2022-06-17T07:03:00Z
Hello all,
An anti-virus (AV) works based on the file signature mechanism and an Endpoint Detection and Response (EDR) tool is behavior-based.
Do we need to useboth EDR and AV solutions or EDR-only to protect our IT assets?
Thanks.
reviewer1740369
Works at Jkumar infra
- 8
- 1249
Answer
FollowingFollow
Share
Get the category report
Helped 757,660 peers since 2012
8 Answers
Last answered Dec 15, 2022
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-195793
CP
Carsten Dan Petersen
Partner Account Manager 🔆 at SEC DataCom A/S
Reseller
Top 20
2022-06-24T07:27:29Z
Jun 24, 2022
The short answer is no. EDR includes EPP (EndPoint Protection) which is more advanced that antivirus and detects zero-day threats, malicious behaviour and much more.
Also, products like SentinelOne make Incident Response and threat hunting so much easier because they track and recordall the relevant events happened during an attack.
Like(4)
Reply
Search for a product comparison in IT Asset Management
Go!
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-195161
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Real User
ExpertModerator
2022-06-19T06:47:36Z
Jun 19, 2022
Hi @reviewer1740369​,
When evaluating EDR vs. antivirus, it’s important to note that an Endpoint Detection and Response solutiondoes all that the best antivirus product does – and more. Typically it is recommended other antivirus tools be removed when an EDR solution is installed.
Running both can cause slowness or other technical issues on systems and devices. To defend against complex and evolving threats, the choice is clear – Endpoint Detection and Response will give you more advanced security.
Like(3)
Reply
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-195162
Shibu Babuchandran
Regional Manager/ Service Delivery Manager at a tech services company with 201-500 employees
Real User
ExpertModerator
2022-06-19T06:51:17Z
Jun 19, 2022
Hi @reviewer1740369​,
Hope this will be helpful when you have to take a call for exact differences.
EDR Features:
1. EDR includes real-time monitoring and detection of threats – including those that may not be easily recognized or defined by standard antivirus. Also, EDR is behavior-based, so it can detect unknown threats based on a behavior that isn’t normal.
2. Data collection and analysis determine threat patterns and alerts organizations to threats
3. Forensic capabilities can assist in determining what has happened during a security event
4. EDR can isolate and quarantine suspicious or infected items. It often uses sandboxing to ensure a file’s safety without disrupting the user’s system.
5. EDR can include automated remediation or removal of certain threats
Antivirus Features:
1. Antivirus is signature-based, so it only recognizes threats that are known.
2. AV can include scheduled or regular scanning of protected devices to detect known threats
3. Assists in the removal of more basic viruses (worms, trojans, malware, adware, spyware, etc.)
4. Warnings about possibly malicious sites
Like(2)
Reply
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-228937
Navcharan Singh
Senior Seo Executive at Ace Cloud Hosting
Consultant
Top 5
2022-12-15T04:54:15Z
Dec 15, 2022
There is a lot of discussion on this topic, and opinions vary. Some people believe that using both an EDR solution and an AV solution is the best way to protect your computer, while others believe that using one or the other is sufficient.
The truth is that there is no one right answer. The best way to protect your computer is to use a combination of both EDR and AV solutions, as this will provide the most comprehensive protection. However, if you are only able to use one or the other, then it is better to use an EDR solutionrather than an antivirus.
Like(1)
Reply
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-228752
Remy Ma
Network Security Services at ACE Managed Securty Services
Real User
Top 5
2022-12-13T04:23:45Z
Dec 13, 2022
It depends on your organization's security posture. A multi-layered security approach is always best and should include EDR vs antivirus solutions. Additional layers might include a firewall, intrusion detection/prevention system (IDS/IPS), email security, and web filtering.
EDR solutions use rules-based detection to identify malicious or unauthorized activity. This type of detection is very effective at identifying attacks that have bypassed traditional AV solutions. EDR solutions can also help you quickly identify and respond to incidents, improve your visibility into what's happening on your network, and help you optimize your security resources.
Like(1)
Reply
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-200417
Jairo Willian Pereira
Information Security Manager at a retailer with 10,001+ employees
Real User
Top 5
2022-08-05T18:53:35Z
Aug 5, 2022
´til now, both. EDR technology is moving to XDR but is on "peak of inflated expectations", the second of five phases in product development hype (Gartner). I'd rather wait a little bit, may be ZDR :)
Like(1)
Reply
Download Free Report
Find out what your peers are saying about ServiceNow, BMC, Freshworks and others in IT Asset Management. Updated: February 2024.
DOWNLOAD NOW
757,660 professionals have used our research since 2012.
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-195990
Kevin Mabry
CEO, Author, Cyber security best practices at Sentree Systems, Corp.
Reseller
Top 10
2022-06-27T05:06:11Z
Jun 27, 2022
Hi,
No, you don't need both because EDR is an advanced Antivirus with behavior-based analysis.
Unless you have a whole team that is able to determine and parse the data, you might even consider an MDR (Managed Detection & Response). MDRs have a team watching the alerts. They monitor the device logs and, if it is advanced enough, they will also monitor your firewall traffic as well.
Like(1)
Reply
https://www.peerspot.com/questions/do-we-need-to-use-both-edr-and-antivirus-av-solutions-for-better-protection-of-it-assets#comment-195795
CA
reviewer1871766
Product Manager at a comms service provider with 51-200 employees
Real User
Top 5Leaderboard
2022-06-24T13:45:19Z
Jun 24, 2022
These two solutions are more like complementary tools.
However, if you "really" have a security team that works 24/7, then you might not need an AV but this team should be really competent. Otherwise, it won't produce the result you're expecting.
Like(0)
Reply
IT Asset Management
IT Asset Management (ITAM) solutions are instrumental in managing Hardware, Software, and other IT assets. These assets are the center of your organization’s IT Infrastructure, and their lifecycle management requires improved control over inventory, tracking, and maintenance.
Download IT Asset Management ReportRead more
Related categories
IT Asset Management
Managed Security Services
Anti-Malware Tools
EDR (Endpoint Detection and Response)
Digital Asset Security Platforms
Related Q&As
Nov 17, 2022
What are the main benefits of modern IT Asset Discovery tools?
Feb 3, 2022
When evaluating IT Asset Management, what aspect do you think is the most important to look for?
Oct 27, 2014
Flexera IT Asset Management vs. ServiceNow?
Apr 9, 2014
Which is the best asset manager?
Thank you for letting us know
Our editorial team will check your request.
Users
Provide a ReviewInfo for VendorsAdd a Product
Company
About UsBlogNewsCareersContact
Policies
PrivacyCookiesTerms of UseGuidelines
