, by their nature, typically very ‘noisy’, generating high volumes of superfluous alerts that then have to be manually sifted through. In practical terms, this can make them almost unusable.

There’s the ‘complexity cost’ to consider, too. Most EDR solutions tend to rely on multiple agents, which are a significant management overhead for your customers (and - if you’re delivering EDR as a managed service - for you.)

So, noisy, difficult to use, highly manual, costly to manage – does EDR really offer anything to move you up that customer value chain?

The short answer is yes – because we’re now seeing smarter EDR solutions emerge that have already comprehensively overcome these shortcomings, taking a far less noisy and less manual operational approach that adds significant value both to what EDR delivers and how it delivers it.

Bitdefender: blazing a brave new EDR trail

Take a solution like Bitdefender’s GravityZone EDR, for example.

It has made it easy to add EDR to customers’ existing security infrastructure (thus increasing your revenues per customer), but with far less IT resource necessary on your part, and with vastly reduced management overheads.

How does it do this? Through a combination of six critical features that most EDR solutions simply don’t offer:

  1. Rapid deployment – Cloud-based, up and running in hours, not days.
  2. Simplification – One agent to manage, not many.
  3. Ease of use - A single, unified management console to control everything.
  4. Automated response and repair – No need for manual intervention - identified threats are removed automatically.
  5. Compatibility – Works with all existing solutions from the same family
  6. Artificial intelligence and machine learning – Reduces the management overhead caused by unnecessary noise; learns to identify false alarms and trivial threats, enabling the EDR layer to focus on the real and dangerous.

Bitdefender calls this highly automated, intelligent approach to EDR ‘funnel-based’, and you can see immediately that it’s a clear departure from the existing noisy, manual EDR orthodoxy – and one that makes a much more attractive proposition to service providers, resellers and their customers alike.

EDR Funnel

But do customers even want EDR?

If we said customers’ demand for EDR is set to go stratospheric, we probably wouldn’t be exaggerating.

An EDR article in eSecurity Planet, for example, describes the growth in EDR as “explosive” and reports that Gartner's forecast “is for almost 50% annual growth for EDR at least through 2020, putting it way out in front of most areas of IT.”

This in turn points to a market value – again, according to Gartner’s EDR estimates - of some $1.5 billion (£1.14 billion) – extremely plausible when you consider that, according to eSecurity Planet, only 40 million EDR endpoints are currently installed, compared to the estimated 711 million desktop, laptop and other devices that can use the software!

And in this recent global EDR survey, 72% of respondents reported their teams already suffer ‘alert fatigue’ – strong evidence that the demand will ultimately be shaped by the availability of solutions like Bitdefender EDR that don’t fall into the ‘noisy and difficult to manage’ bracket.

The message from the market is clear: for service providers, resellers and other IT partners, EDR is a revenue boost waiting to happen.

Just make sure you choose to sell solutions that are actually usable!