If you are detecting 100% of threats detected by EDR w/o EDR, you probably don't *need* an EDR solution at all.

Keith

@kwm

EDR is intended to detect threats missed by AV. Measure EDR timeliness, but not alongside AV. Should compare against time to detect w/o EDR.

7/27/2015, 6:12:46 AM

Favs: 0

Retweets: 0

link

Keith

@kwm

If you are detecting 100% of threats detected by EDR w/o EDR, you probably don't *need* an EDR solution at all.

7/27/2015, 6:18:05 AM

Favs: 0

Retweets: 0

link