Keith
@kwm
EDR is intended to detect threats missed by AV. Measure EDR timeliness, but not alongside AV. Should compare against time to detect w/o EDR.
7/27/2015, 6:12:46 AM
Favs: 0
Retweets: 0
link← @kwm Twitter archive
Keith
@kwm
EDR is intended to detect threats missed by AV. Measure EDR timeliness, but not alongside AV. Should compare against time to detect w/o EDR.
7/27/2015, 6:12:46 AM
Favs: 0
Retweets: 0
linkKeith
@kwm
If you are detecting 100% of threats detected by EDR w/o EDR, you probably don't *need* an EDR solution at all.
7/27/2015, 6:18:05 AM
Favs: 0
Retweets: 0
link