Description

Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you'll learn that EDR is not a magical black box - it's just a complex software application built around a few easy-to-understand components. The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.

Evading Edr: The Definitive Guide to Defeating Endpoint Detection Systems.

Product form

£51.29

Includes FREE delivery
RRP: £56.99 You save £5.70 (10%)
Usually despatched within 4 days
Paperback / softback by Matt Hand

1 in stock

Short Description:

Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs... Read more

    Publisher: No Starch Press,US
    Publication Date: 31/10/2023
    ISBN13: 9781718503342, 978-1718503342
    ISBN10: 1718503342

    Number of Pages: 312

    Non Fiction , Computing

    Description

    Nearly every enterprise uses an Endpoint Detection and Response (EDR) agent to monitor the devices on their network for signs of an attack. But that doesn't mean security defenders grasp how these systems actually work. This book demystifies EDR, taking you on a deep dive into how EDRs detect adversary activity. Chapter by chapter, you'll learn that EDR is not a magical black box - it's just a complex software application built around a few easy-to-understand components. The author uses his years of experience as a red team operator to investigate each of the most common sensor components, discussing their purpose, explaining their implementation, and showing the ways they collect various data points from the Microsoft operating system. In addition to covering the theory behind designing an effective EDR, each chapter also reveals documented evasion strategies for bypassing EDRs that red teamers can use in their engagements.

    Customer Reviews

    Be the first to write a review
    0%
    (0)
    0%
    (0)
    0%
    (0)
    0%
    (0)
    0%
    (0)

    Recently viewed products

    © 2025 Book Curl,

      • American Express
      • Apple Pay
      • Diners Club
      • Discover
      • Google Pay
      • Maestro
      • Mastercard
      • PayPal
      • Shop Pay
      • Union Pay
      • Visa

      Login

      Forgot your password?

      Don't have an account yet?
      Create account