MHRSFI 1 Posted August 30 Share Posted August 30 We are considering purchasing an EDR but we currently do not have a dedicated security team I'm uncertain if this purchase would improve our security I would appreciate any thoughts or advice Quote Link to comment Share on other sites More sharing options...
thae 12 Posted August 30 Share Posted August 30 I'm a solo security person. I've gotten a better look into what's happening on the end devices. You can define which events you want to see. For example only the most critical, warning or informational events. It's obviously a learning curve but it's worth it in my opinion. You could also think about MDR. j91321 1 Quote Link to comment Share on other sites More sharing options...
ESET Staff j91321 7 Posted September 4 ESET Staff Share Posted September 4 Agree with @thae. It really depends on how much time you can dedicate to learning and making the tool useful for you, even as a single security person or IT generalist in your company. Disregarding some marketing claims for various EDR vendors, these tools are not plug&play. You get most out of it if you use the tool. Buying it and never using the console is a waste of money. We do see cases like this when the EDR console was showing critical severity alerts for weeks and customers never logged into the console or ignores all notifications and then they complain to us about not protecting them. As mentioned if you don't have the time/people to do this, you can throw money at the problem by getting either MDR or MDR Ultimate service. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.