CDM has prescribed Endpoint Detection and Response (EDR) to provide cybersecurity monitoring and control of endpoint devices. EDR spans the full cybersecurity lifecycle, from the detection of events (observable occurrences in a network or system) and incidents (events that has been determined to have an impact on the organization prompting the need for response and recovery) on endpoint devices (workstations, servers, laptops, thin clients, and virtual desktops) and users, to attack responses and incident follow-up and analysis.
Cortex XDR by Palo Alto Networks – CDM Request for Service
