I'm not afraid to admit it, but I LOVE EDR. I've been working in information security for over a decade, and I've consistently seen attackers target endpoints. It's where users hang out, and therefore they're a treasure trove of sensitive data such as credentials, personal data, post-MFA access tokens etc.
Also, they almost always have internet access, and because users are browsing the web and opening emails on them, they give attackers great opportunities to gain access to them.
In this video I talk through what EDR is, the history of EDR, how it works, pros/cons, and the future.
You may have heard of EDR through other names, such as CrowdStrike, Windows Defender, or SentinelOne (other vendors are available!)
Below are the links I mention in the video.
Pyramid of pain: / pyramid-pain-timeless-...
My EDR article from LinkedIn: / endpoint-detection-res...
Irish health service ransomware article: / how-irish-health-servi...
British library ransomware article: / british-library-ransom...
Office of Personnel Management (OPM) article: / opm-breach-very-bad-da...
Office of Personnel Management (OPM) video: • The biggest data breac...
00:00 Introduction.
00:32 The history of EDR.
01:56 How EDR works.
02:57 EDR components.
03:38 Pros of EDR.
05:40 Costs and considerations.
06:56 Real-world examples where EDR would have helped.
08:01 The future of EDR.
09:29 Outro.
#cybersecurity #informationsecurity #ransomware