2021-09-14T21:46:00Z
Samy Adel - PeerSpot reviewer
Senior ICT Helpdesk Administrator at CACC Cargolinx
  • 10
  • 143

Which is the best EDR for a logistics company with 500-1000 employees?

Hello,

I'm working as a Senior ICT Helpdesk Administrator at a Logistics & Supply Chain company with 500+ employees.

Which Endpoint Detection and Response (EDR) product would you recommend purchasing and why?

I appreciate the help!

11
PeerSpot user
11 Answers
Patrick Flanders - PeerSpot reviewer
National Sales Director at WaveRider Security Inc.
Reseller
2021-09-21T14:22:30Z
Sep 21, 2021

It's been offered in the previous suggestions, Sophos or Crowdstrike Falcon.  


The other two excellent points were: 


(1) whether they want this running on-prem or in the cloud and 


(2) do they have the resources and knowledge base to effectively manage whichever solution is best moving forward?

Search for a product comparison in EDR (Endpoint Detection and Response)
AS
Business Development Manager at Norm Cyber
User
2021-09-21T13:47:33Z
Sep 21, 2021

I'd say, unless you have an existing 24x7 SOC, go for a managed solution - EDR is great but if no one is monitoring it and responding to the alerts/isolating you're only really getting 50% of its value. 

BH
IT Security Coordinator at a healthcare company with 10,001+ employees
Real User
Top 5
2021-09-20T16:45:37Z
Sep 20, 2021

I think most of the answers provided will work for you, but you have to take into account your environment, integration with other solutions, firewall, antivirus or even just Windows-native and you have to look at price vs features you want. 


How much is good enough? You could spend 1/2 a million or next to nothing. 


S1 is a good choice, especially, if you have legacy devices. CSF is also good but a bit more expensive. 


You also need to decide: on-prem or cloud; what your needs are and weigh that against the features and costs.

CS
Information Systems Analyst II at State of Illinois
Real User
Top 5Leaderboard
2021-09-20T13:06:23Z
Sep 20, 2021

Without really knowing what type of system you are running I'm going to stab from what info I've been given and recommend Falcon CrowdStrike. 


It's reliable and cloud-based and doesn't take away from system performance; it's easy to install and maintain.

Georges-Emmanuel TOPE - PeerSpot reviewer
Founder & CEO at Cloud Steroids
Real User
Top 10
2021-09-20T10:31:05Z
Sep 20, 2021

If you are already using Windows 10 for the clients, you may benefit from a native integration by using Microsoft Defender Advanced Threat Protection.


It's robust and pretty easy to manage and understand, and the features are on par with the other leading EDR on the market.


All you have to do is to ensure it's well configured and establish a review schedule to take actions on time even if most actions can be done automatically thanks to its machine learning and AI engine.

Darshil Sanghvi - PeerSpot reviewer
Consultant at a tech services company with 501-1,000 employees
Reseller
Top 5Leaderboard
2021-09-16T08:41:47Z
Sep 16, 2021

Hi @Samy Adel ​


I just wanted to know some more details about your environment. I have worked with and tested out multiple products and tools in EDR and NGAV segments.


For an instance, Trend Micro and Sophos Intercept X work well if you are looking for a tool with multiple features - Security and Operational features like EDR, AV, DLP, App Control, etc. 


If you are looking for a solution for only EDR (cloud-based), with good efficacy and without impacting the user's system performance, you can go ahead with Crowdstrike's Falcon Platform. If you are planning for a solution that has security-focused capabilities that can integrate with your firewall and help you get RCA, with advanced security features like UBA/UEBA, NTA, custom IOC/BIOC creation, etc along with EDR, you can check out Cortex XDR by Palo Alto Networks.


Each solution has its own limitations and unique feature set that distinguishes and is based on your priorities and budget. You can select one accordingly.

