Wazuh EDR (Endpoint Detection and Response) is a security feature of the Wazuh platform that provides real-time detection and response capabilities for endpoint devices.
It uses a combination of signature-based and behavioral-based detection techniques to identify and alert on potential security threats or anomalies on endpoint devices. Wazuh EDR can be configured to monitor a variety of endpoint activity, such as file and network activity, system logs, and system configurations.
It can also be configured to perform specific actions in response to detected threats, such as quarantining a file or blocking network access.
Wazuh EDR is designed to provide a comprehensive view of endpoint security and to help organizations respond quickly to security incidents.