Best Endpoint Detection & Response (EDR) Software

Endpoint detection and response (EDR) tools are the newest members of the endpoint security family. They combine elements of both endpoint antivirus and endpoint management solutions to detect, investigate, and remove any malicious software that penetrates a network’s devices. These tools give greater visibility of a system’s overall health including each specific device’s state. Companies use these tools to mitigate endpoint penetrations quickly and prevent data loss, theft, or system failures. They are typically used as a complement to larger security systems such as security information and event management (SIEM), vulnerability management, and incident response tools.

To qualify for inclusion in the Endpoint Detection and Response category, a product must:

  • Alert administrators when devices have been compromised
  • Search data and systems for the presence of malware
  • Possess analytics and anomaly detection features
  • Possess malware removal features
G2 Grid® for Endpoint Detection & Response (EDR)
Leaders
High Performers
Contenders
Niche
Market Presence
Satisfaction
Star Rating

Endpoint Detection & Response (EDR) reviews by real, verified users. Find unbiased ratings on user satisfaction, features, and price based on the most reviews available anywhere.

Compare Endpoint Detection & Response (EDR) Software

G2 takes pride in showing unbiased ratings on user satisfaction. G2 does not allow for paid placement in any of our ratings.
Results: 81
Filter Results
Filter by:
Sort by
Star Rating
Sort By:
Results: 81

    Symantec Endpoint Protection (SEP) is designed to protect against malware attacks including targeted attacks, advanced persistent threats, and zero-day threats with a layered approach to security at the endpoint. Superior protection that fuses essential and next-gen technologies in a multi-layered fashion. High-performance, lightweight single client, single management console across both physical and virtual protection and orchestrated response delivered at scale

    Optimized for quick response

    In a multi-vector attack, cybercriminals combine a variety of threat technologies, deployed in numerous stages, over multiple points of entry, or vectors, to infect computers and networks. To keep businesses, their users, and their devices safe, Webroot SecureAnywhere® Business Endpoint Protection offers a unique next gen blend of layered multi-vector protection that stops threats across email, web browsing, files, URLs, ads, apps, and more.

    Malwarebytes secures endpoints, making workplaces resilient. Our adaptive attack protection predicts and detects attacks with multi-layer detection across the kill chain. We enable active threat response with machine learning that is actionable and automated, allowing for full recovery when a compromise occurs. We empower enterprise orchestration across siloed IT and Security organizations, simplifying security management and making response effective. Malwarebytes makes endpoints resilient

    Integrated endpoint protection that provides automated next-generation threat protection, as well as visibility and control of your software and hardware inventory across the entire security fabric. Identify and remediate vulnerable or compromised hosts across your attack surface.

    McAfee Endpoint Security delivers industry-leading protection and operational simplicity for your diverse endpoint environment.

    Kaspersky Endpoint Security for Business offers a tightly integrated combination of superior security technologies and far-reaching systems management capabilities, which can all be controlled via a single management console.

    To stop the widest range of threats, Sophos Intercept X employs a comprehensive defense-in-depth approach to endpoint protection rather than simply relying on one primary security technique. This is the “the power of the plus” – a combination of leading foundational (traditional) and modern (next-gen) techniques. Intercept X integrates the industry’s top-rated malware detection and exploit protection with built-in endpoint detection and response (EDR). Drive threat prevention to unmatched level

    Traps replaces traditional antivirus with multi-method prevention, a proprietary combination of advanced malware and exploit prevention methods that protect users and endpoints from known and unknown threats.

    Bitdefender GravityZone combines all the security services organizations need into a single delivery platform to reduce their cost of building a trusted environment for all endpoints.

    Easy to use security-as-a-service for organizations with limited IT security resources

    Trend Micro Endpoint Security provides immediate protection for enterprise endpoints lowering infections by instantly securing end-points from sophisticated cybercriminal attacks

    CB Response is the market-leading incident response and threat hunting solution designed to provide responders with the most information possible, accompanied by expert threat analysis and armed with real-time response capabilities to stop attacks, minimize damage and close security gaps. CB Response makes these teams more efficient, reducing investigations from days to hours, and more effective, enabling them to discover threats before attacks can exploit them. CB Response also allows teams to

    A group of defense and intelligence experts saw savvy attackers compromising endpoints seemingly at will. Traditional approaches failed to provide sufficient protection. They founded SentinelOne to develop a dramatic new approach to endpoint protection. It’s one that applies AI and machine learning to thwart known and unknown threats. Our team understands how much endpoints matter. When attackers come after our privacy, intellectual property, infrastructure, and collaborative modes of working,

    53% of breaches do not use malware. Streaming prevention through Cb Defense goes beyond machine-learning AV to stop all types of attacks before they compromise your systems. Cb Defense, with its breakthrough prevention model, market-leading detection and response capabilities and single lightweight agent, is the future of next-gen antivirus.

    Cisco Advanced Malware Protection (AMP) for Endpoints prevents threats at point of entry, then continuously tracks every file it lets onto your endpoints. AMP can uncover even the most advanced threats, including fileless malware and ransomware.

    Proofpoint Threat Response Auto-Pull (TRAP) enables messaging and security administrators the ability to automatically retract threats delivered to employee inboxes and emails that turn malicious after delivery to quarantine. It is also a powerful solution to retract messages sent in error as well as inappropriate, malicious, or emails containing compliance violations and also follows forwarded mail and distribution lists and creates an auditable activity trail. With Proofpoint Threat Response

    FireEye Endpoint Security (HX series) products provide organizations with the ability to continuously monitor endpoints for advanced malware and indicators of compromise that routinely bypass signature-based and defense-in-depth security systems.

    Panda Endpoint Protection provides centralized protection for all of your Windows, Mac and Linux workstations, including laptops, smartphones and the leading virtualization systems.

    An enterprise solution that allows you to query and modify your managed computer assets in seconds, regardless of the size of your network.

    Endpoint security management is all about adequately securing such endpoints and thereby securing a network by blocking access attempts and such risky activities at endpoints.

    Detect, isolate, and eliminate intrusions across all endpoints using AI, automated incident generation, and unparalleled threat intelligence.

    Check Point Endpoint Security combines data security, network security, threat prevention technologies and remote access VPN into one package for complete Windows and Mac OS X protection.

    Cybereason automatically detects malicious activity and presents it in an intuitive way. It deploys easily with minimal organizational impact and provides end-to-end context of an attack campaign. Most organizations deploy Cybereason and start detecting attacks within 24 to 48 hours.

    Proofpoint Enterprise Archive is a cloud-based archiving solution that simplifies legal discovery, regulatory compliance, and end-user information access without the headaches of managing an archive in-house.

    Learn More About Endpoint Detection & Response (EDR) Software

    Latest Endpoint Detection & Response (EDR) Articles