Find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne and others in EDR (Endpoint Detection and Response). Updated: November 2022.
653,584 professionals have used our research since 2012.
SP
Managing Member at Pender & Associates
Real User
Top 5Leaderboard
2021-09-21T14:32:41Z
Sep 21, 2021

Hi @Samy Adel


I would confidently recommend SentinelOne, as it is the only EDR that has not been breached, offers up to 1 million USD warranty if it is not able to roll back a ransomware encryption attack, automatically mitigates cyber-attacks without human intervention, uses artificial intelligence and does not require internet to mitigate attacks. 


SentinelOne also effectively provides protection against; zero-day, fileless and lateral movement attacks

Eric Rise - PeerSpot reviewer
Network & Security Engineer at a healthcare company with 51-200 employees
Real User
Top 5
2021-09-20T15:29:40Z
Sep 20, 2021

@Samy Adel,


Thank you for the question. I hope you discover the answers here. First off does this company want to manage the EDR solution on-prem, or would they prefer a hosted solution? Windows-based shop or are the end points Mac, and Linux as well?


EDR's I do prefer Sentenal One(S1), or Sophos as others have suggested here. 


I do prefer S1 over Sophos because I tested both in real-world situations and S1 out performed Sophos. AI and machine learning is a huge plus. S1 can be disconnected from it's cloud and still provide you protection. Also provides you the ability to roll back an infected machines providing the VSS on the local machine is working. Installs very easily on Windows and Linux workstations.


Sophos wasn't a bad solution, very nice dashboard. However, like the old Symantec End Point Protection platform, Sophos wants to install and have control of everything. It's become bloated a very thick client. It does a good job of protecting the end point but will impact performance depending on the features you enable. It is cloud-based. I don't recall whether an on-prem version of this being available. If you lose your internet you lose the cloud and your ability to control the EDR solution.

John Johny Restrepo Hernández - PeerSpot reviewer
Solutions Architect at Controles Empresariales
User
Top 5
2021-09-20T11:23:38Z
Sep 20, 2021
John Johny Restrepo Hernández - PeerSpot reviewer
Solutions Architect at Controles Empresariales
User
Top 5
2021-09-20T11:18:07Z
Sep 20, 2021

I would recommend (if all devices have at least Windows 10) to choose Microsoft Defender for Endpoint.

It is a family of products focused on detecting attack patterns based on the behavior of users and their devices. It is not only the device that has to be managed, its identities, permissions and applications are also to be managed.

The best option, for me, is Microsoft.

Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Community Manager
2021-09-16T04:52:46Z
Sep 16, 2021

Hello @Basil Dange, @Devanand PR@OmidKoushki ​and @Darshil Sanghvi. What would your professional advice be to @Samy Adel?


We appreciate your help to the community.

