ISSN Approved Journal || eISSN: 2582-8185 || CODEN: IJSRO2 || Impact Factor 8.2 || Google Scholar and CrossRef Indexed
Fast Publication within 48 hours || Low Article Processing Charges || Peer Reviewed and Referred Journal || Free Certificate
Complete EDR coverage: A framework for scalable deployment across enterprise systems
Independent Researcher, USA.
Research Article
International Journal of Science and Research Archive, 2024, 13(02), 1491-1501.
Article DOI: 10.30574/ijsra.2024.13.2.1129
Publication history:
Received on 19 May 2024; revised on 26 June 2024; accepted on 29 June 2024
Abstract:
The escalating complexity and volume of cyber threats targeting enterprise endpoints necessitate robust, scalable, and intelligent Endpoint Detection and Response (EDR) solutions. The study sets out to plan a strong EDR framework which is designed to serve the entire organization and can be increased easily as the company grows. The framework integrates lightweight agents, a hybrid detection engine combining rule-based and behavior-based models, and a distributed microservices architecture. With these components, we get better detection and still use few resources and respond fast. Researchers test the framework by setting up enterprise environments with up to 10,000 endpoints and measure its detection, how rapidly changes are shared to every endpoint and its ability to resist attacks. The model demonstrates effectiveness in decreasing alert clutter, allows for smoother handling of data as resources are added and enhances reaction to threats in real time through analysis of the data. The proposed system also improves SOC productivity by reducing false positives and automating policy orchestration. Since the solution functions best in cloud environments, alternatives are presented for when it’s used in hybrid or confined situations. The work in this research can be modified to fit modern security needs in large businesses and supports future broken forms of EDR protection systems using AI.
Keywords:
Endpoint Detection and Response (EDR); Scalable cybersecurity architecture; Hybrid detection engine; Microservices; Threat detection
Full text article in PDF:
Copyright information:
Copyright © 2024 Author(s) retain the copyright of this article. This article is published under the terms of the Creative Commons Attribution Liscense 4.0
