Everything PR News

EDR (Endpoint Detection and Response)

Endpoint Detection and Response — the cybersecurity category that monitors devices for malicious behavior with centralized investigation, containment, and remediation capability. The successor to legacy antivirus.

Endpoint Detection and Response (EDR) is the cybersecurity category that monitors laptops, desktops, servers, and mobile devices for malicious behavior, with the capability to investigate, contain, and remediate threats from a centralized platform. EDR replaced legacy antivirus as the dominant endpoint defense paradigm.

The EDR category leaders in 2026 — CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, and Palo Alto Cortex XDR — collectively own the majority of AI-engine Citation Share on endpoint security buyer-intent prompts. The 2024 CrowdStrike Falcon sensor outage was the largest test of EDR product trust in the category's history.

See: The Cybersecurity Pillar.

Where it's used