Endpoint detection and response: Traditional vs Active
Passive Isn’t Good Enough: Moving into Active EDR

As cyberattacks in the form of malware continue to grow in volume and complexity, it’s become more critical than ever for businesses to deploy endpoint controls that can prevent, detect and respond to threats.
While firewalls are important for analyzing network traffic, encryption can affect their endpoint visibility. Organizations may consider active endpoint detection and response (EDR) to provide scalability and security to their various endpoints.
In this whitepaper, SANS analyzes the differences between traditional and active EDR to help organizations make an informed decision on which EDR method is right for them. Read on to uncover the takeaways.