Understanding EDR/NGAV

Hayden Kirk

March 30, 2024

Recap: This is part two of a six-part series. In our introductory post for this series of six, we described our journey to reshape cybersecurity for small businesses in New Zealand, seeking to deliver a consolidated stack of modern products in partnership with US security firm, Todyl. We introduced the need for decentralized firewall security and round-the-clock protection against cyber threats. Partnering with Todyl allowed us to extend their global network into New Zealand, making enterprise-level cybersecurity accessible to small Kiwi businesses for the first time.

Understanding EDR/NGAV

Before we delve deeper into our series on revolutionising cybersecurity for small businesses, it’s crucial to understand the significance of endpoint security within the broader spectrum of cybersecurity. Endpoint security, encapsulated by Endpoint Detection and Response (EDR) and Next-Generation Antivirus (NGAV), focuses on protecting individual user devices like laptops and desktops within a network. In today’s interconnected digital landscape, where cyber threats continue to evolve, securing these endpoints should be looked at as the starting point for your cyber security program.

However, managing standalone antivirus services often presents challenges such as security fatigue, unmonitored alerts and fragmented protection measures. There are some endpoint services available in the IT managed services market which come bundled with other systems like patching software, but these are often watered-down versions. Using standalone EDR/Antivirus tools might provide better protection but generally have limited integration. Worse, its not uncommon for business to have antivirus running virtually unmanaged with no watching or acting on alerts.

Let’s explore how integrating EDR/NGAV into our consolidated cybersecurity stack addresses these challenges while fortifying businesses against modern cyber threats.

Moving to EDR/NGAV with Todyl

As a managed service provider (MSP), we’re excited to introduce our new primary security partners, Todyl, a US cyber security provider. While Todyl provide a comprehensive security solution, one of its core components is Endpoint Detection and Response (EDR) combined with Next-Generation Antivirus (NGAV). But what does this mean for you and why is it critical for your organisation’s cybersecurity posture?

EDR and NGAV Explained

At its heart, EDR is a technology that monitors end-user devices (like computers and servers) to detect and respond to cyber threats. Unlike traditional antivirus, which relies on known virus signatures to prevent attacks, EDR provides real-time monitoring and analysis of behaviour on these devices. This means it can identify threats that haven’t been seen before, based on unusual activities or patterns.

NGAV, on the other hand, extends traditional antivirus capabilities with advanced technologies like machine learning and artificial intelligence. This enables it to predict and prevent a wider range of threats, including malware that has been specifically designed to evade detection.

Why Todyl’s EDR/NGAV is Superior

Todyl’s integration of EDR and NGAV offers a dynamic defence mechanism against the evolving threat landscape. This dual approach ensures that even the most sophisticated attacks can be identified and mitigated before they cause harm. For New Zealand businesses, this means enhanced protection against everything from ransomware to phishing attacks, without the need for constant manual intervention.

The partnership between Layer3 and Todyl has made advanced cybersecurity services accessible to small and medium-sized businesses in New Zealand, offering robust protections without the need for deep cybersecurity expertise or extensive IT infrastructure. This collaboration ensures that smaller entities can effectively shield themselves against digital threats.

We believe that Todyl’s EDR/NGAV solution represents a significant step forward in cybersecurity for Layer3 clients. By offering advanced threat detection and prevention capabilities in an easy-to-use package, it enables organisations of all sizes to protect their digital assets and maintain their trustworthiness in a challenging online environment.

Next Up in this Series

Stay tuned for our next post in this six-part series, in which we’ll explore another crucial component of the Todyl platform: SIEM (Security Information and Event Management).

Contact us