2022-06-17T07:03:00Z
reviewer1740369 - PeerSpot reviewer
User at Jkumar infra
  • 7
  • 406

Do we need to use both EDR and Antivirus (AV) solutions for better protection of IT assets?

Hello all,

An anti-virus (AV) works based on the file signature mechanism and an Endpoint Detection and Response (EDR) tool is behavior-based. 

Do we need to use both EDR and AV solutions or EDR-only to protect our IT assets?

 Thanks.

7
PeerSpot user
7 Answers
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Real User
ExpertModerator
2022-06-19T06:47:36Z
Jun 19, 2022

Hi @reviewer1740369​,


When evaluating EDR vs. antivirus, it’s important to note that an Endpoint Detection and Response solution does all that the best antivirus product does – and more. Typically it is recommended other antivirus tools be removed when an EDR solution is installed. 


Running both can cause slowness or other technical issues on systems and devices. To defend against complex and evolving threats, the choice is clear – Endpoint Detection and Response will give you more advanced security.

Search for a product comparison in IT Asset Management
CP
Partner Account Manager 🔆 at SEC DataCom A/S
Reseller
2022-06-24T07:27:29Z
Jun 24, 2022

The short answer is no. EDR includes EPP (EndPoint Protection) which is more advanced that antivirus and detects zero-day threats, malicious behaviour and much more. 


Also, products like SentinelOne make Incident Response and threat hunting so much easier because they track and record all the relevant events happened during an attack.

Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Real User
ExpertModerator
2022-06-19T06:51:17Z
Jun 19, 2022

Hi @reviewer1740369​,


Hope this will be helpful when you have to take a call for exact differences.


EDR Features:
1. EDR includes real-time monitoring and detection of threats – including those that may not be easily recognized or defined by standard antivirus. Also, EDR is behavior-based, so it can detect unknown threats based on a behavior that isn’t normal.


2. Data collection and analysis determine threat patterns and alerts organizations to threats


3. Forensic capabilities can assist in determining what has happened during a security event


4. EDR can isolate and quarantine suspicious or infected items. It often uses sandboxing to ensure a file’s safety without disrupting the user’s system.


5. EDR can include automated remediation or removal of certain threats


Antivirus Features:


1. Antivirus is signature-based, so it only recognizes threats that are known.


2. AV can include scheduled or regular scanning of protected devices to detect known threats


3. Assists in the removal of more basic viruses (worms, trojans, malware, adware, spyware, etc.)


4. Warnings about possibly malicious sites

Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a financial services firm with 5,001-10,000 employees
Real User
Top 5Leaderboard
2022-08-05T18:53:35Z
Aug 5, 2022

´til now, both. EDR technology is moving to XDR but is on "peak of inflated expectations", the second of five phases in product development hype (Gartner). I'd rather wait a little bit, may be ZDR :)

Kevin Mabry - PeerSpot reviewer
CEO at Sentree Systems, Corp.
Real User
Top 5Leaderboard
2022-06-27T05:06:11Z
Jun 27, 2022

Hi, 


No, you don't need both because EDR is an advanced Antivirus with behavior-based analysis. 


Unless you have a whole team that is able to determine and parse the data, you might even consider an MDR (Managed Detection & Response).  MDRs have a team watching the alerts. They monitor the device logs and, if it is advanced enough, they will also monitor your firewall traffic as well.

Remy Ma - PeerSpot reviewer
Network Security Services at ACE Managed Securty Services
Real User
Top 5
2022-09-19T09:18:33Z
Sep 19, 2022

EDR (endpoint detection and response) is an advanced form of antivirus, so if you have an EDR solution, you don’t need antivirus. Running both software at the same time can hamper the performance of your endpoint devices.


EDR is broader in scope than an antivirus solution. Antivirus solutions are limited to signature-based malware scanning. But next-generation EDR solutions incorporate behavior-based anomaly detection, automated threat hunting, and policy-based instant threat responses.


Keep in mind that EDR works best if you have a dedicated team of security analysts to take quick threat response actions. If not, your EDR solution will not operate at its maximum capacity and will endanger your network. In that case, it’s best to use an antivirus solution as well.

Learn what your peers think about ServiceNow. Get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
655,711 professionals have used our research since 2012.
CA
Product Manager at a tech vendor with 11-50 employees
Real User
Top 5
2022-06-24T13:45:19Z
Jun 24, 2022

These two solutions are more like complementary tools. 


However, if you "really" have a security team that works 24/7, then you might not need an AV but this team should be really competent. Otherwise, it won't produce the result you're expecting.

Related Questions
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Nov 17, 2022
Hi dear professionals, What are the main benefits and use cases of a modern IT Asset Discovery tool? Any particular advantages and use cases for cloud/hyper-cloud environments? Thanks for sharing your knowledge with the community
2 out of 5 answers
Jairo Willian Pereira - PeerSpot reviewer
Information Security Manager at a financial services firm with 5,001-10,000 employees
Feb 1, 2022
Real-time and reliable inventory/CMDB (that can help entire company and others IT Governance domains to validade a trustworthy environment).
CT
Product Manager at a tech services company with 501-1,000 employees
Feb 2, 2022
CMDB supported by a discovery tool can keep the service model of the IT operation management updated. This will help the root cause analysis to be made easier. 
Ariel Lindenfeld - PeerSpot reviewer
Director of Community at PeerSpot
Feb 3, 2022
Let the community know what you think. Share your opinions now!
2 out of 3 answers
Horacio Rojas - PeerSpot reviewer
User at University of Hawaii
Oct 6, 2021
Product support to our wide range of devices, access to KB, support team to ensure a smooth implementation on our environment and thru the life of the system. 
Erik R - PeerSpot reviewer
Senior Engineer DCMT at a financial services firm with 5,001-10,000 employees
Dec 16, 2021
Great product support team to ensure a smooth process when implementing and troubleshooting in the early stages.  User-friendliness of the software is also important, as we have a wide range of people who use it.
Related Articles
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 14, 2021
Future of ITSM: Trends and Predictions At the beginning of 2020, we made some predictions about the future of ITSM. Of course, there are some things that no one could have ever predicted this year – for example, there was no way to predict the global pandemic and the rapid-fire adoption of digital transformation that followed. However, these often-intense changes, have created a bright futur...
Tjeerd Saijoen - PeerSpot reviewer
CEO at Rufusforyou
Jul 4, 2021
Security and protecting your IT environment is the biggest challenge now.  How to prevent ransomware attacks? Part 1 described our approach to proactively protect your environment. The first step is to scan your environment from server to endpoint and check your complete environment on several issues preventing a hacker to penetrate your systems. Most of the times hackers getting a chance bec...
Related Articles
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 14, 2021
Future of ITSM: Trends and Predictions
Future of ITSM: Trends and Predictions At the beginning of 2020, we made some predictions abou...
Tjeerd Saijoen - PeerSpot reviewer
CEO at Rufusforyou
Jul 4, 2021
Discovery tools & security - Part 2
Security and protecting your IT environment is the biggest challenge now.  How to prevent ransom...
Download Free Report
Download our free ServiceNow Report and get advice and tips from experienced pros sharing their opinions. Updated: November 2022.
DOWNLOAD NOW
655,711 professionals have used our research since 2012.