From the course: Introduction to SecOps on Google Distributed Cloud (GDC) by Google
Join today to access over 25,500 courses taught by industry experts.
Endpoint Detection and Response (EDR) - Google Cloud Platform Tutorial
From the course: Introduction to SecOps on Google Distributed Cloud (GDC) by Google
Endpoint Detection and Response (EDR)
- [Instructor] EDR stands for Endpoint Detection and Response. The EDR system is a local security solution that acts on individual endpoints in order to make automated security decisions. These automated decisions include sending alerts and enabling proactive responses to mitigate potential threats. EDR can then integrate with the SIEM system for reporting purposes. By running security locally on the endpoint, EDR allows for continuous monitoring in real-time. This enables rapid detection of security events and a quicker response to incidents. Also, EDR reduces network latency by decentralizing log analysis. EDR enhances security oversight by supporting detection and response when endpoints are offline. So what is an endpoint? An endpoint refers to any computing device connected to the local network and use to operate, run workloads, or access the platform. An endpoint can then be the following: an infrastructure…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Download courses and learn on the go
Watch courses on your mobile device without an internet connection. Download courses using your iOS or Android LinkedIn Learning app.
Contents
-
-
-
-
-
(Locked)
Module overview1m 44s
-
(Locked)
Logs in the GDC SOC4m 8s
-
(Locked)
Manual and automated security processes1m 12s
-
(Locked)
Security Information and Event Management (SIEM)4m 3s
-
(Locked)
Security Orchestration, Automation, and Response (SOAR)3m 59s
-
(Locked)
Endpoint Detection and Response (EDR)5m 1s
-
(Locked)
SIEM, EDR, and SOAR at Cymbal Federal1m 41s
-
(Locked)
An introduction to incident management6m 7s
-
(Locked)
The activities behind incident management6m 49s
-
(Locked)
The end-to-end incident response process1m 14s
-
(Locked)
Monitor2m 46s
-
(Locked)
Intake3m 49s
-
(Locked)
Escalate1m 45s
-
(Locked)
Investigate4m 19s
-
(Locked)
Contain and remediate2m 38s
-
(Locked)
Recover and report2m 52s
-
(Locked)
Recap of incident response management1m 18s
-
(Locked)
The incident response plan (IRP)1m 34s
-
(Locked)
The challenges of proactive cyber security4m 2s
-
(Locked)
Advanced security services in the SOC3m 7s
-
(Locked)
Advanced security services at Cymbal Federal2m 9s
-
(Locked)
The asset inventory3m 58s
-
(Locked)
Introduction to threat modeling5m 41s
-
(Locked)
Introduction to vulnerability management7m 26s
-
(Locked)
Introduction to security engineering6m 35s
-
(Locked)
Module review1m 9s
-
(Locked)
-
-