All Research
Buyer's Compass

Why don't you like this?

I like this
I don't like this

Endpoint Detection & Response (EDR)

John Tolbert
Please note that a newer version of this paper is available, published on October 09, 2024. You might want to check it out instead.
Data loss via Advanced Persistent Threats (APT), Insider Threat, and other vectors remains a top concern of businesses worldwide. EDR tools are becoming more widely used to help detect and remediate these kinds of threats. This KuppingerCole Buyer’s Compass will provide you with questions to ask vendors, criteria to select your vendor, and requirements for successful deployments. This document will prepare your organization to conduct RFIs and RFPs for EDR tools.

1 How to use the Buyer‘s Compass

This KuppingerCole Buyer’s Compass on Endpoint Detection and Response (EDR) provides information about

  • Use Cases
  • Functional Selection Criteria
  • Non-functional Selection Criteria
  • Technical Prerequisites
  • Organizational Prerequisites
  • Questions to ask the vendors

By focusing on the most important aspects of product selection during and RFI/RFP cycle, end-user organizations can more efficiently select the subset of available products to evaluate, based on the experience of KuppingerCole from our research and advisory services.

This document is not a complete guideline for selecting vendors but should provide an excellent starting point to streamline the decision-making process.

How to use it:

  • Identify your primary use cases
  • Review the functional selection criteria – their weight might be based on the matrix of these use cases and the functional selection criteria
  • Review the non-functional selection criteria
  • Request information and rate the vendors on these criteria
  • Ask additional questions of the vendors, as defined
  • Define a shortlist of vendors based on the results and continue with the vendor selection process, with more detailed RFIs and PoCs
  • Ensure that the technical and organizational prerequisites are in place.

Note: This Buyer’s Compass addresses detection of threats present, signs of compromise, and possible automatic remediation processes for endpoint systems. A complete cybersecurity architecture must include network layer defenses as well, such as content-aware perimeter firewalls, web application firewalls, email gateway scanners, SIEM, and forensic tools. There are additional considerations and questions that are involved in preparing procurement processes for these different types of solutions.

There are related documents available from KuppingerCole. KuppingerCole Advisory Services can provide further support in the vendor selection processes.

Full article is available for registered users with free trial access or a paid subscription.
Log in
Become a Member and read on!
Create an account and buy a Membership package or use our 7-days free trial period to access this and 900+ other in-depth and up-to-date insights.
Register and request your 7-day free trial
Register
Already convinced? Check out our packages
Choose a package

Stay up to date

Subscribe for a newsletter to receive updates on newest events, insights and research.
I have read and agree to the Privacy Policy
I have read and agree to the Terms of Use