Endpoint Detection & Response

Maximises your security and helps to detect, predict and resolve incidents



From prevention to comprehensive defence and response to security incidents

Comprehensive prevention measures and security solutions make life significantly harder for attackers. BUT: they do not provide a 100% guarantee of security.

If an intruder manages to break into your system anyway, you should be able to detect this as soon as possible. 

Detecting and responding quickly to threats is critical to effectively averting major damages. 

With Drivelock Endpoint Detection & Response (EDR) you can upgrade your IT security and transform your security strategy from only prevention to detection and response! 

Detection and containment of security incidents, rather than only file-based malware. 

Security incident investigation and threat hunting. 

Provision of response options for recovery after a security incident. 

Prediction of potential security breaches
e.g. the current security status of an endpoint is displayed and advice is given on how to avoid threats. 


The DriveLock EDR solution is comprehensive.

To increase IT security, you also need functions that monitor, alert - should a break-in occur - and make predictions. DriveLock supports these features.

Monitoring activity on the endpoint without interference

DriveLock EDR allows monitoring of the endpoint activity in real-time - without interfering with the ongoing attack. 

Reaction to incidents and forensic investigations

EDR provides IT security teams and forensic investigators with the necessary information to perform their analysis. Automation of alerts, as well as defensive reactions such as the shutdown of certain processes, is possible.

Support for cleaning up and fixing problems

The EDR solution enables more effective cleanup and remediation after an attack. 

A combination of whitelisting & blacklisting with recognition possibilities from analysis

DriveLock EDR combines whitelisting and blacklisting technologies (regarding applications, certificates, data carriers) with behavioural analysis.

Test now


DriveLock EDR in action - dashboard, event filter definition and response definition

Event filter definition with DriveLock Endpoint Detection & Response

DriveLock Event Settings - more than 600 events

  • More than 600 events are detected, correlated and evaluated on the endpoints
  • Response options can be flexibly defined
  • Automation of alerts and defensive reactions 
Continuous real-time monitoring on endpoints | Endpoint Detection and Protection platform by DriveLock/>

DriveLock Operations Dashboard

  • Web-based interface for investigation, threat-hunting and reaction to attacks
  • Condition-based security incidents can be viewed centrally

Test now

Continuous real-time monitoring on endpoints | Endpoint Detection and Protection platform by DriveLock

All advantages of the DriveLock EDR solution

  • DriveLock EDR helps where prevention through EPP (Endpoint Protection Platform) ends
  • Recognises and remediates security incidents before major damage occurs
  • Automates routine work of your IT security
  • Adapts flexibly to your IT security strategy
  • Integration into other systems such as Security Information and Event Management (SIEM) for further processing
  • DriveLock combines all its solutions, Data Protection, Endpoint Protection, EDR and Identity & Access Management in its Zero-Trust platform