Endpoint detection and response (EDR) security software has grown in popularity and effectiveness as it allows security teams to quickly detect and respond to a variety of threats. EDR software offers visibility into endpoint activity in real time, continuously detecting and responding to attacker activity on endpoint devices including mobile phones, workstations, laptops, and servers.

In this buyer’s guide for CSOonline, I explain some of the benefits, trends, and questions to ask before evaluating any products. I also briefly touch upon six of the more popular tools. One of them, Palo Alto Networks’ Cortex XDR, has a dashboard that looks like the below screencap.