Comodo, a well known cybersecurity firm, has released its Open Source endpoint detection and response solution, named OpenEDR. In a statement by Comodo’s chief Revenue Officer at Comodo, the company feels strongly that as cyber threats increase every company should have access to this capability, regardless of budget or ability to purchase. OpenEDR will include the basic functionality of an EDR, including the ability to roll out custom detections, real-time monitoring of workstations, detection of fileless threats, and more.
With the release of this open-source EDR solution, companies that previously couldn’t afford EDR can now implement this solution. Implementing an EDR solution is only one step in properly securing an organization however, as you still need people monitoring the EDR product, along with someone to tune the product and implement custom detections. Because of this, Binary Defense recommends both their Security Operations Task Force, for 24/7 SOC monitoring, along with their ThreatHunting team, for rule tuning and detection implementation.