Endpoint detection and response necessary to prevent cyber threats

Johannesburg, 26 May 2020
Read time 3min 30sec

Traditional anti-virus protection, which is usually classified as an endpoint protection platform (EPP) tool, is not considered capable of dealing with many of the modern-day cyber security threats. The reasons for this include: the sophistication of modern cyber attacks that are no longer simply transmissions of malware; the multifaceted attack methods used today; involvement of human interactions; and the substantial growth in the number of attacks.

There is also the threat to the privacy of individuals being compromised when data gets stolen, as well as the theft of intellectual property from organisations that also suffer from the potential disruption of their functionality and operations to the point of some going into bankruptcy due to the financial losses caused.

It is for these reasons that more automated processes need to be put in place nowadays to detect and deal with security threats more effectively and timeously, as well as provide appropriate rapid remediation. This is why endpoint detection and response (EDR) has become a necessary addition to EPP tools in order to deal with modern cyber security threats. The merger of the two technologies helps provide the necessary defence mechanisms required by organisations, which it also does more efficiently with the optional automated components involved. The increased number of threats also results in substantial amounts of data involved in detecting and assessing them, which cloud-based solutions such as EDR, in conjunction with EPP, are able to deal with.

According to Gartner: "By the end of 2023, more than 50% of enterprises will have replaced older anti-virus products with combined EPP and EDR solutions that supplement prevention with detect and response capabilities." Gartner continued: "Older anti-virus solutions offer insufficient protection against today’s advanced threats and lack speed of response, nor do they provide the capability to show the root cause or damage done."

F-Secure is mentioned in Gartner’s Market Guide, with its MITRE-tested EDR solution. It received top results from the MITRE's test, with its technology reportedly detecting threats better than any other product on the market.

It is recommended that organisations choose an EDR vendor that has its solutions tested by highly rated independent organisations such as MITRE, which have no financial relationship with the vendor in terms of sponsorship or other monetary arrangements. The MITRE ATT&CK framework in particular has become a common and unifying language for cyber security vendors in order to identify attack methods used and map their solutions’ controls for easier and standardised reference purposes.

Effective vulnerability management has become crucial to organisations in managing threats, reducing how often they occur and assisting them with limiting the damage caused by attacks. Many organisations also lack the necessary resources and skills to respond timeously and effectively to threats and attacks, which is why EDR solutions like F-Secure’s Rapid Detection and Response (RDR) has proven itself as a valuable solution. With its professionally managed detection and response services that operate 24/7, RDR substantially reduces the risks associated with security breaches. RDR is also a SaaS (software as a service) based application that makes it affordable and quick and easy to deploy. This results in it being unnecessary to delay the roll-out of EDR at the risk of an organisation being compromised by the delayed implementation of the necessary security protection measures.

In order to get Gartner's advice on EDR and discover the latest trends in the market, visit the following link to its Market Guide.

The Market Guide will help:

Understand the current state and future direction of the EDR market;

Discover how EDR and EPP technologies are merging together; and

Make a more informed decision when purchasing an EDR solution.


Nobody knows cyber security like F-Secure. For three decades, F-Secure has driven innovations in cyber security, defending tens of thousands of companies and millions of people. With unsurpassed experience in endpoint protection as well as detection and response, F-Secure shields enterprises and consumers against everything from advanced cyber attacks and data breaches to widespread ransomware infections. F-Secure’s sophisticated technology combines the power of machine learning with the human expertise of its world-renowned security labs for a singular approach called Live Security. F-Secure’s security experts have participated in more European cybercrime scene investigations than any other company in the market, and its products are sold all over the world by over 200 broadband and mobile operators and thousands of resellers. Founded in 1988, F-Secure is listed on the NASDAQ OMX Helsinki Ltd.


Cybervision Pty Ltd is an IT security value-added distribution company that conducts business throughout Africa through a variety of resellers of various sizes and differing specializations. An F-Secure partner, Cybervision has extensive experience in data and network security with F-Secure’s solutions and have supplied services to many types of organisations in Africa, ranging from SMEs to large banks, insurers and government departments. Working with leading organisations in industry has resulted in an extensive understanding of security, allowing for a competitive advantage when it comes to ensuring that the right solutions are in place to adequately secure the networks of organisations of all sizes and types.

Cybervision has full-service teams capable of providing resellers and their customers with the necessary support services to ensure that their endpoint protection, vulnerability scanning and penetration testing is conducted efficiently and effectively to help prevent security breaches on their networks. The F-Secure Radar, Rapid Detection and Response (RDR) and Rapid Detection Service (RDS), as well as other F-Secure solutions are relied upon for much of Cybervision’s security expertise in mitigating risks and helping organisations manage complex security challengeswith a business-focused man-and-machine combined approach.

For more information contact

Editorial contacts
Grant Chapman (087) 3300 011
Login with