2021-09-14T21:46:00Z

Which is the best EDR for a logistics company with 500-1000 employees?

SA
  • 10
  • 59
PeerSpot user
11

11 Answers

PF
Reseller
2021-09-21T14:22:30Z
Sep 21, 2021

It's been offered in the previous suggestions, Sophos or Crowdstrike Falcon.  


The other two excellent points were: 


(1) whether they want this running on-prem or in the cloud and 


(2) do they have the resources and knowledge base to effectively manage whichever solution is best moving forward?

Search for a product comparison in EDR (Endpoint Detection and Response)
AS
User
2021-09-21T13:47:33Z
Sep 21, 2021

I'd say, unless you have an existing 24x7 SOC, go for a managed solution - EDR is great but if no one is monitoring it and responding to the alerts/isolating you're only really getting 50% of its value. 

BH
Real User
2021-09-20T16:45:37Z
Sep 20, 2021

I think most of the answers provided will work for you, but you have to take into account your environment, integration with other solutions, firewall, antivirus or even just Windows-native and you have to look at price vs features you want. 


How much is good enough? You could spend 1/2 a million or next to nothing. 


S1 is a good choice, especially, if you have legacy devices. CSF is also good but a bit more expensive. 


You also need to decide: on-prem or cloud; what your needs are and weigh that against the features and costs.

CS
Real User
Top 20
2021-09-20T13:06:23Z
Sep 20, 2021

Without really knowing what type of system you are running I'm going to stab from what info I've been given and recommend Falcon CrowdStrike. 


It's reliable and cloud-based and doesn't take away from system performance; it's easy to install and maintain.

GT
Real User
2021-09-20T10:31:05Z
Sep 20, 2021

If you are already using Windows 10 for the clients, you may benefit from a native integration by using Microsoft Defender Advanced Threat Protection.


It's robust and pretty easy to manage and understand, and the features are on par with the other leading EDR on the market.


All you have to do is to ensure it's well configured and establish a review schedule to take actions on time even if most actions can be done automatically thanks to its machine learning and AI engine.

DS
Reseller
2021-09-16T08:41:47Z
Sep 16, 2021

Hi @Samy Adel ​


I just wanted to know some more details about your environment. I have worked with and tested out multiple products and tools in EDR and NGAV segments.


For an instance, Trend Micro and Sophos Intercept X work well if you are looking for a tool with multiple features - Security and Operational features like EDR, AV, DLP, App Control, etc. 


If you are looking for a solution for only EDR (cloud-based), with good efficacy and without impacting the user's system performance, you can go ahead with Crowdstrike's Falcon Platform. If you are planning for a solution that has security-focused capabilities that can integrate with your firewall and help you get RCA, with advanced security features like UBA/UEBA, NTA, custom IOC/BIOC creation, etc along with EDR, you can check out Cortex XDR by Palo Alto Networks.


Each solution has its own limitations and unique feature set that distinguishes and is based on your priorities and budget. You can select one accordingly.

Find out what your peers are saying about Microsoft, SentinelOne, CrowdStrike and others in EDR (Endpoint Detection and Response). Updated: March 2024.
757,198 professionals have used our research since 2012.
SP
Real User
Top 20
2021-09-21T14:32:41Z
Sep 21, 2021

Hi @Samy Adel


I would confidently recommend SentinelOne, as it is the only EDR that has not been breached, offers up to 1 million USD warranty if it is not able to roll back a ransomware encryption attack, automatically mitigates cyber-attacks without human intervention, uses artificial intelligence and does not require internet to mitigate attacks. 


SentinelOne also effectively provides protection against; zero-day, fileless and lateral movement attacks

Eric Rise - PeerSpot reviewer
Real User
2021-09-20T15:29:40Z
Sep 20, 2021

@Samy Adel,


Thank you for the question. I hope you discover the answers here. First off does this company want to manage the EDR solution on-prem, or would they prefer a hosted solution? Windows-based shop or are the end points Mac, and Linux as well?


EDR's I do prefer Sentenal One(S1), or Sophos as others have suggested here. 


I do prefer S1 over Sophos because I tested both in real-world situations and S1 out performed Sophos. AI and machine learning is a huge plus. S1 can be disconnected from it's cloud and still provide you protection. Also provides you the ability to roll back an infected machines providing the VSS on the local machine is working. Installs very easily on Windows and Linux workstations.


Sophos wasn't a bad solution, very nice dashboard. However, like the old Symantec End Point Protection platform, Sophos wants to install and have control of everything. It's become bloated a very thick client. It does a good job of protecting the end point but will impact performance depending on the features you enable. It is cloud-based. I don't recall whether an on-prem version of this being available. If you lose your internet you lose the cloud and your ability to control the EDR solution.

JR
User
2021-09-20T11:23:38Z
Sep 20, 2021
JR
User
2021-09-20T11:18:07Z
Sep 20, 2021

I would recommend (if all devices have at least Windows 10) to choose Microsoft Defender for Endpoint.

It is a family of products focused on detecting attack patterns based on the behavior of users and their devices. It is not only the device that has to be managed, its identities, permissions and applications are also to be managed.

The best option, for me, is Microsoft.

EB
Community Manager
2021-09-16T04:52:46Z
Sep 16, 2021

Hello @Basil Dange, @Devanand PR@OmidKoushki ​and @Darshil Sanghvi. What would your professional advice be to @Samy Adel?


We appreciate your help to the community.

EDR (Endpoint Detection and Response)
EDR, also referred to as Endpoint Detection and Response, is a security solution that works by using continuous real-time monitoring and collecting endpoint data that could indicate a threat.
Download EDR (Endpoint Detection and Response) ReportRead more

Related Q&As

EDR (Endpoint Detection and Response) experts

Adrian Cambronero - PeerSpot reviewer
Prateek Agarwal - PeerSpot reviewer
Diana Alvarado - PeerSpot reviewer
Jonathan Ramos G. - PeerSpot reviewer
AANKITGUPTAA - PeerSpot reviewer
Nagendra Nekkala - PeerSpot reviewer
Edwin Solano Salmeron - PeerSpot reviewer
Nadeem Syed - PeerSpot reviewer