Antivirus VS. Endpoint Detection and Response

Cyber Security is always evolving, hackers always finding new ways to attack your digital workspace.

Skycomp is always looking at ways to get ahead of the bad actors and hackers.

Really drives us crazy when others author articles about this stuff, and we miss the point to educate the non-technical user. (That might be you) you are trying to understand why this is important for your organization’s safety, and all larger IT companies can do is write high level technical jargon that lets important information fall through the cracks…

We are going to translate this technical jargon into words you can understand and see why we are making this choice to switch.  Before we get into this topic, we have a few things we need you to understand:

What Cyber Security Risks in are in the Niagara Region?

They are especially high right now. We’ve heard of many exploits happen in the news; we’ve been hired on to deal with an organization that had been exploited. This is a very real, recent thing. Take it seriously. 

Local Cyber attack that happened recently: Local St. Catharines Cyber Attack

What is an Endpoint?

And endpoint is just a fancy term for where the internet meets a piece of technology, so a Desktop, Laptop, Smartphone, workstation, tablet, server, you get the picture. Does the device have a way to connect to Wi-Fi? It is most likely an endpoint.

What does Antivirus do?

Most antivirus systems or software/tools scan your computer a bunch of times per day, looking for threats from emails, web surfing, apps, downloads, anything that seems off or sketchy about your computer, most likely Antivirus will find it. When working with a Managed Service Provider like ourselves our Antivirus tools are installed on your system from day one. It sends us notifications if anything looks like it could potentially be a hacker on your computer. We can then jump in and intervein before it becomes a bigger issue.

Now that you understand the basics of Antivirus, and Endpoints we can tell you a bit more about what an EDR (Endpoint Detection Response) is. We find especially in IT world; we’ve got a lot of abbreviations.

What does an EDR do?

When you are on your computer, using any different software, browsing the internet, whatever you’re doing. Your computer is sending out and receiving data, all types, and shapes of data. EDR utilizes these large amounts of data and Artificial Intelligence to detect cyber security threats.

What are the major differences between Antivirus and EDR?

Antivirus is not always perfect, neither is EDR, BUT – Antivirus does rely on a Human to see and deal with the notification, to go in and solve the issue. EDR takes a more A.I approach, having the system automatically find and deal with the issue. Then notifying our team about it.

A Chart To Help You Compare! 

AntivirusEDR
 Places an identifier on the threat so it can be found in the future. Contains malicious activity 
 Great for already known threats. Activily seeks threats using data exploration.
 Uses a lot of CPU and Computer memory. Constantly scanning – device memory still works quickly.
 Protection from Spyware A.I controls alerts 
 Protects Passwords Automatically rolls back systems to state before it was hacked.

Aren’t you the ‘tech guys’ why do you need A.I to help you?

That is a very good point. But the reason we are looking at this as an option, is because hackers are developing new ways to attack an endpoint. One structure is known as ‘fileless malware’ this makes it, so we never actually see anything on your system, its hiding in the attack in a program or software you already have installed on your system. So, it can sneak past antivirus. This is just one of the many different types of malwares that can get onto your system.

Skycomp is constantly monitoring and watching for cyber security threats, updating windows patches, server patches to ensure hackers have no way in. Hackers are constantly adapting becoming craftier and we are not afraid of them, we just want to make sure that we’ve put everything in place to stop a new type of attack from hitting your organization.

Let’s work together to continue to protect you and your organization from exploits!

Stop worrying about IT.

If our team sounds like a good fit for your organization, we’d love the opportunity to show you how we can help.