Comodo this week opened the source for its Endpoint Detection and Response (EDR) system. Thus, the company became the first major vendor to take such a step.
We are talking about the OpenEDR system , the source code of which is uploaded by Comodo to GitHub . By the way, back in September the company promised to open OpenEDR.
As a reminder, EDR systems are designed to be more proactive, which sets them apart from classic antivirus solutions. Endpoint Detection and Response monitors suspicious activity on endpoints and on the local network. If such a system detects strange behavior, a special notification will be sent to IT professionals. As a result, the company will have a chance to conduct a prompt investigation of the revealed anomaly.
As for Comodo, the decision to publish the source code was well commented by Alan Knepfer, Director of Revenue: “We are opening our EDR system because we feel the need to get involved in the fight against cyber threats, as the number of the latter is constantly growing. And it’s not about profit and the ability to sell something to someone. “