Related Questions
Fernando Elias Gonzalez Hernandez - PeerSpot reviewer
Cyber Security Manager at Maxitransfers LLC
Nov 9, 2022
Hi, I'm looking for an EDR with low resource consumption and very robust for 270 computers. Any suggestions? Thank you--- <Original question> Estoy buscando un EDR con bajo consumo de recursos y muy robusto para 270 equipos de computo Sugerencias? Gracias
2 out of 12 answers
Hi Fernando, Nice to meet you! From Sofistic we can help you with SOC and Crowdstrike EDR!
Pieter Plas - PeerSpot reviewer
Owner at Beerepoot Automatisering B.V.
Jul 26, 2022
Hi Fernando, I’m very happy with Kaspersky. Good value  for your money. Good support when you need it. The console gives you more than only antivirus, but also patch management for 3th party software and so many more. And i believe the best anti ransomware in the world. With kind regards,
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Sep 12, 2022
Hello community members, Could you please share 2-3 of the top pain points you've been experiencing during the Endpoint Detection and Response (EDR) solution purchase? Have you been able to overcome them? How? Thanks for sharing your experience with other peers.
2 out of 6 answers
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Jul 6, 2022
Hi @Evgeny Belenky​, A few points that need emphasis when deciding on the EDR are as below:  1) Does the solution employ Foundational Techniques (traditional), modern techniques (next-gen), or even a combination of both? 2) How does the solution detect unknown threats. Does it have machine learning capabilities? 3) If the solution does claim to utilize machine learning, what type of machine learning is used? 4) What technology is deployed to prevent exploit-based and file-less attacks? 5) Is the solution specifically designed to stop ransomware? 6) Does the solution’s creator have third-party results that validate their approach? 7) Can the solution ask detailed threat hunting and IT security operations questions? 8) What visibility is provided into attacks and can the solution respond automatically.
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Jul 7, 2022
Hi @Devanand PR, @Basil Dange, @Nadeem Syed, @Abbasi Poonawala ​and @Dalvarado, ​ ​ ​ ​ Can you please share your professional insights with your peers? Thanks and we appreciate your collaboration.
Related Articles
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out what your peers are discussing and join in the conversation. Ask and answer questions on the topics that interest you most! Read and respond to articles or contribute your own! Trending These are the topics your peers are talking about on PeerSpot this week How do I estimate the requir...
See 1 comment
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Thank you to all the community members who share their knowledge with other peers! Also, special thanks to the articles' contributors included in this Community Spotlight: @Janet Staver, @Abhirup Sarkar, @Manoj Narayanan, @Beth Safire and @Shibu Babuchandran.
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 9, 2022
If you’re weighing your options for endpoint security solutions, there are many options out there. However, solutions vary greatly in terms of how effectively they can protect your network. I want to help you make the best decision possible, so here are some questions to ask before buying an endpoint security solution, and why they are important. 1) Does the solution employ Foundational Tech...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
Dear professionals, Welcome back to PeerSpot's Community Spotlight! Below you can find the latest hot topics posted by your fellow PeerSpot Community members. Read articles, answer questions, and contribute to discussions that are relevant to you and your expertise. Or ask your peers for insight on topics that interest you! Trending Here are some topics that your peers are discussi...
See 1 comment
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 2, 2022
@Chris Childerhose, @PraveenKambhampati, @Deena Nouril, @Shibu Babuchandran and @reviewer1925439, Thank you for contributing your articles and sharing your professional knowledge with 618K PeerSpot community members around the globe as well as with a much bigger readers audience!
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
May 2, 2022
Hi peers, We're happy to share our new bi-weekly Community Spotlight with you. Here you'll find recent contributions by PeerSpot community members: questions, articles and trending discussions. Trending See what your peers are discussing at the moment! What to choose: an endpoint antivirus, an EDR solution, or both? What is your recommended IT Service Management (ITSM) tool in 2022? W...
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Feb 4, 2022
Hi dear community members, This is our latest community digest. It helps you catch up on recent contributions by community members. Comment below with your feedback and suggestions! Trending What are the Top 5 cybersecurity trends in 2022? What are the main benefits of modern IT Asset Discovery tools? Tip Post an educational article from your Home feed and receive 20 point...
See 1 comment
reviewer1577907 - PeerSpot reviewer
Manager at PeerSpot
Feb 4, 2022
Thank you, these community Spotlights are very handy!
Related Articles
Evgeny Belenky - PeerSpot reviewer
Director of Community at PeerSpot (formerly IT Central Station)
Aug 17, 2022
Community Spotlight #20
Hi dear community members, In this edition of PeerSpot's Community Spotlight, you can find out w...
Shibu Babuchandran - PeerSpot reviewer
Regional Manager/ Service Delivery Manager at ASPL INFO Services
Aug 9, 2022
8 Questions to Ask While Selecting an Endpoint Security Solution for Your Business
If you’re weighing your options for endpoint security solutions, there are many options out there...
Download Free Report
Download our free EDR (Endpoint Detection and Response) Report and find out what your peers are saying about CrowdStrike, Microsoft, SentinelOne, and more! Updated: November 2022.
DOWNLOAD NOW
653,584 professionals have used our research since 2012.