EDR features' comparison
This project aims to track and compare the telemetry features implemented in various EDR systems for Windows. The document serves as a telemetry comparison table, detailing the capabilities of different EDR products in capturing specific types of telemetry data that are relevant to cybersecurity.
📌CrowdStrike and Microsoft Defender for Endpoint (MDE) appear to have a comprehensive implementation of features across multiple categories. Both products have a high number of features marked as fully implemented (✅) across various telemetry feature categories. This indicates a broad coverage in terms of telemetry data collection capabilities, which is crucial for effective endpoint detection and response.
📌On the other end of the spectrum, WatchGuard and Harfanglab have a noticeable number of features marked as not implemented (❌) or partially implemented (⚠️). This suggests that these products may have gaps in their telemetry data collection capabilities compared to other EDR products listed in the document.
Vkontakte
Twitter
Одноклассники
Предыдущий
