Get the Protection Your Business Needs.
Managed Detection and Response is known by many names and is often confused with classic Anti-Virus software. The industry has been going though major disruptive changes over the last several years. Depending on which Endpoint Protection software vendor you are looking at there will be different names for technology solutions that sound the same and share many similarities, but they are very different when you take a closer look. Confusing acronyms and technology names are a common problem in the IT Security world. We are here to help you make sense of it all and make some educated choices on what is right for your business.
What MDR really is, is an assortment of various software tools to monitor every computer and server in the network, similar to classic Anti-Virus software. But that is where the similarities end. Modern Endpoint Protection goes much farther by leveraging rich AI models and Machine Learning software to analyze mountains of data from around the world. The system is listening, analyzing and identifying threats 24 hours a day, 365 days a year. It never stops. This creates an environment that allows every endpoint to prevent, detect, and recover from threats in real-time.
Here are the most often used acronyms used today to describe different Endpoint Security solutions.
MDR (Managed Detection and Response)
This is an EPP, EDR or XDR solution that is managed. We watch the logs and alerts and take action based on a pre-agreed upon playbook.
EPP (Endpoint Protection Platform)
This is a broader term that is used by several software vendors but not all. It almost always includes an EDR or XDR component. It is entirely possible to have an EPP that is not managed, but not recommended.
NGAV (Next Generation Antivirus)
This is a term that is used by some vendors to describe their EDR and XDR solutions.
EDR (Endpoint Detection and Response)
This is the direct descendant of Anti-Virus software. It has more features as described above. The only difference between an EDR and an MDR is that it is not a managed solution. An EDR system will alert you when there are issues and you handle it from there.
XDR (Extended Detection and Response)
This is the most recent evolution of Endpoint Protection. It includes much more robust data collection. Typically by listening to IoT devices, switches and routers. Most XDR solutions support every flavor of Operating System, even end of life OS’s. Some XDR’s are managed and some are not.
You may have noticed something. These all sound incredibly similar, don’t they? That is because they are. Your next question should be, “Why are there so many names for what is fundamentally the same technology?” Call us, we’ll help make sense of it all.