EDR AND XDR AS THE MAIN ENDPOINT SECURITY TECHNOLOGIES
DOI:
https://doi.org/10.28925/2663-4023.2025.28.808Keywords:
endpoint protection, cybersecurity, security tools, network security, endpoint protection technologies, XDR, EDR, Fortinet, Symantec, cyberattackAbstract
The article analyzes the role of Endpoint Security as a key element of modern IT infrastructures, which plays a key role in countering cyber threats at the initial stage of attacks. Traditional tools, such as EPP (Endpoint Protection Platform), which are based on signature analysis and blocking known threats, are considered. A detailed review of EDR (Endpoint Detection and Response) highlights its advantages: continuous real-time monitoring of endpoint activities, the use of machine learning to identify anomalies, and behavioral analytics to detect suspicious activity. EDR provides not only detection, but also automated response mechanisms: blocking suspicious activities, isolating devices from the network, and removing malicious code. XDR (Extended Detection and Response) is presented as an evolutionary development of EDR, where data analysis takes place at the level of the entire infrastructure. The technology aggregates information from endpoints, network sensors, cloud services, email, and SIEM systems to provide a comprehensive view of threats. XDR automates the correlation of events, detects complex attacks that span different network segments, and accelerates response through centralized management (e.g., simultaneously blocking threats in different environments). A comparison of EDR and XDR demonstrates that the latter eliminates the fragmentation of tools, provides a single interface for monitoring, and reduces the operational burden on security teams. Examples of technology implementation are described below: FortiManager, a tool for centralized management of security policies, configuration of firewalls, monitoring events in different network segments, and coordination of EDR solutions; Symantec Endpoint Security Complete, a platform that combines EDR, antivirus protection, application control, data encryption, and protection against exploits, providing multi-level protection for corporate devices.
Downloads
References
ussain, A., Mark, W., & Toins, A. (2021). Endpoint Security: On the Frontline of Cyber Risk. Community Banking Connection, (3). https://www.communitybankingconnections.org/articles/2021/i3/endpoint-security-on-the-frontline-of-cyber-risk
Click Here to Kill Everybody. (n. d.). Schneier on Security. https://www.schneier.com/books/click-here/
A Framework for Cybersecurity Gap Analysis in Higher Education. (n. d.). AIS eLibrary. https://aisel.aisnet.org/sais2019/6/?utm_source=chatgpt.com
Richard Clarke’s Cyberwar: File Under Fiction. (n. d.). WIRED. https://www.wired.com/2010/04/cyberwar-richard-clarke/?utm_source=chatgpt.com
Ostapov S.E., Yevseiev S. P., & Korol O. H. (2013). Information security technologies. HNEU. https://repository.hneu.edu.ua/handle/123456789/22547
Chiradeep BasuMallick. (2022). What Is Endpoint Detection and Response? Definition, Importance, Key Components, and Best Practices. Spiceworks. https://www.spiceworks.com/it-security/endpoint-security/articles/what-is-edr/
What Is Endpoint Detection and Response (EDR). (n. d.). Cisco. https://www.cisco.com/c/en/us/products/security/endpoint-security/what-is-endpoint-detection-response-edr-medr.html
What is XDR Explained? An overview of Extended Detection and Response Technology. (n. d.). OpenEDR. https://www.openedr.com/blog/xdr-explained/
Shaji George, A., Hovan George, A.s, Baskar, Dr T, & Pandey, D. (2021). XDR: The Evolution of Endpoint Security Solutions -Superior Extensibility and Analytics to Satisfy the Organizational Needs of the Future. IJARSCT, 8(1), 493–501. https://doi.org/10.5281/zenodo.7028219
Makenzie Buenning (2024). EDR vs XDR: What’s the Difference? NinjaOne. https://www.ninjaone.com/it-hub/endpoint-management/edr-vs-xdr-whats-the-difference/
XDR vs. EDR: Similarities, Differences, and How to Choose. (n. d.). Cynet. https://www.cynet.com/xdr-security/xdr-vs-edr/
Honcharova, L.L., Voznenko, A.D., Stasiuk, O.I., & Koval, Yu. O. (2013). Fundamentals of information security in telecommunication and computer networks. State Economic and Technological University of Transport. https://studfile.net/preview/9649827/
Central Network Management. (n. d.). Fortinet. https://www.fortinet.com/products/management/
fortimanager
Symantec Endpoint Security Complete. (n. d.). Broadcom. https://www.broadcom.com/products/
cybersecurity/endpoint/end-user/complete
Mykhailyshyn, D. A. (2022). Methods of detecting intrusions into computer networks. Cybersecurity and computer-integrated technologies, 68–69.
From EDR to XDR and Beyond: The Evolution of Endpoint Security. (n. d.). Cisco. https://newsroom.cisco.com/c/r/newsroom/en/us/a/y2023/m05/from-edr-to-xdr-and-beyond-the-evolution-of-endpoint-security.html
Published
How to Cite
Issue
Section
License
Copyright (c) 2025 Діана Примаченко, Сергій Голобородько, Надія Святська, Олександр Дьячук, Михайло Недодай
This work is licensed under a Creative Commons Attribution-NonCommercial-ShareAlike 4.0 International License.
