alphaspirit - Fotolia
By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.
Gartner coined the term EDR to describe tools primarily focused on detecting and investigating suspicious activities and traces of such on endpoints.
Some 72% of the nearly 400 respondents said they plan to increase their endpoint security budget in the next year, with 32% of those saying the increase will be “substantial”.
Most respondents said cyber attacks in the past 12 months involved methods that typically bypass traditional perimeter defences, with only 27% reporting attacks from commodity malware.
More than a quarter of respondents said they consider endpoint detection and response to be one of the most important security controls.
The majority (95%) said advanced software functionality for malware removal and system recovery without the need to reimage a system is important, with 23% citing reimaging endpoints as one of their organisation’s top endpoint security challenges.
The survey indicates the EDR market is growing and that EDR tools have become one of the most important capabilities in the enterprise security suite as security teams seek tools deal with security alerts, identify real threats and remediate attacks without taking endpoints offline for reimaging.
“Security professionals across all industries are facing critical attacks on their networks and are finding it more and more difficult to respond quickly and efficiently,” said Patrick Dennis, president and CEO of Guidance Software.
“While organisations can try to do everything in their power to prevent breaches, they must accept the reality that no network is completely secure. By adopting the right tools and processes for rapid detection and response, security teams can be more confident in their abilities to find and remediate issues when – not if – a breach occurs,” he said.
According to a recent article published by SearchSecurity, endpoint security advances in behaviour analytics, sandboxing and machine learning are increasing its capacity to mitigate advanced malware and play a significant role in defending the enterprise against evolving threats.