About the EDR Telemetry Project
The EDR Telemetry Project aims to provide a comprehensive comparison of various Endpoint Detection and Response (EDR) solutions based on their telemetry capabilities. By analyzing the data collected from different EDR tools, the project helps organizations make informed decisions when selecting an EDR solution that best fits their security needs.
Project Goals
- Compare the telemetry data collected by different EDR solutions.
- Identify strengths and weaknesses of each EDR in terms of data visibility.
- Provide a resource for security professionals to evaluate EDR tools.
Data Collection
The project gathers data by testing various EDR solutions in controlled environments and documenting the types of telemetry each one captures. This includes information on processes, network connections, file activities, and other security-relevant events.
Contribute to the Project
The EDR Telemetry Project is open-source and welcomes contributions from the community. If you'd like to contribute or learn more, please visit the project's GitHub repository linked below.
Further Reading
For a detailed overview of the project's findings and methodologies, check out the blog post below:
EDR Telemetry Project: A Comprehensive Comparison
Author and Maintainer
Kostas is a security researcher who focuses on Threat Intelligence, malware, Incident Response, and Threat Hunting. Known for his contributions to various open-source security projects, he is an active member of the cybersecurity community. Opinions are his own.
@Kostastsale
/in/kostastsale