In the past year we’ve seen an influx of endpoint detection and response (EDR) tools that promise to bring order, through greater visibility, to the wild west of endpoints within a large organization.

The scenario is all too common: IT security usually doesn’t know all of the hardware and software assets that need to be protected, yet has to protect them.

Even as we struggle to put security controls in place for prevention, we know that many of these endpoints are already compromised by active threats that need to be detected, assessed, quarantined, and remediated.
EDR tools are built for detection and response (hence the category name), and most leave it at that. Promisec adds sophisticated remediation to Promisec Endpoint Manager (PEM), which is precisely why I was interested in getting a close look at the product. Like other EDR products, PEM can scan endpoints on a schedule to detect anomalies or abnormalities and verify that security controls — such as required applications, patches, settings, and so on — are in place. Unlike other products in the category, PEM can also launch scripts on the endpoints to take corrective action.

Leave a Reply