Symantec Endpoint Detection and Response
About Symantec Endpoint Detection and Response
Symantec Endpoint Detection and Response is a cybersecurity software from Broadcom that focuses on threat detection and incident response. It provides advanced threat intelligence, automated response capabilities, and endpoint visibility so organizations can identify and mitigate potential security risks efficiently. The platform supports real-time monitoring and analytics, enabling security teams to respond swiftly to emerging threats. Additionally, it includes comprehensive reporting features to assess security posture and compliance. Key capabilities: threat detection incident response endpoint visibility automated reporting integration with security tools Best for: IT security professionals that need to monitor and manage endpoint security threats effectively.
Symantec Endpoint Detection and Response (EDR) by Broadcom is a comprehensive cybersecurity solution designed to protect both traditional and mobile endpoints. The software is part of the broader Symantec Enterprise Security suite and is built to deliver multilayered defense against advanced threats, including ransomware and zero-day exploits. Its user interface is clean and intuitive, centered around a single cloud-based console that simplifies navigation and policy management. The layout is designed for clarity, allowing security teams to access threat data, configure settings, and deploy updates with minimal friction. AI-guided policy recommendations further enhance usability by reducing misconfigurations and streamlining decision-making. Functionally, Symantec EDR stands out for its integration of signatureless detection technologies with machine learning models powered by the Symantec Global Intelligence Network—one of the largest civilian threat databases. This enables the platform to identify and block unknown threats with high precision. It also supports attack surface reduction, automated response, and deception technologies, all within a unified agent architecture.
Pros & Cons
- +Easy deployment when integrated with Symantec Endpoint Protection.
- +Strong memory-based exploit detection and forensic capabilities.
- +Lightweight agent with minimal system impact.
- +Automated playbooks improve analyst productivity.
- +Effective quarantine and containment features during live attacks.
- −Licensing and admin tasks became more complex after Broadcom acquisition.
- −Reporting features are limited and sometimes delayed.
- −High RAM usage during background scans on older systems.
- −Integration with third-party suites can be problematic.
- −Some threats still require secondary tools for full coverage.
Features
Key features
- Automated Incident Playbooks
- Replicates expert-level threat response workflows to streamline investigations.
- Continuous Endpoint Recording
- Captures real-time activity for full incident playback and forensic analysis.
- Targeted Attack Analytics (TAA)
- Uses global telemetry and AI to detect and prioritize advanced persistent threats.
- Endpoint Quarantine
- Isolates compromised devices instantly during investigations.
- Memory Exploit Detection
- Identifies zero-day and memory-based attacks in popular applications.
- Cloud-Based Console
- Centralized management with AI-guided policy updates and minimal agent footprint.
Additional features
- Behavioral Analytics
- Detects anomalies based on user and system behavior.
- Threat Hunting Tools
- Enables real-time search for indicators of compromise across endpoints.
- Remediation Management
- Deletes malicious files and artifacts across affected systems.
- Whitelisting/Blacklisting
- Customizable file control at the endpoint level.
- Integration with SOC Tools
- Seamlessly connects with Splunk, ServiceNow, and other platforms.
- Secure Data Storage & Reporting
- Supports compliance with exportable incident reports.
Pricing
Countries & Languages
Interface languages
Billing currencies
No reviews yet
Be the first to drop a review
Alternatives to Symantec Endpoint Detection and Response
Nucleon EDR
Nucleon EDR is a cybersecurity software from Nucleon Security that provides endpoint detection and response…
CrowdStrike Falcon
CrowdStrike Falcon is a cybersecurity platform from CrowdStrike that provides advanced protection for endpoints, cloud…
CrococryptLib
CrococryptLib is a Windows file and folder encryption software from HissenIT that supports data protection…
Deep Instinct
Deep Instinct is a cloud data security platform from Deep Instinct that prevents and explains…
About Symantec Endpoint Detection and Response
Symantec Endpoint Detection and Response is a cybersecurity software from Broadcom that focuses on threat detection and incident response. It provides advanced threat intelligence, automated response capabilities, and endpoint visibility so organizations can identify and mitigate potential security risks efficiently. The platform supports real-time monitoring and analytics, enabling security teams to respond swiftly to emerging threats. Additionally, it includes comprehensive reporting features to assess security posture and compliance. Key capabilities: threat detection incident response endpoint visibility automated reporting integration with security tools Best for: IT security professionals that need to monitor and manage endpoint security threats effectively.
Symantec Endpoint Detection and Response Details
Symantec Endpoint Detection and Response's In-App Market Place
Does Symantec Endpoint Detection and Response have an in-app market place?
Yes
How many Mini-Apps in the marketplace?
1
Mini Apps
NA
Pricing Options
Accepted Payment Currencies
USD ($), EUR (€), GBP (£)
Pros & Cons
- Easy deployment when integrated with Symantec Endpoint Protection.
- Strong memory-based exploit detection and forensic capabilities.
- Lightweight agent with minimal system impact.
- Automated playbooks improve analyst productivity.
- Effective quarantine and containment features during live attacks.
- Licensing and admin tasks became more complex after Broadcom acquisition.
- Reporting features are limited and sometimes delayed.
- High RAM usage during background scans on older systems.
- Integration with third-party suites can be problematic.
- Some threats still require secondary tools for full coverage.
Symantec Endpoint Detection and Response's Support Options
Community Forums
https://community.broadcom.com/homeChatbot
AvailableSymantec Endpoint Detection and Response's Alternatives
Nucleon EDR
Nucleon EDR is a cybersecurity software from Nucleon Security that provides endpoint detection and response…
CrowdStrike Falcon
CrowdStrike Falcon is a cybersecurity platform from CrowdStrike that provides advanced protection for endpoints, cloud…
CrococryptLib
CrococryptLib is a Windows file and folder encryption software from HissenIT that supports data protection…
Deep Instinct
Deep Instinct is a cloud data security platform from Deep Instinct that prevents and explains…
