Views:

Configure and manage the XDR for Endpoints (EDR) module settings.

Important
Important
  • Enabling XDR for Endpoints (EDR) requires credits for each endpoint assigned to the policy.
  • Navigating between the security modules or leaving the Policy Settings screen discards any unsaved changes. To avoid losing your work, always click Save before leaving the current screen.
  • To enhance blocking of URLs and domains added to your suspicious objects list, enable the browser extension on your endpoints.
XDR for Endpoints (EDR) gathers activity data for state-of-the-art threat detection and alerting. Enabling XDR for Endpoints (EDR) also enables agent self-protection features including:
  • Prevention against tampering or deleting of essential files.
  • Protection for core services against being stopped or uninstalled.
  • Built-in safeguards to ensure stable operation of the agent.

Procedure

  1. To monitor and gather security data using XDR for Endpoints (EDR), select Enable.
  2. Configure the Monitoring level.
    Monitoring level is the degree of vigilance and strictness applied when detecting and responding to potential threats. Higher monitoring levels provide greater sensitivity but might generate a large number of nonessential logs and impact endpoint performance. TrendAI™ recommends setting your monitoring level to 2 - Moderate for more relevant data with minimal impact on your endpoints.
  3. To allow the agent to analyze video calls to detect possible deepfake audio and images, select Enable for Deepfake detector.
    Important
    Important
    Deepfake detector supports the following deployments:
    • Agents deployed to Windows
    • Agent version 202604 or later deployed to macOS 13 or later on ARM64 endpoints (Apple Silicon).