With a growing number of EDR solutions on the market I found it a bit difficult to ‘navigate’ it beyond the typical Sales pitch. There is already a lot of body of work in this area done by Gartner’s Anton Chuvakin, but I wanted something that is speaking my language, is free to download, and is as technical as possible (from the IR/forensics perspective) so the choices we make can be a bit more educated.

As a result I created a spreadsheet which – with the help of many practitioners and researchers who contributed the crowd-sourced knowledge – emerged as a quite a comprehensive list of current EDR solutions on the market. This data is placed on my web site just for the convenience, but it’s in public domain. I don’t claim any copyright – I came up with the idea, but the data and comments come from a significant number of researchers and vendors who diligently shared their knowledge and concerns with me. I just put it together.

This is is a good moment to reflect on this. The actual users of the solutions shared data for the benefit of us all! What a great participation and sharing! And as a result (being mind blown by a number of emails I received over last couple of months) I want to extend thanks to whoever helped to make this project possible.

You know who you are. You are awesome. Thank you!

The latest EDR sheet can be found here.

As usual, if you find anything wrong/needing some amendment, please do let me know. I’ll fix it.