Cyber strategy

EDR – XDR – MDR: the keys to finding your way around

EDR, XDR or MDR: the keys to making the difference, and finding out which cybersecurity needs these solutions meet.
2 min

Endpoint Detection and Response (EDR), Extended Detection and Response (XDR) or Managed Detection and Response (MDR): what are they? How do you choose? What capabilities does each solution offer, and what needs does it meet? We take a look.

What is an EDR?

An EDR: for what purpose?

  • Endpoint attack prevention, incident response and remote remediation.
  • Scope: endpoints (workstations, servers). 

EDR capabilities

  • Detecting and blocking attacks. 
  • Analysis of endpoint activity.
  • Investigation into the causes of the incident.
  • Can be deployed in the incident response phase.
  • Restoring compromised endpoints. 

Who is an EDR designed for?

  • Any company or organization, to provide this essential safety component, via an internal or external supervision and incident response team. 

What is an XDR

An XDR: for what purpose?

  • Prevent attacks on information systems, automate incident response and correlate with threat data. 
  • Perimeter: flexible, depending on the detection coverage required (endpoints, network, applications, firewalls, etc.). 

XDR capabilities

  • Log collection, ingestion and correlation. 
  • Contextualization and correlation with the threat. 
  • Automated response through playbooks and orchestration of interactions between security bricks.  
  • Search for compromises.

Who is an XDR made for?

  • Any company or organization wishing to set up a complete security supervision system for its Information System, including an EDR, via an internal or external team.

What is an MDR?

An MDR: for what purpose?

MDR capabilities

For whom is an MDR made?

  • Companies or organizations wishing to outsource the overall management of security incidents, from detection to remediation, who have neither the skills nor the budget to set up an in-house team. 

In all cases, thehuman element must remain at the heart of the cyber strategy, so that the right tools can be chosen, and the right decisions made, depending on the risks weighing on the organization! 

EDR - SDR - MDR - The differences

Discover all the capacities of our EDR :